URL: https://forwardsnlooks.com/getsdeals.php
Submission Tags: advance fee fraud malicious other fake review Search All
Submission: On February 13 via api from ZA — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 23 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is forwardsnlooks.com.
TLS certificate: Issued by E1 on January 27th 2022. Valid for: 3 months.
This is the only time forwardsnlooks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 4 198.54.116.160 22612 (NAMECHEAP...)
23 2
Apex Domain
Subdomains
Transfer
21 forwardsnlooks.com
forwardsnlooks.com
124 KB
4 forwardnlooks.com
forwardnlooks.com
416 B
23 2
Domain Requested by
21 forwardsnlooks.com forwardsnlooks.com
4 forwardnlooks.com 2 redirects forwardsnlooks.com
23 2

This site contains links to these domains. Also see Links.

Domain
forwardnlooks.com
Subject Issuer Validity Valid
*.forwardsnlooks.com
E1
2022-01-27 -
2022-04-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://forwardsnlooks.com/getsdeals.php
Frame ID: B9BC6A04DECB411426A70EF873C60EAA
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

Does this look legit?txfishingforum – Just another WordPress site

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

23
Requests

91 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

124 kB
Transfer

234 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://forwardnlooks.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1 HTTP 302
  • https://forwardnlooks.com/cgi-sys/suspendedpage.cgi?ver=5.8.1
Request Chain 21
  • https://forwardnlooks.com/wp-content/themes/forum/files/messagecellheader-background.gif HTTP 302
  • https://forwardnlooks.com/cgi-sys/suspendedpage.cgi

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request getsdeals.php
forwardsnlooks.com/
38 KB
6 KB
Document
General
Full URL
https://forwardsnlooks.com/getsdeals.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96c8df40a3e12d50a624aaf7f96381986375b5edcd6dacbc5fe91d84bb3e1934

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 13 Feb 2022 12:15:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rpJECtmPQQwjuKIyheHSDrjldgP6QwuTytO9WixOHBAT8LLHi3aG%2BF%2FGMmaFUPhTDs51%2Fk5wFp111i2imR0d0jExUPnIrDCSdxhUn6%2FadMjWKsra6BSVbvDIEBEfaKwowDXg0uN9df0u5qUIubBnwsc%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6dcdfb707d965a1f-MXP
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
template.css
forwardsnlooks.com/index_files/
4 KB
1 KB
Stylesheet
General
Full URL
https://forwardsnlooks.com/index_files/template.css
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f90dc3f2d4fb80e4b740e49737f9472c122e503d82a95e019f38aa428da1bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
W/"117b-5d349961b5400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nl%2BlMTuevf5ImHnTxF93OmIMNigCnQXHvWB7T%2BoWjA2v6wegrL8Aj061s6EE8rDlojkqGvfTxYLQF185fP6%2BTfLVdR2Pf54xI47as5l%2B4AF5t2%2FbILwvCEB6Rz0uxfYZrK%2F%2FIYmJmv%2F%2Btefwn6BeHE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dcdfb711f4f5a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-emoji-release.min.js
forwardsnlooks.com/index_files/
18 KB
5 KB
Script
General
Full URL
https://forwardsnlooks.com/index_files/wp-emoji-release.min.js
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
W/"4705-5d349961b5400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSA1XmZrsDBL9yF3AQkGzYH8p%2Bpfmg4AixJa3b62q95hliAtrdX%2FhajhEIrkqRr6skbGvsBBitdDgaEIiTizP5zjs%2BHb27O6v2VbQK4qZzJyd5JpKVkPvf7prQh2z%2BWi1%2FCeV3N5ev4MTJqDJgJcz34%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dcdfb711f5a5a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
forwardsnlooks.com/index_files/
79 KB
11 KB
Stylesheet
General
Full URL
https://forwardsnlooks.com/index_files/style.min.css
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
W/"13abe-5d349961b5400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkTT8NFpfO37vkyf5VWdsCfONBRkkq5z6ysa2TX1a53sRneTZ%2BuF7%2FwFg8CGDS7ubAS2%2Bfr4eNCUu4uPPZbVGhsUywooGDhNDLs81x564RJJO6cmAAZbcL9Z7hM2C%2Fx0A7tzgT%2BoYFj%2B5awmiB%2BCiqU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dcdfb711f5c5a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
forwardsnlooks.com/index_files/
819 B
765 B
Stylesheet
General
Full URL
https://forwardsnlooks.com/index_files/style.css
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd1e4c96831a2dd6a3e6e9e6c1173db5835d4261359ddc470b81f8fdd8a5e0b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:26 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
W/"333-5d349961b5400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIOSDS67U5YJix9kUVbZmG7%2FM0kE4oa1Kcdg%2B24NzsCg0TLahDYV5Gm5AQMByYyluDEUkvORgdnbQoSWiuO2JlCY0uOMGYOR1v6QpjETqbJygoNRUNAxPLfFu%2FjtWlFYipoo8kE7tDiGuKSNg13Oke8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dcdfb711f615a1f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo.gif
forwardsnlooks.com/index_files/
8 KB
9 KB
Image
General
Full URL
https://forwardsnlooks.com/index_files/logo.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6abe8c374a31e4a009b7cd16ddb8e52e074b9d097bbaf673281629b429ddb9ca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"2005-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gzn6wHAwpG9Vrinos567b7ZOclucjG7186cPsx9YoODy%2FB%2FFWI%2FMg4H40Ph3Ny8%2BKns5Jzr%2Ftf%2FaIoN19oASohpE5BO9hjzKZgQ%2Fm2cRNmMhyJyOW9Qo55mzfRydrcrAuH5Bm9L4%2FRxzta5IUijYoVc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71ade359f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8197
thread-open.gif
forwardsnlooks.com/index_files/
409 B
962 B
Image
General
Full URL
https://forwardsnlooks.com/index_files/thread-open.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d69a41192c564ec65a445c07cee5518dc62622c03faa40dc0cc29ec8ea2effa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"199-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2I4aWx6D%2FnrIt9znQeWQIhEhWcVL8zJcIM8gjncbp43bwe3IAg8lmIoM0vVZR%2FoH7WTl2BAy15TkeHJftfMW0P7Z0xx9cpm3nKGMpYRSGbI7mQDtSu47NEZU9XprFd0hG%2BDQphnWwcWIRRnWq7U6xH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71ade959f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
409
spacer.gif
forwardsnlooks.com/index_files/
45 B
602 B
Image
General
Full URL
https://forwardsnlooks.com/index_files/spacer.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ad867e15806f5ac77374f6cd45a9f180d0f6755be47d86b10a1e192442759c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"2d-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aY39SuTZnAx7PKUFqK7CER9y%2FWyeVbodrxk6YVd5wxUj%2FYJtTsc8GNja3iEn%2B%2B4z0%2Bgx3J1rJtL1Pdusy9N8hR6McvmDo9Lfa9%2FFsuQ8tIKREyx7P%2FYixzH3V%2BlXb0c%2FEKVYCbG9QnDVMXmMOA1lPMw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71adec59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
nav-messages.gif
forwardsnlooks.com/index_files/
178 B
732 B
Image
General
Full URL
https://forwardsnlooks.com/index_files/nav-messages.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a88e21168c82be5e703f27cf23a5f4a835a02d34e89ec2e090a00e6a3a251960

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"b2-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Feguqmw286O%2BkG6%2BA5bM%2F9xECFjBlSF%2BCJR1orq6jmtkeEi0VxAbjL1P0nH1HI0XTrha9I9MTW2xJgPJ32zn2U7IPkCR1NpUutqXSSKWC8j2IZ1JHQtQDqjuc%2B2939irSPINcTEfhELtzWmaIUcnqow%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71adf159f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
178
1000.gif
forwardsnlooks.com/index_files/
168 B
720 B
Image
General
Full URL
https://forwardsnlooks.com/index_files/1000.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e305eace68759fdf5e270935028eae1026a858b31d0af75048bcb71e14828cda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"a8-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hHVwno2gpgTCseufuxqXkzNEP0WE1vJb2u%2B4dO%2Few6MmVxYvd8tNWU0p9ih24qOwOXw9xkubYfbDGeTrCy6kPNXpwIcgA9DOIG5p8dVNoljxWk96Y5DdJD6OPS%2Be9MR65XhX3PoJMlr76UEoUqFdxaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71adf359f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
168
100.gif
forwardsnlooks.com/index_files/
168 B
719 B
Image
General
Full URL
https://forwardsnlooks.com/index_files/100.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
655dcd4450c75ca5961b50872aa0478111c2c029f86111895637755a7b3062ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"a8-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1S%2BDKO2dVKSCs2JKflI%2FluGPnTetxotxIYf%2F6Pvr60cbxZmhTBXldASQkirkD9G0nGcDX%2BaPhDqUOuvZlhHuTOKEFYBx6x46P0XFj2wT7foiiAn3Q5NNJMpOiw4ueIsB1A405Nvehpm8aayii2Xy1PM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71adfa59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
168
25.gif
forwardsnlooks.com/index_files/
168 B
719 B
Image
General
Full URL
https://forwardsnlooks.com/index_files/25.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e65f059cbe20b0b92084b1ebee445b31f311edae7c084d290c1a0f2c5a401c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"a8-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4AFqUpvFuXDjn4sPirU0jt0xjOFIJ05mWKYG%2FL5CcfVpUsdWb1cKQu4HAA3JdhFzlrm8VThyxKzanDhIJ6WuHAvkxf0ZiO326PdrkC%2B7XLlqyBYUZ2bdWJ%2BCYF5yit38CbRBv7W40U4SiEPLkvL3JY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71adfc59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
168
message-top.gif
forwardsnlooks.com/index_files/
497 B
1 KB
Image
General
Full URL
https://forwardsnlooks.com/index_files/message-top.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97142811c5dc69016edc09c5a9fdb909981de3c10213b878dcc25ccd64ca5b4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"1f1-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIM4fvXny%2Bc%2FmIBMA0N56LeC2%2BRy8lRy4nPdm7PulAuyGtUa%2Fvqa9XxGnAhVqwHv2NjvYHV5SERZfiJgMXfFieLSXsyw8is1arfU%2BJsFUw10N0oy29M%2Fvyefid4Dn%2BI70FSViP3IxaTBYfT%2BeGqkzdo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71adff59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
497
message-bottom.gif
forwardsnlooks.com/index_files/
600 B
1 KB
Image
General
Full URL
https://forwardsnlooks.com/index_files/message-bottom.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
397e3a27f6bc82852a01b285987d0fb3af0bdc5d5209fb6459e281a27dae9091

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"258-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxM%2Bc%2FbiG0%2BspA9rwpp4jnfblsd4ITUgcWBpoULNfNjj0n4P3RAjdIQvsLNWZXEECIZ%2Fm33c27OGNgplcg35Y0xFYDEjAdPJAfx50opqqBsmBVrxZK8tjOwTsPqabhOhsPr26qrQm4I0ODPTaH5y4kI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71ae0259f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
600
img_2978.jpeg
forwardsnlooks.com/index_files/
9 KB
10 KB
Image
General
Full URL
https://forwardsnlooks.com/index_files/img_2978.jpeg
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be702145b64b3f77c16a37de2c8a09b645c1a86c2996dd7aee381cd351e8fb5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"25e6-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IzlkTLhYnQ7mHVrXMT91scEPz2SZE6soql3Vfynlh1ArQCA%2Bvj3gDk4YalaIutPeTcxeYN7t5Jl1Y2dpJ7jJb%2BsM5TRlVEjndqsXIs4Jr2EPiJiArq1%2BpDmYXdHTDYM7mfGAlE21QeWcf%2BmQRj6%2BAs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71ae0459f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9702
molson.jpg
forwardsnlooks.com/index_files/
5 KB
5 KB
Image
General
Full URL
https://forwardsnlooks.com/index_files/molson.jpg
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26948456cd7aba928c30d2315775029c5e45dc59e4b4d484a7eee3db4614fc57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"128a-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fbQGqmTcKclOk5MKDgqMjXG4bwSTB1sZj%2BRX%2BO9TxlCWo6tCVBUm6RQs6xkREPEVqcHoqAc%2BvRSyd8lYbcCQdkp0HuC8aVu%2BHX%2Bn7EcsBFck3UCtORCE5k5bKByxnQ6uA4uaInEbQApHC85n1QSG3R0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71ae0659f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4746
fin.jpg
forwardsnlooks.com/index_files/
21 KB
21 KB
Image
General
Full URL
https://forwardsnlooks.com/index_files/fin.jpg
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22db53e7cd58eb1e1dbdf937867dc70f0350d1f27a0d919ad0dfa2ec0d05e45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"52d8-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpwHmaki9mTWIyU%2FqzQRze%2B69DLmPFZiYl1RAd7OQbviCMwYIHBohe7rsCiZzant4Cwi7WDwvVHXB%2FvzEiVRuPYbNKRk6xBRnHbKB9%2BMj9jqRHQRj%2B2Bj%2BFtZPtS%2FZfvU24dxvqbZ7afMTGwFB8VjAI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71ae0859f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21208
desor.jpg
forwardsnlooks.com/index_files/
45 KB
45 KB
Image
General
Full URL
https://forwardsnlooks.com/index_files/desor.jpg
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
251f5e663ac65716e2d6c32a34de298ed527d52012a17bf05855e2da05486983

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
"b2bb-5d349961b5400"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5XTqFnuBsECBotSdTHRzb06cR12tHb3ntSv%2BNDPUYee%2B841M9q27UGx5OQWEhSrl6O54pvdJNSnY0skJQbqKUi0sQvEeQpxibyQu%2FhBa4LSji59CE%2FG4xNVnSbCbrN6VYxHndZfSoke721R1ZP%2FZiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
6dcdfb71ae0b59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45755
navigation.js
forwardsnlooks.com/index_files/
3 KB
2 KB
Script
General
Full URL
https://forwardsnlooks.com/index_files/navigation.js
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60e1017c6585464aa240b13f4074ab5ea100dcbdb72615124ff575bcc891a542

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
W/"ba0-5d349961b5400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2Fgj4jp5q2gsE%2Fl52d5xacE4WDhzW3uShxaZREqT6v%2BZoKqP%2FNJbZWTnafzVn0mZURXuuEEWQHyR%2BC99%2FIFyrTE63FdHiIukt20wwolwvYP6XwJCrb66S9srpU5uLDW3cSCUGYwQdmQb9p2G%2F7bnQb0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dcdfb71adda59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-embed.min.js
forwardsnlooks.com/index_files/
1 KB
1 KB
Script
General
Full URL
https://forwardsnlooks.com/index_files/wp-embed.min.js
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/getsdeals.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Dec 2021 20:51:28 GMT
server
cloudflare
etag
W/"592-5d349961b5400-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4L3Ivo%2B2WkikYmvcB8T5Qy1QRBCnrGL7WxJe%2BBJEfqssSQztUX8JyNPiDP9%2FcZxji68CK7O23OmuPsQ59KvYWxsAJcjQhNrWFOoahaPW4pVjytv%2FP4dOovtyADtEq3QGQSeD%2BHsbPmp1D%2F5gJy7wFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6dcdfb71adde59f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
suspendedpage.cgi
forwardnlooks.com/cgi-sys/
Redirect Chain
  • https://forwardnlooks.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
  • https://forwardnlooks.com/cgi-sys/suspendedpage.cgi?ver=5.8.1
0
0
Script
General
Full URL
https://forwardnlooks.com/cgi-sys/suspendedpage.cgi?ver=5.8.1
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H2
Server
198.54.116.160 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server90-5.web-hosting.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location
https://forwardnlooks.com/cgi-sys/suspendedpage.cgi?ver=5.8.1
date
Sun, 13 Feb 2022 12:15:27 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
683
content-type
text/html
background.gif
forwardsnlooks.com/index_files/
280 B
280 B
Image
General
Full URL
https://forwardsnlooks.com/index_files/background.gif
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/index_files/template.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d06d09fe2295a100ac5aa4957cb2ed4a7c454bb21b1ca8726efc0fbe20b908e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/index_files/template.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:15:27 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQAyfxqDL2RUUiC1L3%2BvWnzAmHqZoMBlhQghqRV04fNMzZButJtZmrKiSU4qOb5BCBXbJ4U2rdW%2Be4HX8KLy%2B7zSZLoVDsxFEoFsf1UnuGCK70NgvsJI2qzCIK8C0bglqvbL7NqMJv2adYTCdMAZZDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
6dcdfb71be1859f5-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
suspendedpage.cgi
forwardnlooks.com/cgi-sys/
Redirect Chain
  • https://forwardnlooks.com/wp-content/themes/forum/files/messagecellheader-background.gif
  • https://forwardnlooks.com/cgi-sys/suspendedpage.cgi
0
0
Image
General
Full URL
https://forwardnlooks.com/cgi-sys/suspendedpage.cgi
Requested by
Host: forwardsnlooks.com
URL: https://forwardsnlooks.com/getsdeals.php
Protocol
H2
Server
198.54.116.160 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server90-5.web-hosting.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://forwardsnlooks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

location
https://forwardnlooks.com/cgi-sys/suspendedpage.cgi
date
Sun, 13 Feb 2022 12:15:27 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by
LiteSpeed
server
LiteSpeed
content-length
683
content-type
text/html

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| _wpemojiSettings object| wp object| twemoji

0 Cookies

3 Console Messages

Source Level URL
Text
security warning URL: https://forwardsnlooks.com/getsdeals.php(Line 85)
Message:
Mixed Content: The page at 'https://forwardsnlooks.com/getsdeals.php' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.forwardlook.net/forums/forums/thread-view.asp'. This endpoint should be made available over a secure connection.
security warning URL: https://forwardsnlooks.com/getsdeals.php(Line 475)
Message:
Mixed Content: The page at 'https://forwardsnlooks.com/getsdeals.php' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.forwardlook.net/forums/forums/forum-view.asp'. This endpoint should be made available over a secure connection.
network error URL: https://forwardsnlooks.com/index_files/background.gif
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

forwardnlooks.com
forwardsnlooks.com
198.54.116.160
2a06:98c1:3121::7
251f5e663ac65716e2d6c32a34de298ed527d52012a17bf05855e2da05486983
26948456cd7aba928c30d2315775029c5e45dc59e4b4d484a7eee3db4614fc57
2d69a41192c564ec65a445c07cee5518dc62622c03faa40dc0cc29ec8ea2effa
397e3a27f6bc82852a01b285987d0fb3af0bdc5d5209fb6459e281a27dae9091
3d06d09fe2295a100ac5aa4957cb2ed4a7c454bb21b1ca8726efc0fbe20b908e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60ad867e15806f5ac77374f6cd45a9f180d0f6755be47d86b10a1e192442759c
60e1017c6585464aa240b13f4074ab5ea100dcbdb72615124ff575bcc891a542
655dcd4450c75ca5961b50872aa0478111c2c029f86111895637755a7b3062ea
6abe8c374a31e4a009b7cd16ddb8e52e074b9d097bbaf673281629b429ddb9ca
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92f90dc3f2d4fb80e4b740e49737f9472c122e503d82a95e019f38aa428da1bd
96c8df40a3e12d50a624aaf7f96381986375b5edcd6dacbc5fe91d84bb3e1934
97142811c5dc69016edc09c5a9fdb909981de3c10213b878dcc25ccd64ca5b4c
a88e21168c82be5e703f27cf23a5f4a835a02d34e89ec2e090a00e6a3a251960
b22db53e7cd58eb1e1dbdf937867dc70f0350d1f27a0d919ad0dfa2ec0d05e45
bd1e4c96831a2dd6a3e6e9e6c1173db5835d4261359ddc470b81f8fdd8a5e0b5
be702145b64b3f77c16a37de2c8a09b645c1a86c2996dd7aee381cd351e8fb5d
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e305eace68759fdf5e270935028eae1026a858b31d0af75048bcb71e14828cda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e65f059cbe20b0b92084b1ebee445b31f311edae7c084d290c1a0f2c5a401c