Report - 4568680.catchtheclick.com/

Report Overview

Submitted URL
4568680.catchtheclick.com/
IP
116.202.159.170
ASN
#24940 Hetzner Online GmbH
Submitted
2022-10-23 09:33:04
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.6 kB	7.1 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
cartining-specute.com	unknown	2021-02-01T00:37:43Z	2023-03-09T06:13:03Z	686 B	622 B	18.197.36.77
data-jsext.com	unknown	2022-07-27T07:02:20Z	2023-03-09T17:47:37Z	435 B	708 B	54.37.5.177
4568680.catchtheclick.com	unknown	2022-06-03T06:17:23Z	2023-01-15T11:46:34Z	788 B	3.6 kB	116.202.159.170
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.9 kB	34.160.144.191
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	796 B	93.184.220.29
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	46 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	331 B	700 B	142.250.74.35
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	44.237.51.86
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	1.0 kB	143.204.42.88
1076894.shakingclicks.com	unknown	2019-08-27T10:18:14Z	2023-02-26T15:09:08Z	1.6 kB	13 kB	69.16.230.226
gaut-hil.com	342928	2020-07-09T22:17:47Z	2023-02-28T19:06:23Z	1.8 kB	44 kB	34.239.209.41
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	424 B	2.0 kB	142.250.74.10
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.115
megaflirt.life	unknown	2022-07-18T16:34:41Z	2023-03-07T05:26:08Z	10 kB	690 kB	94.103.188.72

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-23	medium	megaflirt.life/media/dating/sinderv2/js/vegas.js	Phishing
2022-10-23	medium	megaflirt.life/cookie/js.cookie.js	Phishing
2022-10-23	medium	megaflirt.life/media/dating/sinderv2/js/timer.js	Phishing
2022-10-23	medium	megaflirt.life/util/utils.js	Phishing
2022-10-23	medium	megaflirt.life/media/bb.js	Phishing
2022-10-23	medium	megaflirt.life/media/exit-new/exit1.js	Phishing
2022-10-23	medium	megaflirt.life/media/dating/sinderv2/js/trls.js	Phishing
2022-10-23	medium	megaflirt.life/media/dating/sinderv2/js/jquery.js	Phishing
2022-10-23	medium	megaflirt.life/media/dating/sinderv2/images/logo-loveme_white1.svg	Phishing
2022-10-23	medium	megaflirt.life/media/dating/sinderv2/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2	Phishing
2022-10-23	medium	megaflirt.life/media/dating/sinderv2/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2	Phishing
2022-10-23	medium	megaflirt.life/media/dating/sinderv2/fonts/b796339b324ec08006ca04dca90284cf.woff2	Phishing
2022-10-23	medium	megaflirt.life/util/flag-icon/flags/4x3/no.svg	Phishing
2022-10-23	medium	megaflirt.life/media/dating/sinderv2/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	gaut-hil.com/zcredirect?visitid=aba292f2-52b5-11ed-8f8a-0ade1adf28bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false	285 B	2023-03-10	2023-03-10
Pretty URL gaut-hil.com/zcredirect?visitid=aba292f2-52b5-11ed-8f8a-0ade1adf28bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false IP 34.239.209.41 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:46:28 Last Seen2023-03-10 13:46:28 Times Seen1 Hash 6bd52799a1e588494834b0d339538b55 6736003164efff29f9e3bbbb3abd5746590212d5 91ef288ac9aa2fe16276028752968087e0a8d67836f924cd4f1bb3120df3561b Loading...

	megaflirt.life/media/dating/sinderv2/js/timer.js	621 B	2023-03-07	2024-04-26
Pretty URL megaflirt.life/media/dating/sinderv2/js/timer.js IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 22:00:49 Times Seen7274 Hash 40fe503eb84093a37b15e39365ffc587 911128043c901314d283fe478477d26e2b3d821a 60b0f0de4c72c1ce9c05b36ba776f12538b1d9b80858b7099068a3e7e0415bc1 Loading...

	megaflirt.life/media/bb.js	639 B	2023-03-07	2024-04-26
Pretty URL megaflirt.life/media/bb.js IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 22:00:49 Times Seen13598 Hash 0d553e4bac91c74bfee2dbabba61e99e 5af71e2377c9c012a7826a695f2724901941b19b 1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68 Loading...

	1076894.shakingclicks.com/page/bouncy.php?&bpae=GbhGt60GhUx7Npvv%2ByrAz0HO2kviA9V2usY0LllU%2FGprJvjrTKfrtiyYegCP0hqPV83yPrHG1Dpt79Tc5SYyyJCDPej5lpd2TODqg7snm%2BUcn1TnkL0zP2uk0XVb3zv2NIolzTi9NzgLNJ7fEOeEO7NREMyrn3oI7tqnzFH3Q%2B235tMgs4anK%2BfU0ZItknvgiZetQ1UqLTfvcYS%2FHElhYSV%2Bbl%2B4X0hjDB6DHJ23Tf6Jph495VI%2Fm%2B%2B%2BXo5yzfJkR%2BthiX7rS%2FkOBAL91ZjaLOR%2BfBqI9c4X02OBJ3tZ%2B%2B%2B0uHRhpn7K8P2ys790CkyOhamXy5Q06B%2BtJjgeqeRuijWiIGkCjtF3Mj1OljEBYF3oKnCiuGpS6CV0HLDto1bupPqV77uaR0wmNASHyY132EIRUEqMj%2BFnedBhjV2ieSKbNRwXWVIQm1GuYcm73VgQtGo0AwRTDnc87LGgmTRK3XRZT0NyZlW8gbXb0f8hFKTOaoQ%2B0F1q%2FKiEawiq%2Bzc%3D&redirectType=js&inIframe=false&inPopUp=false	702 B	2023-03-10	2023-03-10
Pretty URL 1076894.shakingclicks.com/page/bouncy.php?&bpae=GbhGt60GhUx7Npvv%2ByrAz0HO2kviA9V2usY0LllU%2FGprJvjrTKfrtiyYegCP0hqPV83yPrHG1Dpt79Tc5SYyyJCDPej5lpd2TODqg7snm%2BUcn1TnkL0zP2uk0XVb3zv2NIolzTi9NzgLNJ7fEOeEO7NREMyrn3oI7tqnzFH3Q%2B235tMgs4anK%2BfU0ZItknvgiZetQ1UqLTfvcYS%2FHElhYSV%2Bbl%2B4X0hjDB6DHJ23Tf6Jph495VI%2Fm%2B%2B%2BXo5yzfJkR%2BthiX7rS%2FkOBAL91ZjaLOR%2BfBqI9c4X02OBJ3tZ%2B%2B%2B0uHRhpn7K8P2ys790CkyOhamXy5Q06B%2BtJjgeqeRuijWiIGkCjtF3Mj1OljEBYF3oKnCiuGpS6CV0HLDto1bupPqV77uaR0wmNASHyY132EIRUEqMj%2BFnedBhjV2ieSKbNRwXWVIQm1GuYcm73VgQtGo0AwRTDnc87LGgmTRK3XRZT0NyZlW8gbXb0f8hFKTOaoQ%2B0F1q%2FKiEawiq%2Bzc%3D&redirectType=js&inIframe=false&inPopUp=false IP 69.16.230.226 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:46:28 Last Seen2023-03-10 13:46:28 Times Seen1 Hash b10551dfab5275d3c1ae9efab3c131ee 78215dfdd77e5cbd0263826e40728f1ad250d1c8 0e0ec66ee0195915abf07d195e55790fb8c5515421b3d441f344ba3b3a0b47f0 Loading...

	megaflirt.life/media/dating/sinderv2/js/vegas.js	22 kB	2023-03-07	2024-04-26
Pretty URL megaflirt.life/media/dating/sinderv2/js/vegas.js IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 22:00:49 Times Seen6073 Hash 85310f0fc6d54ab6c4aa2a2efa1e8514 dbd124ed40a22170b23709711d4572ff93c9fe6f 17d0a5e4e45104aec83860cf51f19bb232747a586a74fc841b9771a9aa9e42b2 Loading...

	megaflirt.life/media/dating/sinderv2/js/trls.js	17 kB	2023-03-07	2024-04-26
Pretty URL megaflirt.life/media/dating/sinderv2/js/trls.js IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 22:00:25 Times Seen5473 Hash eb1b6bc6776b3e1f520ad0d6c03a92ad 5adcdd94fd541e5ff347cb317418f77ebcd7a714 d87b9de60e8a4d614e0f4e34da021c835852d802f8b6de2aee6a3fa034e3b2b5 Loading...

	megaflirt.life/media/dating/sinderv2/js/jquery.js	93 kB	2023-03-07	2024-04-26
Pretty URL megaflirt.life/media/dating/sinderv2/js/jquery.js IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:35 Last Seen2024-04-26 22:00:49 Times Seen6241 Hash df6173bad69801a82b84701789ab16c5 94908755cae039762ad53086b858eac553e3f56e cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb Loading...

	1076894.shakingclicks.com/cur/offer_blocked.html?jj=1	1.6 kB	2023-03-10	2023-03-10
Pretty URL 1076894.shakingclicks.com/cur/offer_blocked.html?jj=1 IP 69.16.230.226 ASN #32244 LIQUIDWEB Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:46:28 Last Seen2023-03-10 13:46:28 Times Seen1 Hash 6ad1bb45177146fab7d9923cf2c2660a ed39570924a6dcf3590bcde182f6eaceadf92e33 9e347272fbb6d82f2030d3085d56fd744350250c6c41a0b7d0a2a0a782a0a5ed Loading...

	gaut-hil.com/zcvisitor/aba292f2-52b5-11ed-8f8a-0ade1adf28bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=9618e700-073c-11ed-8989-128084d1ce51	747 B	2023-03-10	2023-03-10
Pretty URL gaut-hil.com/zcvisitor/aba292f2-52b5-11ed-8f8a-0ade1adf28bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=9618e700-073c-11ed-8989-128084d1ce51 IP 34.239.209.41 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:46:28 Last Seen2023-03-10 13:46:28 Times Seen1 Hash efea937f2a8f815176bc229296b974dc ebbb4f8203b57cffa5376e913c919945290b3e3b 56298a5b8d68061f58db2fa915ed17553d3cd744b3a99f9589d1544ef4ad1c10 Loading...

	megaflirt.life/util/utils.js	7.5 kB	2023-03-07	2024-04-26
Pretty URL megaflirt.life/util/utils.js IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 22:00:49 Times Seen20709 Hash 01816d15ca03032751161a746e2fb7c3 dcc72ea5fa1356490ba473288159df9786b4a3c3 8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea Loading...

	megaflirt.life/cookie/js.cookie.js	4.3 kB	2023-03-07	2024-04-26
Pretty URL megaflirt.life/cookie/js.cookie.js IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 22:00:49 Times Seen7577 Hash a7e9883924072f15259de6888d5ef515 7f4f6e5938e68f55aef81e0cd0145f008cd28382 985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c Loading...

	megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg	1.3 kB	2023-03-07	2023-11-16
Pretty URL megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2023-11-16 23:00:03 Times Seen21 Hash c7d7ab06842cc3515d23248ba0412410 83d3019f1981a700a407819f81913a1b6ddb55d7 3b981bbd5efbaef3a56b235935c1fe38f93611593c8d82f202a24c2770acbbec Loading...

	megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg	539 B	2023-03-07	2023-11-16
Pretty URL megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2023-11-16 23:00:03 Times Seen21 Hash fe9df294a50ef5da7b15c2311fe031bb 63fc26add08985581e4521b56ffb9f2d7954928f 1469b4a1873825e84290ee4f48687d6fe10a1c8a81065fe0547c37ebb553e891 Loading...

	megaflirt.life/media/exit-new/exit1.js	3.5 kB	2023-03-07	2024-04-26
Pretty URL megaflirt.life/media/exit-new/exit1.js IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-26 22:00:49 Times Seen13270 Hash 625e5e2950612f771e246beb33c9ea61 e4fc251c6c000496c285f8dc3fa097040b031681 618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46 Loading...

	megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg	523 B	2023-03-10	2023-03-10
Pretty URL megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg IP 94.103.188.72 ASN #200019 Alexhost Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:46:28 Last Seen2023-03-10 13:46:28 Times Seen1 Hash 01c4435c545f5059732c99ce4d3ebff8 46c13d7eb7c82598303b741b93eb8ada2c5edce1 7afd2dc950f535ebc358efe646ddde1e80d2f9a20b7d33bf4bf1dfa1fe46eb82 Loading...

HTTP Transactions (53)

URL IP Response Size

4568680.catchtheclick.com/

116.202.159.170

301 Moved Permanently

178 B

URL HTTP/1.1
4568680.catchtheclick.com/
IP
116.202.159.170:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
64c2c262f9e85c0f6bfba9a92bcab025
687d2f4e7e252a0cbfa8546132f8acf161c32ae9
99ee7c936423e9ac18771086fdabedfd148dc8507286b98239b13fb48850d9dd

HTTP Headers

GET / HTTP/1.1
Host: 4568680.catchtheclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.16.1 (Ubuntu)
Date: Sun, 23 Oct 2022 09:32:52 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://4568680.catchtheclick.com/

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 08:52:50 GMT
Expires: Sun, 23 Oct 2022 09:23:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7RzHf8D2DZ4Kg1_LUwcbXy4ctJ2XtPEhKsZB5fYqufTdQoTSm7oJnw==
Age: 2402

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12128
Expires: Sun, 23 Oct 2022 12:55:01 GMT
Date: Sun, 23 Oct 2022 09:32:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12239
Expires: Sun, 23 Oct 2022 12:56:52 GMT
Date: Sun, 23 Oct 2022 09:32:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: m8NBLfQ/YZzXK+AddF1bFIqtP0GGQChqLZULKkjipjiKZeJjca0dA+t9Kc3Lw6B7zeHMXKIzWZITC8l8oLDqmw==
x-amz-request-id: 2M3W0TVQK3YASTQS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 08:37:54 GMT
age: 3299
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 09:32:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f601866767b7c1d3d706f99e765da881
1a9ef8e04a960f5ec2c5bf7697c00d0802198e94
671446c5a8eebacf041c252b2435cb433e383eea5bd2ff1904cefd7c56e33456

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "671446C5A8EEBACF041C252B2435CB433E383EEA5BD2FF1904CEFD7C56E33456"
Last-Modified: Sat, 22 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17427
Expires: Sun, 23 Oct 2022 14:23:20 GMT
Date: Sun, 23 Oct 2022 09:32:53 GMT
Connection: keep-alive

4568680.catchtheclick.com/

116.202.159.170

302 Found

3.0 kB

URL HTTP/1.1
4568680.catchtheclick.com/
IP
116.202.159.170:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
3.0 kB (2967 bytes)
Hash
58ff43cac7e0aab99f7d5a25d1195049
77716d2c56388b30094acd92c916ef913c1d1432
26e95d2b59bdd740eb87ed3bd97a8d460b842c4dbcd7312ee0109b783005a9c2

HTTP Headers

GET / HTTP/1.1
Host: 4568680.catchtheclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Server: nginx/1.16.1 (Ubuntu)
Date: Sun, 23 Oct 2022 09:32:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://1076894.shakingclicks.com/cur/offer_blocked.html?jj=1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 23 Oct 2022 08:43:40 GMT
Expires: Sun, 23 Oct 2022 09:25:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: haqa_MANfovsaMbmoPfLXtULP-PKMu3HmPtdt1T3sR4BZc3I_2yxxA==
Age: 2953

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fecd12689ba4c6aa556814b7fac0d344
a3005f6333ce5201a73e2857c764a1b0091a91d5
83e0fb564f86df4300e8fc4b5baaf0ed13102c384922d388e02620fb3363a842

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4341
Cache-Control: max-age=85573
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 09:32:53 GMT
Etag: "6353a495-1d7"
Expires: Mon, 24 Oct 2022 09:19:06 GMT
Last-Modified: Sat, 22 Oct 2022 08:06:45 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
312d31d095a6b76a0bf640c89cbd0f72
e0ae22030a02b3eb44b9dfd80fef4f4f8d15a892
6ee0a7655bd690ff2afc08ce3b282b9cc23cad4ebb94d9d7558695b90181486b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6EE0A7655BD690FF2AFC08CE3B282B9CC23CAD4EBB94D9D7558695B90181486B"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10851
Expires: Sun, 23 Oct 2022 12:33:44 GMT
Date: Sun, 23 Oct 2022 09:32:53 GMT
Connection: keep-alive

push.services.mozilla.com/

44.237.51.86

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.51.86:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kig3pQACwrLqRY4MSKHD/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: X3G5vzUGHHk0XmiEDFS9iG+PHcU=

ocsp.sca1b.amazontrust.com/

143.204.42.88

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.88:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
89fb90d7de8769ea98143e01a6647980
96aa48644ee75ddd931724d9cb4cb0bce571f67b
5a9c97044c69cc593f7c37b20e88c456271ed814e86be2c6410580283cbc96fa

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=91259
Date: Sun, 23 Oct 2022 09:32:55 GMT
Etag: "6353c22f-1d7"
Expires: Mon, 24 Oct 2022 10:53:54 GMT
Last-Modified: Sat, 22 Oct 2022 10:13:03 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sWPt5SOyVZxa6NkNCAJray7YbU-HGXTInacD2809aRCd-IOBHVhiOA==
Age: 2451

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12878
Expires: Sun, 23 Oct 2022 13:07:33 GMT
Date: Sun, 23 Oct 2022 09:32:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12878
Expires: Sun, 23 Oct 2022 13:07:33 GMT
Date: Sun, 23 Oct 2022 09:32:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3518 bytes)
Hash
85de0c3844ed8f109992d7c37cc5db1b
454136ba1c69e33ae3ba4fcfe4963bd492991e07
c8d2f6fabb976cc65c2029b102fee589b639c0f18110f1c2502733903da73d0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e25b9a-b0d2-47fc-824e-f7441e1bdd01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3518
x-amzn-requestid: fd8cc725-9685-4a08-9edf-68250bb25729
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aSS_FFknoAMF5fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6350cb93-7013c6384cf8a37c58b82ca2;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 04:16:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7rIVMWVlF-44bGQJ3Oy40b17V7inEcZmkUiD0rsHcZzL_-6rAGZMRg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:32:53 GMT
age: 43202
etag: "454136ba1c69e33ae3ba4fcfe4963bd492991e07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8639 bytes)
Hash
97e9c05ece38dedeaa752c612029c78d
715f72710799f828e2c06932c33919d8f23844f5
29408c0bd34660a836f59a7abb61c7c2b1f864b31194787ddf4d178314184b96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd19113d-c1df-4109-b7c9-1d4ed544d9d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8639
x-amzn-requestid: e598ff88-e152-4b9e-af16-aa30dcf452a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aX-m5HlMoAMFvjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6353115f-7f17a59522afc40e64ac216d;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 21:38:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FR2T_rEAFK6FgRKszDEcSGs25f5C2tooGqrAHPznpyCUiSH49oaKzA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 22:09:52 GMT
age: 40983
etag: "715f72710799f828e2c06932c33919d8f23844f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

1076894.shakingclicks.com/page/bouncy.php?&bpae=GbhGt60GhUx7Npvv%2ByrAz0HO2kviA9V2usY0LllU%2FGprJvjrTKfrtiyYegCP0hqPV83yPrHG1Dpt79Tc5SYyyJCDPej5lpd2TODqg7snm%2BUcn1TnkL0zP2uk0XVb3zv2NIolzTi9NzgLNJ7fEOeEO7NREMyrn3oI7tqnzFH3Q%2B235tMgs4anK%2BfU0ZItknvgiZetQ1UqLTfvcYS%2FHElhYSV%2Bbl%2B4X0hjDB6DHJ23Tf6Jph495VI%2Fm%2B%2B%2BXo5yzfJkR%2BthiX7rS%2FkOBAL91ZjaLOR%2BfBqI9c4X02OBJ3tZ%2B%2B%2B0uHRhpn7K8P2ys790CkyOhamXy5Q06B%2BtJjgeqeRuijWiIGkCjtF3Mj1OljEBYF3oKnCiuGpS6CV0HLDto1bupPqV77uaR0wmNASHyY132EIRUEqMj%2BFnedBhjV2ieSKbNRwXWVIQm1GuYcm73VgQtGo0AwRTDnc87LGgmTRK3XRZT0NyZlW8gbXb0f8hFKTOaoQ%2B0F1q%2FKiEawiq%2Bzc%3D&redirectType=js&inIframe=false&inPopUp=false

69.16.230.226

200 OK

13 kB

URL HTTP/2
1076894.shakingclicks.com/page/bouncy.php?&bpae=GbhGt60GhUx7Npvv%2ByrAz0HO2kviA9V2usY0LllU%2FGprJvjrTKfrtiyYegCP0hqPV83yPrHG1Dpt79Tc5SYyyJCDPej5lpd2TODqg7snm%2BUcn1TnkL0zP2uk0XVb3zv2NIolzTi9NzgLNJ7fEOeEO7NREMyrn3oI7tqnzFH3Q%2B235tMgs4anK%2BfU0ZItknvgiZetQ1UqLTfvcYS%2FHElhYSV%2Bbl%2B4X0hjDB6DHJ23Tf6Jph495VI%2Fm%2B%2B%2BXo5yzfJkR%2BthiX7rS%2FkOBAL91ZjaLOR%2BfBqI9c4X02OBJ3tZ%2B%2B%2B0uHRhpn7K8P2ys790CkyOhamXy5Q06B%2BtJjgeqeRuijWiIGkCjtF3Mj1OljEBYF3oKnCiuGpS6CV0HLDto1bupPqV77uaR0wmNASHyY132EIRUEqMj%2BFnedBhjV2ieSKbNRwXWVIQm1GuYcm73VgQtGo0AwRTDnc87LGgmTRK3XRZT0NyZlW8gbXb0f8hFKTOaoQ%2B0F1q%2FKiEawiq%2Bzc%3D&redirectType=js&inIframe=false&inPopUp=false
IP
69.16.230.226:0
ASN
#32244 LIQUIDWEB

File type
data
Size
13 kB (13013 bytes)
Hash
59f04c274e7afb8478f56987628284b0
830f652be62d5390ac6eda578ff3123557d7eafb
b8f0b83c5436790c13de68bd03e143351485b4770c6965fae1fbaa950c18eb08

HTTP Headers

GET /page/bouncy.php?&bpae=GbhGt60GhUx7Npvv%2ByrAz0HO2kviA9V2usY0LllU%2FGprJvjrTKfrtiyYegCP0hqPV83yPrHG1Dpt79Tc5SYyyJCDPej5lpd2TODqg7snm%2BUcn1TnkL0zP2uk0XVb3zv2NIolzTi9NzgLNJ7fEOeEO7NREMyrn3oI7tqnzFH3Q%2B235tMgs4anK%2BfU0ZItknvgiZetQ1UqLTfvcYS%2FHElhYSV%2Bbl%2B4X0hjDB6DHJ23Tf6Jph495VI%2Fm%2B%2B%2BXo5yzfJkR%2BthiX7rS%2FkOBAL91ZjaLOR%2BfBqI9c4X02OBJ3tZ%2B%2B%2B0uHRhpn7K8P2ys790CkyOhamXy5Q06B%2BtJjgeqeRuijWiIGkCjtF3Mj1OljEBYF3oKnCiuGpS6CV0HLDto1bupPqV77uaR0wmNASHyY132EIRUEqMj%2BFnedBhjV2ieSKbNRwXWVIQm1GuYcm73VgQtGo0AwRTDnc87LGgmTRK3XRZT0NyZlW8gbXb0f8hFKTOaoQ%2B0F1q%2FKiEawiq%2Bzc%3D&redirectType=js&inIframe=false&inPopUp=false HTTP/1.1
Host: 1076894.shakingclicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1076894.shakingclicks.com/cur/offer_blocked.html?jj=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
content-type: text/html; charset=UTF-8
date: Sun, 23 Oct 2022 09:32:54 GMT
x-powered-by: PHP/5.4.16
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa49c383b-3fcb-4fc7-a0a7-10e7a2322d2b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6277 bytes)
Hash
d3e0e50c7b6a4d5bdc281cdfebd2e7d5
0ac9f7c724d72f089bd0d1718700d48c7b6baa24
fe21a319ef6970a6f17cad14a7d3bec5d36272c7473bda48a11be5be0ab9d6af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa49c383b-3fcb-4fc7-a0a7-10e7a2322d2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6277
x-amzn-requestid: 2a9f1d03-5f45-4464-882a-3da1cc86dae0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRJZGAyoAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354623b-1ed9e96a38b77b1464ebbfb6;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kHKoqwmpvW9vzNMGTW9mURZtB5J_cZxbFhB2MhfYGqFckM-TS6rzFg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:10 GMT
age: 42165
etag: "0ac9f7c724d72f089bd0d1718700d48c7b6baa24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7a675ac-f55a-4071-867b-fffb2f9fabed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7762 bytes)
Hash
4df9a6ab2e2874f46f9a26da129ae848
c4c9898711e33fb02374657dd18df8a41c78b4cb
e287d1b63e7644767f573e248f28ee610b2625691e5d42006c0595f7281a07d7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7a675ac-f55a-4071-867b-fffb2f9fabed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7762
x-amzn-requestid: 5c275a39-95dc-4329-9483-44ca93719be2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aO1dKGS5oAMFR3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634f6920-2b700b217832bcd257e0f619;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 03:04:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ShsGMLBfS7cs-LpXBQPQHWvf2ppuoPPIEVMDmaEjrGgoSHbz2z03Mg==
via: 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 06:27:20 GMT
age: 11135
etag: "c4c9898711e33fb02374657dd18df8a41c78b4cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8631 bytes)
Hash
5cf985ceb648df52d3cf5eb47c7705bc
8b0c5f567e25d9bf54263bb3c60b12db225feb81
9c8551a2d891562e12b9a30966dbd9221a041669db0cbb4395d6fa56791ef0dc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf1513b5-a33f-4b0d-b92b-c82ad8141527.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8631
x-amzn-requestid: 536a4908-2fd7-4544-9159-ec2acc55a2bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRJZH2zoAMFYvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6354623b-4d76adc023701d0228f951d1;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:35:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: -Xf9fXAuwq_a1cPwa_4I-Qs3j9PXzsdsywN6dq3eynclAjSFjwDuLw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:42:04 GMT
age: 42651
etag: "8b0c5f567e25d9bf54263bb3c60b12db225feb81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gaut-hil.com/favicon.ico

34.239.209.41

404 Not Found

653 B

URL HTTP/2
gaut-hil.com/favicon.ico
IP
34.239.209.41:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: gaut-hil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcredirect?visitid=aba292f2-52b5-11ed-8f8a-0ade1adf28bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 23 Oct 2022 09:32:55 GMT
content-type: text/html;charset=utf-8
content-length: 653
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
content-language: en
server: zXFVcGtT
X-Firefox-Spdy: h2

cartining-specute.com/zp-redirect?target=https%3A%2F%2Fmegaflirt.life%2F%3Fu%3Dxunwwwr%26o%3Db0bp0zy%26cid%3Dwkqeflq684gcapuj2q3d18fg&caid=d881ce63-d1b1-4e58-8491-decaa6719cf6&zpid=aba292f2-52b5-11ed-8f8a-0ade1adf28bb&cid=wkqeflq684gcapuj2q3d18fg&rt=R

18.197.36.77

302 Found

0 B

URL HTTP/2
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fmegaflirt.life%2F%3Fu%3Dxunwwwr%26o%3Db0bp0zy%26cid%3Dwkqeflq684gcapuj2q3d18fg&caid=d881ce63-d1b1-4e58-8491-decaa6719cf6&zpid=aba292f2-52b5-11ed-8f8a-0ade1adf28bb&cid=wkqeflq684gcapuj2q3d18fg&rt=R
IP
18.197.36.77:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zp-redirect?target=https%3A%2F%2Fmegaflirt.life%2F%3Fu%3Dxunwwwr%26o%3Db0bp0zy%26cid%3Dwkqeflq684gcapuj2q3d18fg&caid=d881ce63-d1b1-4e58-8491-decaa6719cf6&zpid=aba292f2-52b5-11ed-8f8a-0ade1adf28bb&cid=wkqeflq684gcapuj2q3d18fg&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Sun, 23 Oct 2022 09:32:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
pragma: no-cache
set-cookie: cc-v4=a28L71TWzvaJgKVd92RGkplA8StRE45qUBwG9n7Oo3glhK8pYtKeQVwKl%2B1ybh7QZcD9xLxLDLtlavObKrRDd9sn1Lvstq0XQF1E%2FQt7WLfnkMbbZdspJ2mjAkMTVOgip%2BvW2u0xzseaDh5svB3o0A%3D%3D; Max-Age=31536000; Expires=Mon, 23-Oct-2023 09:32:55 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6c5dd32a38eb12fd74823172570ea139
5319ea33bb22181bc35d5a022a6b7e837aec3318
7597b90b7d5bb451b90cc62f90c91a8ca66762a89666520f116f9ebfceef450c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7597B90B7D5BB451B90CC62F90C91A8CA66762A89666520F116F9EBFCEEF450C"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1472
Expires: Sun, 23 Oct 2022 09:57:27 GMT
Date: Sun, 23 Oct 2022 09:32:55 GMT
Connection: keep-alive

megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg

94.103.188.72

200 OK

6.6 kB

URL HTTP/1.1
megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (528), with CRLF line terminators
Size
6.6 kB (6637 bytes)
Hash
36f2b0df1b29ac50ccb4b03b6fb55b11
180ba50e4e65f4f5a4da540a0604be0d4300c1d4
dc1bdffafba27940e4b7c964620b69701a0acf78b6758564aeac3f0f8bc8328b

HTTP Headers

GET /?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gaut-hil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: text/html
Content-Length: 6637
Connection: keep-alive
set-cookie: sid=t2~03idsfsrli5pakjkzv3u1our; path=/
cache-control: private, no-transform

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 09:32:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic

142.250.74.10

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1224 bytes)
Hash
27bc3533bca2ae824fcf548436c638ea
e09b894085e22a32290db233ad674e960ec64643
fed2b236c72fbb3dbb652577dd75f9372baf85e87dfe373f7f27a5dd51acdd1c

HTTP Headers

GET /css?family=Roboto:400,300,700|Raleway:400,700&subset=latin,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 09:32:56 GMT
date: Sun, 23 Oct 2022 09:32:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

megaflirt.life/media/dating/sinderv2/css/bootstrap.min.css

94.103.188.72

200 OK

110 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/css/bootstrap.min.css
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
110 kB (109540 bytes)
Hash
03d06426a30f77095d7511e1ca74d225
d1a349294f6fe94ffb17a50097b37bd81e9ba56a
3f7e6f3cb6ba8e2effbdd260131ce0d2f332fb00ba3feca1a5bc9c3ee7f9e2a6

HTTP Headers

GET /media/dating/sinderv2/css/bootstrap.min.css HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: text/css
Content-Length: 109540
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "03d06426a30f77095d7511e1ca74d225"
Last-Modified: Wed, 31 Aug 2022 09:34:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A75ACC0C8ADC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/js/vegas.js

94.103.188.72

200 OK

22 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/js/vegas.js
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text
Size
22 kB (21792 bytes)
Hash
85310f0fc6d54ab6c4aa2a2efa1e8514
dbd124ed40a22170b23709711d4572ff93c9fe6f
17d0a5e4e45104aec83860cf51f19bb232747a586a74fc841b9771a9aa9e42b2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/sinderv2/js/vegas.js HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 21792
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "85310f0fc6d54ab6c4aa2a2efa1e8514"
Last-Modified: Wed, 31 Aug 2022 09:34:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A835787F6CE2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/css/style.css

94.103.188.72

200 OK

20 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/css/style.css
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with CRLF line terminators
Size
20 kB (19825 bytes)
Hash
481d04e228d83633ad28310d09905526
f5c81ac5514271f64001c41f5b03e92df55c1a02
25fc219b42657e82593f2b07e3d4ae7d615031234f9b2732f5457338d779cf30

HTTP Headers

GET /media/dating/sinderv2/css/style.css HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: text/css
Content-Length: 19825
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "481d04e228d83633ad28310d09905526"
Last-Modified: Wed, 31 Aug 2022 09:34:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A78F479B2F3B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/cookie/js.cookie.js

94.103.188.72

200 OK

4.3 kB

URL HTTP/1.1
megaflirt.life/cookie/js.cookie.js
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (1709), with CRLF line terminators
Size
4.3 kB (4264 bytes)
Hash
a7e9883924072f15259de6888d5ef515
7f4f6e5938e68f55aef81e0cd0145f008cd28382
985659942ab60a92b3c0a7f876d9ef60e8f048ff655a622a172fa4b44f901b6c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cookie/js.cookie.js HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 4264
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a7e9883924072f15259de6888d5ef515"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A7A20DDA7C7B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/css/vegas.css

94.103.188.72

200 OK

20 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/css/vegas.css
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with CRLF line terminators
Size
20 kB (19822 bytes)
Hash
357c7befa8bdef911f02f48f49e10628
47972e3c4591058dce82dd3b08bed8e0b8ae5c8f
47f3bef4746b798892c7beff212618616b0950f33f416f03db243578f89135e3

HTTP Headers

GET /media/dating/sinderv2/css/vegas.css HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: text/css
Content-Length: 19822
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "357c7befa8bdef911f02f48f49e10628"
Last-Modified: Wed, 31 Aug 2022 09:34:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A8357D0508D0
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

gaut-hil.com/zcredirect?visitid=aba292f2-52b5-11ed-8f8a-0ade1adf28bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false

34.239.209.41

200 OK

41 kB

URL HTTP/2
gaut-hil.com/zcredirect?visitid=aba292f2-52b5-11ed-8f8a-0ade1adf28bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false
IP
34.239.209.41:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (307), with CRLF, LF line terminators
Size
41 kB (41327 bytes)
Hash
a0770d1713b0851dd67d96904c402202
042f5339abc6be4f18a8caab1258d446dcfa5ba6
bc5594c0d4d55f4b460ce242c31b043ff6e5362a8817569e777e9269c1cce187

HTTP Headers

GET /zcredirect?visitid=aba292f2-52b5-11ed-8f8a-0ade1adf28bb&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false HTTP/1.1
Host: gaut-hil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gaut-hil.com/zcvisitor/aba292f2-52b5-11ed-8f8a-0ade1adf28bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=9618e700-073c-11ed-8989-128084d1ce51
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 23 Oct 2022 09:32:55 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
server: oIFzyzeC
X-Firefox-Spdy: h2

megaflirt.life/media/dating/sinderv2/js/timer.js

94.103.188.72

200 OK

621 B

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/js/timer.js
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text
Size
621 B (621 bytes)
Hash
40fe503eb84093a37b15e39365ffc587
911128043c901314d283fe478477d26e2b3d821a
60b0f0de4c72c1ce9c05b36ba776f12538b1d9b80858b7099068a3e7e0415bc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/sinderv2/js/timer.js HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 621
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "40fe503eb84093a37b15e39365ffc587"
Last-Modified: Wed, 31 Aug 2022 09:34:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A75AE5C74D6C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/util/utils.js

94.103.188.72

200 OK

7.5 kB

URL HTTP/1.1
megaflirt.life/util/utils.js
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
7.5 kB (7512 bytes)
Hash
01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /util/utils.js HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A78F09B38478
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/bb.js

94.103.188.72

200 OK

639 B

URL HTTP/1.1
megaflirt.life/media/bb.js
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (639), with no line terminators
Size
639 B (639 bytes)
Hash
0d553e4bac91c74bfee2dbabba61e99e
5af71e2377c9c012a7826a695f2724901941b19b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/bb.js HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 639
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A7D5CE0D6712
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/exit-new/exit1.js

94.103.188.72

200 OK

3.5 kB

URL HTTP/1.1
megaflirt.life/media/exit-new/exit1.js
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (641), with CRLF line terminators
Size
3.5 kB (3473 bytes)
Hash
625e5e2950612f771e246beb33c9ea61
e4fc251c6c000496c285f8dc3fa097040b031681
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/exit-new/exit1.js HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 3473
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Wed, 31 Aug 2022 09:34:51 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A7D5CE058711
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/css/animate.css

94.103.188.72

200 OK

61 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/css/animate.css
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (460), with CRLF line terminators
Size
61 kB (61188 bytes)
Hash
1cbfbb2c4ef85880799a74ab2f290f2a
9b6366d6c7ad05010f7070db70fba10754be6e9c
bfdad6766b12a3826bf32024f0fc13fffbcee84f102034b9270da7e538451031

HTTP Headers

GET /media/dating/sinderv2/css/animate.css HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: text/css
Content-Length: 61188
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "1cbfbb2c4ef85880799a74ab2f290f2a"
Last-Modified: Wed, 31 Aug 2022 09:34:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A761A37B6ACE
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/js/trls.js

94.103.188.72

200 OK

17 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/js/trls.js
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
Unicode text, UTF-8 text
Size
17 kB (17300 bytes)
Hash
eb1b6bc6776b3e1f520ad0d6c03a92ad
5adcdd94fd541e5ff347cb317418f77ebcd7a714
d87b9de60e8a4d614e0f4e34da021c835852d802f8b6de2aee6a3fa034e3b2b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/sinderv2/js/trls.js HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 17300
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "eb1b6bc6776b3e1f520ad0d6c03a92ad"
Last-Modified: Wed, 31 Aug 2022 09:34:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A75AE73AEF43
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/js/jquery.js

94.103.188.72

200 OK

93 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/js/jquery.js
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
ASCII text, with very long lines (32072)
Size
93 kB (93064 bytes)
Hash
df6173bad69801a82b84701789ab16c5
94908755cae039762ad53086b858eac553e3f56e
cd8f413e39247d48ea354b8fb11c227e72f641403bd8d4dd81cd7473d60daafb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/sinderv2/js/jquery.js HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:56 GMT
Content-Type: application/javascript
Content-Length: 93064
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "df6173bad69801a82b84701789ab16c5"
Last-Modified: Wed, 31 Aug 2022 09:34:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A8357D04B151
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:56 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/images/logo-loveme_white1.svg

94.103.188.72

200 OK

4.6 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/images/logo-loveme_white1.svg
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
4.6 kB (4564 bytes)
Hash
896592d7f2fa3d761c0b767e9399b010
ed1c0502263392938f4cbdd72afb1a8704bf840e
3417f549b6a1018ee687dd84aec136cb7fba2bb5b4c83cf269f9f8e958cc48de

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/sinderv2/images/logo-loveme_white1.svg HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:57 GMT
Content-Type: image/svg+xml
Content-Length: 4564
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "896592d7f2fa3d761c0b767e9399b010"
Last-Modified: Wed, 31 Aug 2022 09:34:22 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A78FB582D5A5
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:57 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3a4f7c0f140f0c6e3f5e1ff02e4f501
254f02f4f902d0186459223c4c6160e1c31a0cbc
46e45cdb455da9a3098bccceb69e80f7426fd3809663b3ecd97a5637f87a617b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46E45CDB455DA9A3098BCCCEB69E80F7426FD3809663B3ECD97A5637F87A617B"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1119
Expires: Sun, 23 Oct 2022 09:51:36 GMT
Date: Sun, 23 Oct 2022 09:32:57 GMT
Connection: keep-alive

megaflirt.life/media/dating/sinderv2/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2

94.103.188.72

200 OK

22 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
Web Open Font Format (Version 2), TrueType, length 22284, version 3.786\012- data
Size
22 kB (22284 bytes)
Hash
5c92d5d3e39a260d5dd06ced7eca070d
64df09fd462e6bb76890b7782578777b901f2003
2a99c11dd137ef8b515b3a95d2bdb38ec99bf745b2865196aa910628bcb144b9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/sinderv2/fonts/5c92d5d3e39a260d5dd06ced7eca070d.woff2 HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://megaflirt.life/media/dating/sinderv2/css/style.css
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:57 GMT
Content-Type: font/woff2
Content-Length: 22284
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "5c92d5d3e39a260d5dd06ced7eca070d"
Last-Modified: Wed, 31 Aug 2022 09:34:21 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A75B0239BACC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:57 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2

94.103.188.72

200 OK

15 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
Web Open Font Format (Version 2), TrueType, length 14772, version 3.327\012- data
Size
15 kB (14772 bytes)
Hash
bcf3bb1b7f7a3436181788e748bae013
8ee24d38f618f070a43619f1d471d90f17d666f1
42e50c76c1bf569cb8b597ffc8cdd18a6f4a311832f46fdc1489145027550781

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/sinderv2/fonts/bcf3bb1b7f7a3436181788e748bae013.woff2 HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://megaflirt.life/media/dating/sinderv2/css/style.css
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:57 GMT
Content-Type: font/woff2
Content-Length: 14772
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bcf3bb1b7f7a3436181788e748bae013"
Last-Modified: Wed, 31 Aug 2022 09:34:21 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A75B02408799
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:57 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/fonts/b796339b324ec08006ca04dca90284cf.woff2

94.103.188.72

200 OK

22 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/fonts/b796339b324ec08006ca04dca90284cf.woff2
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
Web Open Font Format (Version 2), TrueType, length 21796, version 3.786\012- data
Size
22 kB (21796 bytes)
Hash
b796339b324ec08006ca04dca90284cf
4283d779705f09e68939572df76c52cb41a3ec68
d65bbca022f8953936d6e60b9a59fc27f9bfd74ba96257ffe14df83b3d8eb0e3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/sinderv2/fonts/b796339b324ec08006ca04dca90284cf.woff2 HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://megaflirt.life/media/dating/sinderv2/css/style.css
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:57 GMT
Content-Type: font/woff2
Content-Length: 21796
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "b796339b324ec08006ca04dca90284cf"
Last-Modified: Wed, 31 Aug 2022 09:34:21 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A75B0242EB26
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:57 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

data-jsext.com/ExtService.svc/getextparams

54.37.5.177

200 OK

515 B

URL HTTP/1.1
data-jsext.com/ExtService.svc/getextparams
IP
54.37.5.177:0
ASN
#16276 OVH SAS

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (472), with no line terminators
Size
515 B (515 bytes)
Hash
b1ddc354e3e6770e599199856984ca1a
ad5551d4e83b426b52203d955231322ee868c78f
b49a4ea81f93951af249d083cd38f053fff1ded6cb487758bd14ca10994b8088

HTTP Headers

GET /ExtService.svc/getextparams HTTP/1.1
Host: data-jsext.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://megaflirt.life
Connection: keep-alive
Referer: https://megaflirt.life/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 515
Connection: keep-alive
Access-Control-Allow-Origin: *

megaflirt.life/util/flag-icon/flags/4x3/no.svg

94.103.188.72

200 OK

331 B

URL HTTP/1.1
megaflirt.life/util/flag-icon/flags/4x3/no.svg
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
331 B (331 bytes)
Hash
c7ecfe59439b5fd23924fd206cf2fded
056fbd2b17c7f08bfb480d21973a96bf86fbd72a
4027f3320608508754640a6de4cb1cdabdef4654b5a214e875c134802345683f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /util/flag-icon/flags/4x3/no.svg HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/util/flag-icon/css/flag-icon.css
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:57 GMT
Content-Type: image/svg+xml
Content-Length: 331
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c7ecfe59439b5fd23924fd206cf2fded"
Last-Modified: Wed, 31 Aug 2022 09:38:18 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A8E835FC5C3A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:57 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/media/dating/sinderv2/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2

94.103.188.72

200 OK

22 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
Web Open Font Format (Version 2), TrueType, length 21908, version 3.786\012- data
Size
22 kB (21908 bytes)
Hash
2e5fca371696cab9fb5a9fe214c1319c
4bd3fe039b2f65d10d1b8c1b30c7962bdc313b7a
f8b1a05998ba7e93e5c9f41b004496a3576b8d10d9fafc2f7014894ebc3e72e9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /media/dating/sinderv2/fonts/2e5fca371696cab9fb5a9fe214c1319c.woff2 HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://megaflirt.life/media/dating/sinderv2/css/style.css
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:57 GMT
Content-Type: font/woff2
Content-Length: 21908
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2e5fca371696cab9fb5a9fe214c1319c"
Last-Modified: Wed, 31 Aug 2022 09:34:21 GMT
No-Gzip-Compression: true
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A8E835F6CEF8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:57 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

megaflirt.life/favicon.ico

94.103.188.72

204 No Content

0 B

URL HTTP/1.1
megaflirt.life/favicon.ico
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 23 Oct 2022 09:32:57 GMT
Connection: keep-alive
Cache-Control: no-transform

megaflirt.life/media/dating/sinderv2/images/scandinavia30.jpg

94.103.188.72

200 OK

227 kB

URL HTTP/1.1
megaflirt.life/media/dating/sinderv2/images/scandinavia30.jpg
IP
94.103.188.72:0
ASN
#200019 Alexhost Srl

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2018:12:04 13:04:35], baseline, precision 8, 1980x1080, components 3\012- data
Size
227 kB (226699 bytes)
Hash
a388364d8d1e4684a2cd72c68d625b73
ce210b5b755bae87788ca2eeca7799d284e8477a
36e0d2fd85c40dfc080246c7f7c426fc23ebd8f7937c86ef2b435c345ec5c2a2

HTTP Headers

GET /media/dating/sinderv2/images/scandinavia30.jpg HTTP/1.1
Host: megaflirt.life
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://megaflirt.life/?u=xunwwwr&o=b0bp0zy&cid=wkqeflq684gcapuj2q3d18fg
Cookie: sid=t2~03idsfsrli5pakjkzv3u1our
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 23 Oct 2022 09:32:57 GMT
Content-Type: image/jpeg
Content-Length: 226699
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "a388364d8d1e4684a2cd72c68d625b73"
Last-Modified: Wed, 31 Aug 2022 09:34:23 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1720A8E836168C5D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Mon, 23 Oct 2023 09:32:57 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4746 bytes)
Hash
bed49abb7a64c9f0717ac283b30bff8b
0f9e4ab8e7ceff21752ea83a243431fc4c78a4e3
ddb5ed6e7b818593ac9819be0a8d376e26ef3b45b417f00ce1d7dbee47465bec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4746
x-amzn-requestid: fa85cf46-7cea-439e-92d5-db3875ff4479
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aIQpNFk5IAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634cc7d4-245cdd691d0c415d508421ce;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 03:11:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9HA91S_J8H29VveOfTAUu_c3fXBOdHzbdpISQ23yhzbEof4gc2_lAw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:13 GMT
age: 42169
etag: "0f9e4ab8e7ceff21752ea83a243431fc4c78a4e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

1076894.shakingclicks.com/cur/offer_blocked.html?jj=1

69.16.230.226

200 OK

0 B

URL HTTP/2
1076894.shakingclicks.com/cur/offer_blocked.html?jj=1
IP
69.16.230.226:0
ASN
#32244 LIQUIDWEB

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cur/offer_blocked.html?jj=1 HTTP/1.1
Host: 1076894.shakingclicks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9
content-type: text/html; charset=UTF-8
date: Sun, 23 Oct 2022 09:32:53 GMT
x-powered-by: PHP/5.4.16
X-Firefox-Spdy: h2

gaut-hil.com/zcvisitor/aba292f2-52b5-11ed-8f8a-0ade1adf28bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=9618e700-073c-11ed-8989-128084d1ce51

34.239.209.41

200 OK

0 B

URL HTTP/2
gaut-hil.com/zcvisitor/aba292f2-52b5-11ed-8f8a-0ade1adf28bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=9618e700-073c-11ed-8989-128084d1ce51
IP
34.239.209.41:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /zcvisitor/aba292f2-52b5-11ed-8f8a-0ade1adf28bb/c48f16c0-a519-11ec-9226-0a76dcc61f13?campaignid=9618e700-073c-11ed-8989-128084d1ce51 HTTP/1.1
Host: gaut-hil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1076894.shakingclicks.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 23 Oct 2022 09:32:55 GMT
content-type: text/html;charset=UTF-8
cache-control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-webkit-csp: default-src 'self'; script-src 'self' 'unsafe-inline'
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
server: oIFzyzeC
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations