Report - re22273.ah.wy5532.com/

Report Overview

Submitted URL
re22273.ah.wy5532.com/
IP
185.107.56.200
ASN
#43350 NForce Entertainment B.V.
Submitted
2023-01-27 12:14:05
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	1.8 kB	142.250.74.138
app.api-push.com	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	2.5 kB	172.64.162.28
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	1.9 kB	104.18.20.226
meshho.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	521 B	572 B	52.51.210.211
toomoffr.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	568 B	989 B	52.51.210.211
winandlove.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	534 B	1.4 kB	104.21.76.186
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	940 B	188.114.97.1
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	35 kB	142.250.74.10
mycasualhookups.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.8 kB	1.9 MB	104.26.13.87
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
orest-vlv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.3 kB	54.237.193.255
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.83.202.51
cartining-specute.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	721 B	649 B	18.197.36.77
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	1.9 kB	104.18.21.226
cdn-dt.fcdn.info	230544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	722 B	104.21.234.87
hotloveland.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	546 B	1.4 kB	172.67.165.105
re22273.ah.wy5532.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	1.4 kB	185.107.56.200
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	5.6 kB	142.250.74.131
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.2 kB	93.184.220.29
subscribe.api-push.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	856 B	172.64.162.28
m.luvmenow.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	582 B	912 B	104.21.11.83
bl.trackham.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	545 B	1.6 kB	18.193.146.82

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-27	medium	re22273.ah.wy5532.com/	Malware
2023-01-27	medium	mycasualhookups.com/sl/common/css/style.css?1674821638	Phishing
2023-01-27	medium	mycasualhookups.com/sl/html/032107/js/config.js	Phishing
2023-01-27	medium	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	Phishing
2023-01-27	medium	mycasualhookups.com/sl/common/js/main.js?1674821638	Phishing
2023-01-27	medium	mycasualhookups.com/sl/html/032107/videos/video1.webm	Phishing
2023-01-27	medium	mycasualhookups.com/sl/common/js/common-langs.js	Phishing
2023-01-27	medium	mycasualhookups.com/sl/html/032107/js/main.js	Phishing
2023-01-27	medium	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing
2023-01-27	medium	mycasualhookups.com/sl/html/032107/js/jquery.min.js	Phishing
2023-01-27	medium	mycasualhookups.com/sl/common/unsubscribe.html	Phishing
2023-01-27	medium	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	Phishing
2023-01-27	medium	mycasualhookups.com/sl/html/032107/js/langs.js	Phishing
2023-01-27	medium	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	mycasualhookups.com/sl/html/032107/js/jquery.min.js	127 kB	2023-03-08	2023-05-27
Pretty URL mycasualhookups.com/sl/html/032107/js/jquery.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:46 Last Seen2023-05-27 17:52:36 Times Seen16 Hash 60deb99052f1a9728c143c8e618dc9b3 f4bfc781f9cc075a20f8e9fb51c11ef4edb2d3c6 85ea6624a9f99bbf4f890125e45b2cbc2a9ac73aba9c9ad67dab935b8b4108f6 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949	97 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 IP 142.250.74.10 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 19:14:44 Times Seen118542 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	mycasualhookups.com/sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum=#p%23	487 B	2023-03-08	2023-05-21
Pretty URL mycasualhookups.com/sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum=#p%23 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-05-21 15:59:11 Times Seen18 Hash eb3361ce29dba68e5f6374b4129a7240 e9226d27e25cff9e8fd1026b4107d90919d59c14 8eb0cb2db6b9f3b562f0b58f4c9b1f6c48c31cce516872a20efbd90a5c6d33ff Loading...

	orest-vlv.com/zcvisitor/114319f3-9e3c-11ed-a39b-123a18907f83/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=105f24d0-089a-11ed-bde8-128084d1ce51	849 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcvisitor/114319f3-9e3c-11ed-a39b-123a18907f83/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=105f24d0-089a-11ed-bde8-128084d1ce51 IP 54.237.193.255 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:28:29 Last Seen2023-03-13 08:28:29 Times Seen1 Hash 1bc374d421d20bf402e90360380e7bf1 2be202e1a97bd533d86cc40a3404f430157f3174 d99d31a8243920b7736bdd27d27b665ed1c1cd91b496660e91e0a482fbd891a0 Loading...

	orest-vlv.com/zcredirect?visitid=114319f3-9e3c-11ed-a39b-123a18907f83&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false	308 B	2023-03-13	2023-03-13
Pretty URL orest-vlv.com/zcredirect?visitid=114319f3-9e3c-11ed-a39b-123a18907f83&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false IP 54.237.193.255 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:28:29 Last Seen2023-03-13 08:28:29 Times Seen1 Hash b60aab40875d5ca4327abf95c5fe958e a52224a01f2205f03c67dfe7e35b3c3dbea02450 78937760af6e89f9f4493e48905d7d6b5e2b302b85dd965138ad4486b2301281 Loading...

	mycasualhookups.com/sl/common/js/common-langs.js	15 kB	2023-03-07	2023-07-02
Pretty URL mycasualhookups.com/sl/common/js/common-langs.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-07-02 18:22:18 Times Seen47 Hash 9dd6dd34babf310236383a7eb7d569e3 f396ed09424e282aa4e7b96d463541fc42556f46 7ae9fc07390e221821ced9edb8e092859afbc5653d7878c3d3074ed24be2c050 Loading...

	mycasualhookups.com/sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum=#p%23	90 B	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum=#p%23 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash 366614100df3a1aad7eaa097204bb879 462a34ed6013dced533568a3bafe7bb7da1b212d b52856d21909444a7b1f4afb75479ca00aa7a05fc60cdf860dcb3ce4f0b75f01 Loading...

	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-20
Pretty URL mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-20 04:00:01 Times Seen54573 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	mycasualhookups.com/sl/common/unsubscribe.html	1.9 kB	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/common/unsubscribe.html IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash b65ff9705865169981f3ac388816cc72 c79a72e04d9b766e27ea4fe8d2a0cc5d9c484c41 67da9ca751409ddfd1a8b1b7a1fdfe5b66b37e6d9b1d0c4e083fb357debca5de Loading...

	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	23 kB	2023-03-07	2024-04-19
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2024-04-19 18:27:15 Times Seen986 Hash 93c1dd8416ac2af1850652d5b620a142 6a76e4c7db479053350580469aa010febfdcacd0 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50 Loading...

	mycasualhookups.com/sl/html/032107/js/langs.js	6.2 kB	2023-03-08	2023-05-27
Pretty URL mycasualhookups.com/sl/html/032107/js/langs.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:46 Last Seen2023-05-27 17:52:36 Times Seen6 Hash c895285afd534a475c5953dee6ad3495 4ca789d37a3648284e1eaf3d83da4818860089e8 e70037ef79e847cc316e58b94ebe5d4c33cb97be85a0a99125f500d38de043a5 Loading...

	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-20 04:20:01 Times Seen105373 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	re22273.ah.wy5532.com/	378 B	2023-03-13	2023-03-13
Pretty URL re22273.ah.wy5532.com/ IP 185.107.56.200 ASN #43350 NForce Entertainment B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:28:29 Last Seen2023-03-13 08:28:29 Times Seen1 Hash 0caa89f42456ebef894cf65405a9c808 a3076792470a240d4ee30ee905da60ba0971d61a e7073ae57557c77d8e6c0c4fc1e5df1b838046de4cdf87f943b3657e2a8cf5bf Loading...

	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	18 kB	2023-03-07	2024-04-10
Pretty URL mycasualhookups.com/sl/common/js/lib/additional-methods.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:43 Last Seen2024-04-10 02:04:24 Times Seen257 Hash 3a53c5eac97b98ed3833970d43bf7fc9 b8805460b5754be8b16a223df737d9577da4c182 8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8 Loading...

	cdn-dt.fcdn.info/swpush.min.js	34 kB	2023-03-07	2023-08-07
Pretty URL cdn-dt.fcdn.info/swpush.min.js IP 104.21.234.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-08-07 07:25:23 Times Seen135 Hash af2540aefe6334edb036a720947abb72 f17f394267c73b004d0f2c6dfb8a790aa2d7bf7e 7af8787e4bc78270a5a72a75f86a45ae9d3bd803c3c57ec3efb84d2aabe102a2 Loading...

	mycasualhookups.com/sl/common/js/main.js?1674821638	7.4 kB	2023-03-07	2023-08-07
Pretty URL mycasualhookups.com/sl/common/js/main.js?1674821638 IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-08-07 07:25:23 Times Seen115 Hash b87e1c868deb5fadb6c9661630d4f0db e893295cfb31b37a247c509c53b1eae346c528fc 44523924092ddcf715dae1c6c23059400dfb24781643ddb760b0f6b82724a0a8 Loading...

	mycasualhookups.com/sl/html/032107/js/config.js	395 B	2023-03-08	2023-08-07
Pretty URL mycasualhookups.com/sl/html/032107/js/config.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-08-07 07:25:23 Times Seen53 Hash 628061c41e011910d93e2eb32b7e8a24 edaa1d1ca254452b8c77111a7d2dd928276b5971 33015ae6fe9c43a1d94f0b77b94a17e903ca8be952608b85f70ce0df0193161b Loading...

HTTP Transactions (69)

URL IP Response Size

re22273.ah.wy5532.com/

185.107.56.200

200 OK

482 B

URL HTTP/1.1
re22273.ah.wy5532.com/
IP
185.107.56.200:0
ASN
#43350 NForce Entertainment B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (482), with no line terminators
Size
482 B (482 bytes)
Hash
778c1391bf247c1738f8c7cae2335845
b756622ad6f0c60395f4057a4d9153aa83007c68
26118a3ec2e0d602e7916357f3be93a84e0b3f9bbf2ce0d9666bd1e3f9164719

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: re22273.ah.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=ef615a5c-9e2e-11ed-9e54-c70b6a8b185b
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 482
content-type: text/html; charset=utf-8
date: Fri, 27 Jan 2023 12:13:53 GMT
server: nginx

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5855
Expires: Fri, 27 Jan 2023 13:51:29 GMT
Date: Fri, 27 Jan 2023 12:13:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12288
Expires: Fri, 27 Jan 2023 15:38:42 GMT
Date: Fri, 27 Jan 2023 12:13:54 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 11:42:59 GMT
content-type: application/json
age: 1855
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11672
Expires: Fri, 27 Jan 2023 15:28:26 GMT
Date: Fri, 27 Jan 2023 12:13:54 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: /OKVaaQYwzVSEfs/C2GLdYY1uv77ekgrno9XxOn9UEKKN9MS2kXeazQzQPsLaWpJS5mHmevmFpQ=
x-amz-request-id: 7DVEEV9FVVP3KBK0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 11:49:24 GMT
age: 1470
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 12:13:54 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

re22273.ah.wy5532.com/favicon.ico

185.107.56.200

404 Not Found

9 B

URL HTTP/1.1
re22273.ah.wy5532.com/favicon.ico
IP
185.107.56.200:0
ASN
#43350 NForce Entertainment B.V.

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: re22273.ah.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://re22273.ah.wy5532.com/
Cookie: sid=ef615a5c-9e2e-11ed-9e54-c70b6a8b185b

HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Fri, 27 Jan 2023 12:13:54 GMT
server: nginx

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 11:41:40 GMT
age: 1934
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6776
Expires: Fri, 27 Jan 2023 14:06:50 GMT
Date: Fri, 27 Jan 2023 12:13:54 GMT
Connection: keep-alive

re22273.ah.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NDgyODgzMywiaWF0IjoxNjc0ODIxNjMzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3YyaXBvMW5rcjE4MWg5aWcwdmIyY3UiLCJuYmYiOjE2NzQ4MjE2MzMsInRzIjoxNjc0ODIxNjMzODE1OTE0fQ.y901Rq-7x5KUkfGuKqQLLQywc74bmUyVAVVEEIQef8E&sid=ef615a5c-9e2e-11ed-9e54-c70b6a8b185b

185.107.56.200

302 Found

11 B

URL HTTP/1.1
re22273.ah.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NDgyODgzMywiaWF0IjoxNjc0ODIxNjMzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3YyaXBvMW5rcjE4MWg5aWcwdmIyY3UiLCJuYmYiOjE2NzQ4MjE2MzMsInRzIjoxNjc0ODIxNjMzODE1OTE0fQ.y901Rq-7x5KUkfGuKqQLLQywc74bmUyVAVVEEIQef8E&sid=ef615a5c-9e2e-11ed-9e54-c70b6a8b185b
IP
185.107.56.200:0
ASN
#43350 NForce Entertainment B.V.

File type
ASCII text, with no line terminators
Size
11 B (11 bytes)
Hash
32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

HTTP Headers

GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3NDgyODgzMywiaWF0IjoxNjc0ODIxNjMzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc3YyaXBvMW5rcjE4MWg5aWcwdmIyY3UiLCJuYmYiOjE2NzQ4MjE2MzMsInRzIjoxNjc0ODIxNjMzODE1OTE0fQ.y901Rq-7x5KUkfGuKqQLLQywc74bmUyVAVVEEIQef8E&sid=ef615a5c-9e2e-11ed-9e54-c70b6a8b185b HTTP/1.1
Host: re22273.ah.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://re22273.ah.wy5532.com/
Cookie: sid=ef615a5c-9e2e-11ed-9e54-c70b6a8b185b
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Fri, 27 Jan 2023 12:13:54 GMT
location: http://orest-vlv.com/zcvisitor/114319f3-9e3c-11ed-a39b-123a18907f83/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=105f24d0-089a-11ed-bde8-128084d1ce51
server: nginx
set-cookie: sid=ef615a5c-9e2e-11ed-9e54-c70b6a8b185b; path=/; domain=.wy5532.com; expires=Wed, 14 Feb 2091 15:28:02 GMT; max-age=2147483647; HttpOnly

orest-vlv.com/zcvisitor/114319f3-9e3c-11ed-a39b-123a18907f83/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=105f24d0-089a-11ed-bde8-128084d1ce51

54.237.193.255

200

1.1 kB

URL HTTP/1.1
orest-vlv.com/zcvisitor/114319f3-9e3c-11ed-a39b-123a18907f83/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=105f24d0-089a-11ed-bde8-128084d1ce51
IP
54.237.193.255:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.1 kB (1098 bytes)
Hash
ef47770a8bc794b3417c6a6a8a7245ed
63a4dc7f06bac691f33eb1e53e06e9664177af0c
c9c72ee78c1fca01f884091b41f6abdbce088014b803c6d12214f905ab3bda04

HTTP Headers

GET /zcvisitor/114319f3-9e3c-11ed-a39b-123a18907f83/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=105f24d0-089a-11ed-bde8-128084d1ce51 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://re22273.ah.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Fri, 27 Jan 2023 12:13:55 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: APBHmGOx

push.services.mozilla.com/

35.83.202.51

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.83.202.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LJ6Vy4y5x2+WDL2rDjCrzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: imhKU8HyAmFE8/bVi9LmZRz9RcE=

orest-vlv.com/zcredirect?visitid=114319f3-9e3c-11ed-a39b-123a18907f83&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

54.237.193.255

200

746 B

URL HTTP/1.1
orest-vlv.com/zcredirect?visitid=114319f3-9e3c-11ed-a39b-123a18907f83&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
54.237.193.255:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (330)
Size
746 B (746 bytes)
Hash
81ef4b817c3b037dcc382159d590da20
e93a557187904d99bb77edf17fee775fd7f2b9e8
8d033da686a4c7ea793f50df108e88b88d802744db3ea4688b523f37b9462e67

HTTP Headers

GET /zcredirect?visitid=114319f3-9e3c-11ed-a39b-123a18907f83&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/114319f3-9e3c-11ed-a39b-123a18907f83/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=105f24d0-089a-11ed-bde8-128084d1ce51
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 
Date: Fri, 27 Jan 2023 12:13:55 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: ZGhjhzhP

orest-vlv.com/favicon.ico

54.237.193.255

404

653 B

URL HTTP/1.1
orest-vlv.com/favicon.ico
IP
54.237.193.255:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size
653 B (653 bytes)
Hash
ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=114319f3-9e3c-11ed-a39b-123a18907f83&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

HTTP/1.1 404 
Date: Fri, 27 Jan 2023 12:13:55 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: oWqKGNLF

cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dw76e02otim9t7s6mi08e7a0i&caid=f72d8c37-b1a8-4074-8f00-3243bfd2c432&zpid=114319f3-9e3c-11ed-a39b-123a18907f83&cid=w76e02otim9t7s6mi08e7a0i&rt=R

18.197.36.77

302 Found

0 B

URL HTTP/2
cartining-specute.com/zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dw76e02otim9t7s6mi08e7a0i&caid=f72d8c37-b1a8-4074-8f00-3243bfd2c432&zpid=114319f3-9e3c-11ed-a39b-123a18907f83&cid=w76e02otim9t7s6mi08e7a0i&rt=R
IP
18.197.36.77:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /zp-redirect?target=https%3A%2F%2Fwinandlove.com%2FMtnb3wf8%3Faid%3Dbgzzbzgkdk%26kid%3Ddghhfxfxgbx%26clickid%3Dw76e02otim9t7s6mi08e7a0i&caid=f72d8c37-b1a8-4074-8f00-3243bfd2c432&zpid=114319f3-9e3c-11ed-a39b-123a18907f83&cid=w76e02otim9t7s6mi08e7a0i&rt=R HTTP/1.1
Host: cartining-specute.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 27 Jan 2023 12:13:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w76e02otim9t7s6mi08e7a0i
pragma: no-cache
set-cookie: cc-v4=lQ4THsLXe%2F03DMQJ5MjeiYQ2uEK3u17uKVhUF%2FasV2Zgv8wAjKYEaosm6Bh0OfgAHJBXmGTbHPj85o2Yw0xbmBXd%2FSrbAg1I6el%2FJ%2BWVXbyWm2z0P54V8lqgJv9oEe8ORxiluD2S0UgqlsSo1gX6rA%3D%3D; Max-Age=31536000; Expires=Sat, 27-Jan-2024 12:13:55 GMT; Domain=cartining-specute.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a219cb7209a13731db7a3f9d568f2a1e
de7bc983ff059fb6fc81e48e635c669148b6dbbc
40fcd69b41df16cba92ab9493a7061786eae475d737b97ac5f0389e7961d7e89

HTTP Headers

POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/1qjPNXlPzIY
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a219cb7209a13731db7a3f9d568f2a1e
de7bc983ff059fb6fc81e48e635c669148b6dbbc
40fcd69b41df16cba92ab9493a7061786eae475d737b97ac5f0389e7961d7e89

HTTP Headers

POST /s/gts1p5/1qjPNXlPzIY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

277 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
277 B (277 bytes)
Hash
569128e63f3f8d089a8dcbae8ca45ab5
121e8903cd53c35f33535a8dd166d3c5b4f42d1c
8e1b02a0191347fdc4ae708d68329ea6de4e1dd3cd35b01228771f86fe96485e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 829
Cache-Control: max-age=142224
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:56 GMT
Etag: "63d34557-115"
Expires: Sun, 29 Jan 2023 03:44:20 GMT
Last-Modified: Fri, 27 Jan 2023 03:30:31 GMT
Server: ECS (amb/6BAE)
X-Cache: HIT
Content-Length: 277

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14903
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 12:13:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14903
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 12:13:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14903
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 12:13:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14903
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 12:13:56 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14903
Expires: Fri, 27 Jan 2023 16:22:19 GMT
Date: Fri, 27 Jan 2023 12:13:56 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5737 bytes)
Hash
5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: cc977ea9-c418-4a5a-a13b-c86e16bbe6ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRGPFGL5oAMFiSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d050c6-2d540cac5ca7d4e64cfdb8bc;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:42:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uZnA5gkRlZyqamh_n3992G9PlMJa4gJ-mjSOQEysII73dDKLXmeXsg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:26:22 GMT
age: 85654
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5943 bytes)
Hash
ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MeE0Qrn_yZvUApGQTbOKQ14Z2ipPLbPFPyVqkKTk0Bs7ETn0UU6yMg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:48:43 GMT
age: 51913
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13175 bytes)
Hash
e0fe44d9606e6a149a253423f312dfc5
78e442e8a9142311c25dafd01823a240f4acb0d6
9aad8938c1fda9641f95a4369f57ea57303a28e05f56e3bb1961e17cfbb123f4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F91a77b6d-ccc1-422b-8493-221c615accaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13175
x-amzn-requestid: 14ccf28a-a84a-4903-9edc-7659096cb3ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRxOCFrkIAMFt8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0958c-6a67f1aa65038439793808fd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:35:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 10J4VSVgerDXDZu4y_1eRSX9p883b6Rx82BCc-B2Ck4Z8Eh31jB5uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 07:43:52 GMT
age: 16204
etag: "78e442e8a9142311c25dafd01823a240f4acb0d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9482 bytes)
Hash
a85badd84c0542610b94f22c4f265511
5b490095b5e02d9fef4b762888353998b645dfc9
23d6d9848caf36f0556438c371f112b40dcbf9b08b8b27bd37d4d73960c701c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9482
x-amzn-requestid: 825c5e6b-8fda-445e-9ed3-f5d634943c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIZd0HqkIAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ccd5f1-2b31fe3001a1b04a406ff7ff;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 06:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CLTiEOu21gcngjMAN7EcwiAVeXsOYrTqwKr-puh4Cq9W51bI4WivVQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 05:22:53 GMT
age: 24663
etag: "5b490095b5e02d9fef4b762888353998b645dfc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9056 bytes)
Hash
dc869235086902c4acc379733b6bfdb8
0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae
e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fdefZSZfSJi1-C7ZTSahawckLN-To4P91H-n1cyPqw34f18VzTeHRg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:54:06 GMT
age: 83990
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7538 bytes)
Hash
131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:59:56 GMT
age: 51240
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa6l95k&sub2=34496&sub3=21&sub4=s8hnpa6l95h&sub5=38577&sub6=156696&sub7=frd&sub8=

104.21.11.83

302 Found

0 B

URL HTTP/2
m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa6l95k&sub2=34496&sub3=21&sub4=s8hnpa6l95h&sub5=38577&sub6=156696&sub7=frd&sub8=
IP
104.21.11.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=34496&offer_id=5246&sub1=s8hnpa6l95k&sub2=34496&sub3=21&sub4=s8hnpa6l95h&sub5=38577&sub6=156696&sub7=frd&sub8= HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 27 Jan 2023 12:13:56 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d3c00403bb52000107e1c4&s4=34496
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=63d3c00403bb52000107e1c4; expires=Sat, 27 Jan 2024 12:13:56 GMT; secure; SameSite=None
afoffers={"5246":1674821636}; expires=Sat, 27 Jan 2024 12:13:56 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vHVOa5PcDUOZwcTcMYeMSDpao8tNDPbgtd0lHAeQiIWSNfokhCUDANjvsO5fzgwm1p9b9FYClRptc1WDROphiAFVKOX7PHva5MPRB65J4HfAPVSfl3u6WROtLS%2FPxCI2MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167bbef11b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

277 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
277 B (277 bytes)
Hash
569128e63f3f8d089a8dcbae8ca45ab5
121e8903cd53c35f33535a8dd166d3c5b4f42d1c
8e1b02a0191347fdc4ae708d68329ea6de4e1dd3cd35b01228771f86fe96485e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 829
Cache-Control: max-age=142224
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:56 GMT
Etag: "63d34557-115"
Expires: Sun, 29 Jan 2023 03:44:20 GMT
Last-Modified: Fri, 27 Jan 2023 03:30:31 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 277

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
729a6c327283b4e1666d94712ed8c380
a8b6bc76dec2ae726bb040c67a7a919167c77e1f
a236a4b8f8513a6fc25256d7f2267ba88ee64757ac6af9f1a3bd0394a75beb30

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 12:13:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Tue, 31 Jan 2023 10:16:04 GMT
ETag: "a8b6bc76dec2ae726bb040c67a7a919167c77e1f"
Last-Modified: Fri, 27 Jan 2023 10:16:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790167bd1d77b509-OSL

meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d3c00403bb52000107e1c4&s4=34496

52.51.210.211

302 Found

270 B

URL HTTP/1.1
meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63d3c00403bb52000107e1c4&s4=34496
IP
52.51.210.211:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
270 B (270 bytes)
Hash
d5c1215590498f1c7de2d7ced0efa21c
11e2f991c290255691233e633b5d81425e0814ee
e3c9f76f6e19ea25ff91fde62a6e61fa19a91aa7d70ec11ead3dca084fd51218

HTTP Headers

GET /?a=16295&c=43694&p=r&s1=&s2=a_63d3c00403bb52000107e1c4&s4=34496 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 270
Content-Type: text/html; charset=utf-8
Date: Fri, 27 Jan 2023 12:13:56 GMT
Location: https://toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d3c00403bb52000107e1c4&s4=34496&ckmguid=aa0b4cf5-10d4-49cc-b4ef-8a56385795f4
Connection: close

ocsp.globalsign.com/alphasslcasha256g4

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/alphasslcasha256g4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1437 bytes)
Hash
b8c54795f709b361b97a8065803c1a45
15e8709b07bec639d7023f032779eda9843d3e30
2d1101ba15af1b41f23f03b2e16e497a0acca92206642e4d2858ce3769dc61df

HTTP Headers

POST /alphasslcasha256g4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 12:13:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1437
Connection: keep-alive
Expires: Tue, 31 Jan 2023 11:08:46 GMT
ETag: "15e8709b07bec639d7023f032779eda9843d3e30"
Last-Modified: Fri, 27 Jan 2023 11:08:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 790167c0597db511-OSL

toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d3c00403bb52000107e1c4&s4=34496&ckmguid=aa0b4cf5-10d4-49cc-b4ef-8a56385795f4

52.51.210.211

302 Found

234 B

URL HTTP/1.1
toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63d3c00403bb52000107e1c4&s4=34496&ckmguid=aa0b4cf5-10d4-49cc-b4ef-8a56385795f4
IP
52.51.210.211:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
234 B (234 bytes)
Hash
71afb4948597d71904c1a22775607925
5732412080a980b0ab7e485abf1899c4ca410e33
d528d9cb264f6b9a790819b2027befc5730cb3e7b5579b6fcc4b3bf300c3778c

HTTP Headers

GET /?a=16295&c=43694&p=r&s1=&s2=a_63d3c00403bb52000107e1c4&s4=34496&ckmguid=aa0b4cf5-10d4-49cc-b4ef-8a56385795f4 HTTP/1.1
Host: toomoffr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Fri, 27 Jan 2023 12:13:57 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742559630&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=BK1R9FZK7VxVPfS28Xf/Z03YT1aI1Etp34OCedTSMrEg2EowwnfUvA==; domain=.toomoffr.com; path=/; HttpOnly
trk=ylQ8XfatEbMTyrKNsMQJsU3YT1aI1Etp34OCedTSMrEg2EowwnfUvA==; domain=.toomoffr.com; expires=Mon, 27-Jan-2025 12:13:57 GMT; path=/; HttpOnly
c36197=BK1R9FZK7VxyA+ul7mVctGr4Q9mnXlpiQEtKzTfriEBeCUghiDE1Zg==; domain=.toomoffr.com; expires=Sun, 26-Feb-2023 12:13:57 GMT; path=/; HttpOnly
Connection: close

bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742559630&source=16295&sum=

18.193.146.82

302 Found

0 B

URL HTTP/2
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742559630&source=16295&sum=
IP
18.193.146.82:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-742559630&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 27 Jan 2023 12:13:57 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=DKagYRmxfXlzycal1HuvCOzfmDWxDGq_esUT5Ecs5hM; Max-Age=86400; Expires=Sat, 28-Jan-2023 12:13:57 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=1kqkO7aFFMcyPhjl5zAUXHQuYNK3kZD9aJxxFS_fAbDAm_LeNK9GkizEZ8N3ziphqLo16RvLpAiTOsAE9cNQ3H-DV0uXi7ei4ZdrDuZXgxucDkvUIXrIf5dddOyULMit20UVlsQ2iaWOIsO7J-48-y9KkQGw6T18G_6_junIlgANfOdfzFcLp8n_PdWAFFp6g7SUDAzdGeLM-WoUewYy3vyUfRzAxJGZqMOBWMwtjhmeJqXsWS9XltdO5klQGqPcdHLIztcosFz8LUIVjARsdpDHukKSNAVpqmXikTupYUy1Wt-RsMR6c-0qhLjPlsPu1DygsrAAkM0sRg0ssjE6VJM-XlGmgofF4_ViNNY17kvw7rVkBTw-eHST5K4we0rVs3Vx9juwMgabWHP_thwS0M_IfVtP8V5mwUh94tIIyyw; Max-Age=86400; Expires=Sat, 28-Jan-2023 12:13:57 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/QsXoNUJjkNc
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c5a8c0a69382a61ef6536ab7e3c36520
4f50a90265d641e1729dc821baca62b206fb8c8b
c71455b2d6c6b38f1d3341b122fc9aac0439890a20f03f522e96968a7a626701

HTTP Headers

POST /s/gts1p5/QsXoNUJjkNc HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
48f87f021aa43dc85cabc3b624264811
6dcc2e3610ec6ef91768905aae267c984227f54a
0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949

142.250.74.10

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Jan 2023 05:18:42 GMT
expires: Sat, 27 Jan 2024 05:18:42 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 24916
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,600,800

142.250.74.138

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,600,800
IP
142.250.74.138:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1155 bytes)
Hash
659c9bad1ded451ca7fd89ee35344814
fe602f64d4f476e603bf59a3c305e619386ed92d
88e1f7c670f0462d59ad0565a80d7bffe98040426954f14f0dc82b2b1137b0c2

HTTP Headers

GET /css?family=Open+Sans:400,600,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 27 Jan 2023 12:13:58 GMT
date: Fri, 27 Jan 2023 12:13:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.162.28

204 No Content

0 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Fri, 27 Jan 2023 12:13:58 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hlcpWNo9H1NUhkbUnTQ3TvAR2LMrOkI%2BKbs8Gn7iSp5OJ2yG6nQ80INGsglgIG%2Ff9rp4lt46uwUVcyFk91uq6jKV5q0%2FdewRe%2Bn37Ckee4ZF9y7Tyq9kMFCilnDDXmXZOi3w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c8f8ee88b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.162.28

200 OK

917 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (2116), with no line terminators
Size
917 B (917 bytes)
Hash
513e2d6f7c4afa7a467e568b61c21860
ac4f6c25cdb7c39831cb5fbb29145329a81abee4
a1d29eaf84ca426460dada1ebf6d4d2c709ad23201f8bc53d4f9dbdc65aa4d20

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WbOyRliNhGbdm5BsXmOCzgpE52xdhwYUqqDgNvY9%2B5XKzaorluGPyTwRRnWKd1W1OrLp7hNZnG5Xr5byBUcCYiDCw7czn%2BMBX9duNTwkJvtNc1podQ52uyHtqGLusSH0WWmL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c969b288b0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/css/style.css?1674821638

104.26.13.87

200 OK

51 kB

URL HTTP/2
mycasualhookups.com/sl/common/css/style.css?1674821638
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
51 kB (50754 bytes)
Hash
bfded1da8cca0cfb961e0aa5e1abb7ed
9118c3ee8853f979ce6ddb161c57014d350a2ace
a2879a8a0f9f2773d61cfebbe8d35c99d9ac1f6aab86be6cbc944afdd611c361

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/css/style.css?1674821638 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 12:13:58 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Ehb965B%2F82vrs3GWfd%2FaM5bHgjry%2BMBpcma5FaOAFQxK6plnRXWYlvooPI0WZn4Qd3Nw2rdqi9yGGBsb9RuNMl5KaWva%2FGZi0PZvzKJUVNrNxFIO%2BWULJ%2BJI7F5ET77XZTjCOA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c78866b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/js/config.js

104.26.13.87

200 OK

3.2 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/config.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (332)
Size
3.2 kB (3226 bytes)
Hash
205abf7b4ed1f7edcdf259470222c0ad
799b452bce8539e58576425cf87216825404a862
4b77d36a70450e7214fbaaeed15e66231cc9542af3948bb438c48f7a7c1ef221

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Sat, 28 Jan 2023 10:03:31 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:19:29 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 7826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqaqazZJU9fzB8pbNAh6IW%2BvUyXXQbDme1lwHCtdHVTPVjVYbptAVq%2BTXsOwhX%2F3DVnLufnDZCwNyZHzAYRJT590zpy2arDTK6BafDsRcGON0kJMaoT8k81UhoUY9wcPvpK8uJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c7886fb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js

104.26.13.87

200 OK

32 kB

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
32 kB (32511 bytes)
Hash
e6a4038e3b0e67a43221a441015ce749
0d5497948869ef4914c9f47b865c0cd12e70b6a3
356bce2f17c27e94604fcce598df4c6f686df72d5dcbe00d52f4983936e00135

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 06:02:42 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 22276
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSWM8QW%2B4faAorqYctL%2BM9X0LejYV5%2FHCdxludbedhutGYoGIuGDhqwRc%2Flzy%2F9gKttLpG0OLfBET4bSqYr7cfevNy7cfMwiqGmP%2BrauC7GO9Il2Ra%2F6%2BhYC%2Bau9hx%2Bx%2FTeoekA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c78869b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mycasualhookups.com/sl/common/js/main.js?1674821638

104.26.13.87

200 OK

47 kB

URL HTTP/2
mycasualhookups.com/sl/common/js/main.js?1674821638
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
47 kB (46674 bytes)
Hash
7977c9fdcb0b8b6d844a8ac2d3f91fc9
85b9464764885abb26bd899e76a4693b77002a75
d30a0617c149918581859ba43026a292463c5a04752e39405d762a5e6efdc5c7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/main.js?1674821638 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 12:13:58 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a4q5cu9WfTnhcowR3LSEeOSvb4JioNygox2o7kJhexMbTBwGFTumy33exCS64Fw88eKhs7Y27ZwVaY32ohy0ntVe36gjjWAdnz%2FXrjdtq%2FeK4hEfGBS4lM9kcY6J8beZy8EUTqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c78875b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b

172.64.162.28

200 OK

5 B

URL HTTP/2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

HTTP Headers

GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:59 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l46exFY2q%2BOKZS1yvnTegtgIyCZo9xiZO8kkV0oGOV816MRdrLG5oqG8wuwQGpkvUdRzh%2Fi9xV3BF5PR5sDR9xQFxaQ3GSPDEaq8aqMRk3F6cCN28Bz08%2BCXhDJF%2FKVDVJAY6WUFWBPl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167cb3c9388b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 12:13:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mycasualhookups.com/sl/html/032107/videos/video1.webm

104.26.13.87

206 Partial Content

1.8 MB

URL HTTP/2
mycasualhookups.com/sl/html/032107/videos/video1.webm
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.8 MB (1787154 bytes)
Hash
275783ec04582836653aefff2ea6644c
c33c6cc9494ea3789cdfc22b925916164aee4253
cd69ec1ee91bec9876983cd47b3381838aaee8be56ef467400d55bf1f5f758fd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/videos/video1.webm HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://mycasualhookups.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
date: Fri, 27 Jan 2023 12:13:59 GMT
content-type: video/webm
content-length: 1787154
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 12:13:59 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
content-range: bytes 0-1787153/1787154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FYMfGhjwfodtRN8jfoAPMI800ixGMgXFcGcEptu%2F0nA%2FtipfhGriRtHj62WOA9qSLJuFqEwZz03wujBXob%2BZ4l8H6FyPOn4qAFF2vAxp2I1wWnhRPeb67HQhGV5uoKemOvLgV6M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167cb5dd5b50c-OSL
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/css/style.css

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/css/style.css
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=4300
expires: Sat, 28 Jan 2023 06:02:41 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 22276
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwMSUgfJd7rE3L6YCNdtxcasXvwbZ1wdq8K3%2B79urLNLlkBWcr5rj7q1vMTe2zdBiWwTDAVoRcquqq40VQIJTrKQ67KsRxTENw0U9Azd2IcfR1aSLHvWyR25NTcZJOC25undmIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c77857b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/common-langs.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/common-langs.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sat, 28 Jan 2023 06:02:43 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 22275
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQYq6dmNOaUux6oBD60Nd9pMiOrNM%2FhTAKL9kvP4TLtbZnnBvmgrDOmR5R2lPpHBGRr0edztZBHv84oOtKb%2BTNBFp9oTQ17deA1UqeiYkysalJI%2FPsYP%2FSQ1eQxar8uU78u5wCY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c78873b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/js/main.js

104.26.13.87

404 Not Found

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/main.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/main.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=7200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0ouMLmt89tw6PXl1JhYkIhodCHxP1JIbxJN9iAkfv4lEjAcR3DVnG1vqvSv5JzKf%2Fjr4C681E60SmDSEsYVyMNXApwsq6M7CkybcYmiSpcb930l1Oblh%2BQ6kQPG%2F9qsICFIxY0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790167c78860b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w76e02otim9t7s6mi08e7a0i

104.21.76.186

302 Found

0 B

URL HTTP/2
winandlove.com/Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w76e02otim9t7s6mi08e7a0i
IP
104.21.76.186:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /Mtnb3wf8?aid=bgzzbzgkdk&kid=dghhfxfxgbx&clickid=w76e02otim9t7s6mi08e7a0i HTTP/1.1
Host: winandlove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 27 Jan 2023 12:13:56 GMT
content-type: text/html; charset=UTF-8
location: https://hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa6l95h&sub1=38577&sub2=156696&sub3=frd
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa6l95h;Expires=Monday, 27-Feb-2023 12:13:55 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQwODI5NFwiOjE2NzQ4MjE2MzUsXCIzMFwiOjE2NzQ4MjE2MzV9LFwiY2FtcGFpZ25zXCI6e1wiMTU2Njk2XCI6MTY3NDgyMTYzNSxcIjFcIjoxNjc0ODIxNjM1fSxcInRpbWVcIjoxNjc0ODIxNjM1fSJ9.9fUveRVjD1PQcruXLOMWIpvZhAUNjHFsV_WqThk898Q;Expires=Monday, 24-Feb-2076 00:27:50 GMT;Max-Age=1674908035;Path=/
_token=uuid_s8hnpa6l95h_s8hnpa6l95h63d3c003ef4c99.14065415;Expires=Monday, 27-Feb-2023 12:13:55 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdmB4PTJay43UkZ0%2F0O%2FkfOSaHPOVHLODTEXZd9BHX0fRuZRbvj89NvsWp%2BQ88zZRPAheT1uuKxZiDSLx79t60J%2BWY9ORmlMo3yZ8BSbcJ9QclQLyE0yib6teMDye8VZ5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167b85c35b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/css/css.css

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/css/css.css
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/css/css.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=9103
expires: Sat, 28 Jan 2023 06:02:42 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 22276
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKc9as5kuL%2FfEmOGm3Z%2FD%2FPD%2BLwh%2FD5UPxVfmQ8guRsaGGyRUKuLmWKHdKqJyUSjg7lt5HiEui7GY%2FsbdXKVskezMgJLuB3QRPFokJso4wp1uAf2UnT%2BqvZ%2B4qLQHvP8D0H0ACY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c77858b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn-dt.fcdn.info/swpush.min.js

104.21.234.87

200 OK

0 B

URL HTTP/2
cdn-dt.fcdn.info/swpush.min.js
IP
104.21.234.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 80611
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgddPHzvMSSWT9mgJyZbgiw1YpUzRUqG4ZDDiNlz4b%2BEfskngNbp3KLytZ%2BoVk8YnOz2ECJffqY5r%2BnDZ3Vm2AuQ1gmUnx3S%2BvCCos81rMUgBZSYciIR6Hw86lkmiIglQ6Xj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790167c8286d7737-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/privacy-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:59 GMT
content-type: application/javascript
last-modified: Mon, 23 Jan 2023 11:05:52 GMT
etag: W/"63ce6a10-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cP9J9QL%2BH2IGwQelQMlXsX46bqKzOQFjCuoii%2FXJf9Vc9WY6vr9h3rafWjvSZf%2FPW7hv49uyN5Xa1zmJChCXO06%2BDciYuNvCjw8qT6L7Ox5hvmDKKy9o%2FFg3w6jeqJ9evXftqLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790167cc5f41b50c-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 29 Jan 2023 12:13:59 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa6l95h&sub1=38577&sub2=156696&sub3=frd

172.67.165.105

302 Found

0 B

URL HTTP/2
hotloveland.com/btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa6l95h&sub1=38577&sub2=156696&sub3=frd
IP
172.67.165.105:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /btB7xg2S?aid=bbzkkpgabx&kid=ggb&clickid=s8hnpa6l95h&sub1=38577&sub2=156696&sub3=frd HTTP/1.1
Host: hotloveland.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Fri, 27 Jan 2023 12:13:56 GMT
content-type: text/html; charset=UTF-8
location: https://m.luvmenow.com/click?pid=34496&offer_id=5246&sub1=s8hnpa6l95k&sub2=34496&sub3=21&sub4=s8hnpa6l95h&sub5=38577&sub6=156696&sub7=frd&sub8=
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
set-cookie: _subid=s8hnpa6l95k;Expires=Monday, 27-Feb-2023 12:13:56 GMT;Max-Age=2678400;Path=/
b0608=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NVwiOjE2NzQ4MjE2MzZ9LFwiY2FtcGFpZ25zXCI6e1wiMjFcIjoxNjc0ODIxNjM2fSxcInRpbWVcIjoxNjc0ODIxNjM2fSJ9.6jtwwDbR-_7LZHRhdt49bEJab5-CkfKgg8FBpD6kPns;Expires=Monday, 24-Feb-2076 00:27:52 GMT;Max-Age=1674908036;Path=/
_token=uuid_s8hnpa6l95k_s8hnpa6l95k63d3c00453bc39.16440224;Expires=Monday, 27-Feb-2023 12:13:56 GMT;Max-Age=2678400;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7DRq7KSexI983xO%2BPSYK%2BFSEEEnele41PlHhH5IZ3YaKkNSO3heRqHY2fv6gEtDmBue0bzWQ2wl0e9LZHC4H5zksIOIaU0PwnOkGWIKB6a%2B%2B6PokQL2tdft%2FZWcEYYnSiTY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167ba7dc4b4e8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/js/jquery.min.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/jquery.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/jquery.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 06:02:42 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 22276
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79IGOVIlw31LdRSgFqlhkPPalulHO%2Bzbqu0qI0Me439r%2FEUGV85FgieHoWOyaVREzRupon6%2BvBZ70B9WDtwAWh5I0VM6%2BY7codKqig4mDM%2BAWMGLOICXfxX9W5KuWzjobj6alAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c7785db50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/unsubscribe.html

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/unsubscribe.html
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/unsubscribe.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:59 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Fri, 27 Jan 2023 12:18:59 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LeXPKYbwmEFsVWfNOXFzyzqztEw7hRqZiMSYzEozXZg8n%2BERT0ke8LDDN52gB6WzjkmF%2B%2Bg07TOqK4AIk9%2BBzrjY3L7U7%2BH%2FXMbassN4z85kksU9nVUBQ%2FdoVfry7t9b%2BBTues%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167cb2d9ab50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnjam.com/cdn/sdialog.min.css?_=4

188.114.97.1

200 OK

0 B

URL HTTP/2
cdnjam.com/cdn/sdialog.min.css?_=4
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:14:00 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 687
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hA4bfkC93Yk8%2B7N9nhXgQkTIq77LoYp%2FYlTABc7MSpq6SzNLC%2Fa1P8fQRqolzm%2FRaBAOgNDWqKs15livFAQTpJzChWlK%2BCxXvkAPomGN2ZXUHzFpNM3WhCXUbIOb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167d2fc07b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum=

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum=
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/n.php?cep=e_5Rkou81B8W_PfhJRNowwcebT-_DOw1uLWpq9Xc_aigD8gWA3_38n-llJi3UcFFlptSNLbpjhHBCcCtp6CSmCXsot1TkDWt_QqmLzhQSgpBzDqJf9qcVudQt46U8M4JkkCa3c4A8HnogJqiaq0NajF2HA1rCyIh37_ppXt-C9bjP_RgzSiBYLLXOb2j4ouG23FShdX2vSX_2BVyoJMn6ZQy86bQgqlwsOnjabN0Mv9QoETg0tRWFnoKtUTTg-dY0BGmPwRLk07JhzW3yAPl3FoC13puRoqKsj18bIbSNhzPQmV-3hZFe0t4ucOhiJs-26xVtnb1J4LdCn-IS1NbT4t08K_Diyus5gEJPuDAY_Sy3GyMNv4MeUY4UWjVY4cMWKhJnjkFJhElfQ5pcUNafN1JreVjVS_goKvtZ6nojW8&lptoken=169574d882863412379e&external_id=36197-742559630&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://orest-vlv.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Fri, 27 Jan 2023 12:18:58 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CYRmG3bxGERvAbLxCqKuM8O2MQYZ0MbmA8NdRxQszKWIy3VPnDDkvnl8XEXsetNDMKJvoZ7579GyuHxK2644sDEljyJcqmJh6HKyyXgYITJIDEXULLgL%2BcBOeC2VuqHq%2BqBUaU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c3cbc4b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 06:02:42 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 22276
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAfonKIVeHaGKjjAIpEthSFUnaYmsidrs51N851DRBlesTCi%2Fv%2F%2BZsiay7pKAr2MCMnqDFPPCZJ592oHbKMvdU40%2BbqwZvxuXozfthhNIJ6E3EhNfU7He9Hs3MihrsUHjsvy4dE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c7886ab50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/js/langs.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/langs.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=7419
expires: Sat, 28 Jan 2023 10:03:31 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 7827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6S09Nl4TsFigbGTWZ0rYoz4gGaGo8l5oNuBJQKJFT4gbT4oGFg1t4QmvAF21OWokpDsYC3As8SNwOSFSGOagwwC5dFYOAri2%2BHZfKx3Rq2tMoLUmLLcnMQ2gb4N1Pt%2BalDRcSE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c7886db50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/additional-methods.min.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:58 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 28 Jan 2023 06:02:42 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 22276
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xn8Ky344x%2BXzBCbskxSVk%2FX5QfkQMm%2BV1Vrka9r8IhqEkTfP2FwM6jy0C7QTl9bPmqaNR6R065j5dLUoyWiO3YLFRqHHTD5niFxBH9Unh1xsVcGxHvft%2BEvQSLxIWqGIC2Gs5YI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 790167c7886bb50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/favicon.ico

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/favicon.ico
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Fri, 27 Jan 2023 12:13:59 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 10467117
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwVc2RHvTtdMtmi30vKJqaU7%2FnzPhqIY6EyUfMFPWnbojTPMhZKqlvPqRm7oRt%2Bt%2B0Nyli%2FvU%2FqIvj3sUOw3rFKHwJDC7sfrbfNxFvZOJBOirXghq%2B2NusfFiDQ9Fi9YabnhJUg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790167cc8f98b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML