Overview

URLfordats.com/?a=16295&c=43694&p=r&s1=&s2=a_6383cfbcd4d9950001107dc8&s4=31423&ckmguid=a3041a98-030c-4ee3-bff7-e334fad9b1f7
IP 52.18.157.191 (Ireland)
ASN#16509 AMAZON-02
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-27 21:00:54 UTC
StatusLoading report..
IDS alerts0
Blocklist alert10
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.149.83.187
mycasualhookups.com (16) 0 2016-03-19 22:05:44 UTC 2022-11-27 14:53:57 UTC 104.26.12.87 Unknown ranking
cdn-dt.fcdn.info (1) 230544 2019-03-21 02:06:06 UTC 2022-11-27 15:30:39 UTC 104.21.234.86
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-27 05:29:56 UTC 34.102.187.140
bl.trackham.com (1) 0 No data No data 18.193.146.82 Unknown ranking
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
ocsp.pki.goog (1) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
img-getpocket.cdn.mozilla.net (5) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-27 05:29:57 UTC 34.117.237.239
app.api-push.com (1) 307671 2021-12-06 12:20:56 UTC 2022-11-27 13:15:03 UTC 172.64.139.29
subscribe.api-push.com (1) 0 2022-06-02 01:41:52 UTC 2022-11-27 15:30:39 UTC 172.64.139.29 Domain (api-push.com) ranked at: 61402
fordats.com (1) 0 2020-01-16 16:22:18 UTC 2022-11-27 13:15:09 UTC 54.154.42.150 Unknown ranking
r3.o.lencr.org (5) 344 No data No data 23.36.76.226

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-27 2 mycasualhookups.com/sl/common/js/main.js?1669582844 Phishing
2022-11-27 2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js Phishing
2022-11-27 2 mycasualhookups.com/sl/html/EN3/js/langs.js Phishing
2022-11-27 2 mycasualhookups.com/sl/common/js/common-langs.js Phishing
2022-11-27 2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js Phishing
2022-11-27 2 mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js Phishing
2022-11-27 2 mycasualhookups.com/sl/html/EN3/js/config.js Phishing
2022-11-27 2 mycasualhookups.com/sl/html/EN3/js/functions.js Phishing
2022-11-27 2 mycasualhookups.com/sl/common/css/style.css?1669582844 Phishing
2022-11-27 2 mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 52.18.157.191
Date UQ / IDS / BL URL IP
2022-12-13 12:32:42 +0000 0 - 0 - 12 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_639 (...) 52.18.157.191
2022-12-12 14:28:50 +0000 0 - 0 - 14 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_639 (...) 52.18.157.191
2022-12-10 22:19:07 +0000 0 - 0 - 10 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_639 (...) 52.18.157.191
2022-12-10 15:26:29 +0000 0 - 0 - 11 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_639 (...) 52.18.157.191
2022-12-02 12:20:10 +0000 0 - 0 - 12 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_638 (...) 52.18.157.191


Last 5 reports on ASN: AMAZON-02
Date UQ / IDS / BL URL IP
2023-02-08 10:48:36 +0000 0 - 2 - 1 michaelortiz.com/ 15.197.142.173
2023-02-08 10:38:56 +0000 0 - 1 - 0 doisdsteel.com/ 15.197.130.221
2023-02-08 10:36:13 +0000 0 - 3 - 0 forkidsplus.com/running-games-for-kids/ 18.158.98.109
2023-02-08 10:32:54 +0000 0 - 0 - 2 status.o2alerts.com/ 54.230.111.17
2023-02-08 10:22:49 +0000 0 - 1 - 0 x.febooti.com/downloads/files/febootimail80.msi 54.230.111.5


Last 5 reports on domain: fordats.com
Date UQ / IDS / BL URL IP
2023-02-05 21:04:45 +0000 0 - 0 - 11 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63e (...) 52.51.210.211
2023-02-05 21:04:39 +0000 0 - 0 - 13 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63e (...) 34.242.116.152
2023-01-20 08:36:05 +0000 0 - 0 - 15 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63c (...) 52.51.210.211
2023-01-19 03:31:06 +0000 0 - 0 - 11 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63c (...) 52.51.210.211
2023-01-19 01:43:15 +0000 0 - 0 - 10 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63c (...) 52.19.202.187


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-06 06:37:13 +0000 0 - 0 - 10 winandlove.com/NNBXhz6j?aid=gdbbkfhdk&kid=fda (...) 104.21.76.186
2023-02-05 21:04:45 +0000 0 - 0 - 11 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63e (...) 52.51.210.211
2023-02-05 21:04:24 +0000 0 - 0 - 12 bl.trackham.com/f9908105-7257-45be-97c0-99904 (...) 18.193.146.82
2023-02-04 00:10:51 +0000 0 - 0 - 10 toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63 (...) 52.19.202.187
2023-02-02 19:52:10 +0000 0 - 0 - 10 www.toptools100.com/cgi-bin-py/catchyoutube_m (...) 69.16.230.42

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (41)


Request Response
                                        
                                            GET /?a=16295&c=43694&p=r&s1=&s2=a_6383cfbcd4d9950001107dc8&s4=31423&ckmguid=a3041a98-030c-4ee3-bff7-e334fad9b1f7 HTTP/1.1 
Host: fordats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         54.154.42.150
HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sun, 27 Nov 2022 21:00:43 GMT
content-length: 234
cache-control: private
location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738422021&source=16295&sum=#p#
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: sid=oLYZ46EXt0gbX0Zh6qmutlbljnsqHWZNg1YzQONviJ7kSoD656ilWA==; domain=.fordats.com; path=/; HttpOnly trk=ywTV5TAqUKxlQf0lAaaYSFbljnsqHWZNg1YzQONviJ7kSoD656ilWA==; domain=.fordats.com; expires=Wed, 27-Nov-2024 21:00:43 GMT; path=/; HttpOnly c36197=oLYZ46EXt0jT48xEH65QG/72PeiS7FJtCVtFglKz8EBeCUghiDE1Zg==; domain=.fordats.com; expires=Tue, 27-Dec-2022 21:00:43 GMT; path=/; HttpOnly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   234
Md5:    9d0d57cb79458081fa0c609882cf6acb
Sha1:   39edd9446fbd4e6fa7a594183d9cead7e61a443b
Sha256: d5f4faa70f586fefeb57df674fa38dc2e37ca528d360aa7cdff657bbb80287ce
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3364
Expires: Sun, 27 Nov 2022 21:56:47 GMT
Date: Sun, 27 Nov 2022 21:00:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4683
Cache-Control: max-age=139713
Date: Sun, 27 Nov 2022 21:00:43 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:49:16 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 20:17:41 GMT
cache-control: public,max-age=3600
age: 2582
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2372
Expires: Sun, 27 Nov 2022 21:40:15 GMT
Date: Sun, 27 Nov 2022 21:00:43 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: grFr9uIAZGHDI6C8Eefu2EAtGu50ao+ZMRVbQRafytsos9F0wD/1bYhdGr4hzW4zrhA5OuBMOFM=
x-amz-request-id: XYR8ATX4D0KKN0QB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 20:44:46 GMT
age: 957
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738422021&source=16295&sum= HTTP/1.1 
Host: bl.trackham.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=xXFpkM_XgRc5DEwd90GLgbXViBuXrT9VocnBlZ0fTgc; cep-v4=6_X4nccd6n2PPXwuEtvFFO3SCBVlXMpO1kiN0FPQfoi4PtBmc8zJf2gyb2cKQyGRfmg472sGKPeDkMVXMvcZLENtxf5zYifUHjEcm_4sBF5_whPwZOk4HhR5YXDoNMO9-yCmU9Ag4cBlGDlAWm3vBaRwHsmcSG9YKpzJ9MsiG22CnoGjruwNfmg6LGv9BeB9HbTrsDICEV2lRncnFapkO9Dxb0ALcf4-sEkjPvOTX8MczF-kgmgmboRSmIebr4SB4wZcq6HQHVxcNMRnBHB3Hv1IwiDzbAiH5QKX_iO5FfCs04tl0B181SVpO_tPt_KnL7loFSiuVC7YlGMkfydbhtV09JAGwgqpn0y4uH3ZURHAq8Xx525tGsL-ia0sRnC9AbFCEFn7k-5HYLoItJ5I3g
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         18.193.146.82
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 27 Nov 2022 21:00:43 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/EN3/n.php?cep=PhY9ernoaD9KL1W56eRUwLEfOnGnKDjxU9EWjGkgbrnYJkV1_CBHVqCYU7K8WOG94qd08tTfWL4URmT0QOh8dLLOkkyFP_UPDiW5U_zz3rrBlWLGzsOB9qoAjvAG_TLUPhRFrCJqhaBChNr4pdHL7cezuAH7B6ddZjVaWPDWdPJWb5jvxnVFE02bf8PJ3KIj5C8GH0bBozYICguLv_7JmNTABXTtA5uTI6Xkxv53oqgurxRuiNVrhSblimvoR0n_oIfHWXUSFilFjts29noFtqh3c5gsg7UJDxP4H7q6OSTf9fDmKX3rWzJV263LmJpHV_vybV4s9lzFwKjjamZ5ExBscSla_zojqcpYooZY-rJoaN64w5qB3bRFJTOYCcK7bVstN-9ZnlgJMhcOM2v_Hg&lptoken=164c696958c34653438f&external_id=36197-738422021&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=NOu9RQkQJ7jBXcbc4h7ty75hWnTcFX7U-SjZT1hDOus; Max-Age=86400; Expires=Mon, 28-Nov-2022 21:00:43 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None cep-v4=edOdsmVscNNnwCJST5-RvcULbWVcbjOL2MinqrT56qPTO-W1-EoDha-tOAW8u9ceQioFtnKANnXklT2PVebcc4VZO3nAdR-GZT0cbDjQgP7j_LS49EQgLhYS08I80WQwC7KU_WHuAck0sGZs_rJh_8i4oDI6QqQTyRGxYA4iDxXV4VN0wARM1Rf7VtBqomdOANofelo4xXTrdsfhJl7DN6IVCmqB3RiLxw4U9YAO4Ii56PYJ67xF6n-tyICtMvJNgiZfWJ5EAqp6gqGlnSMOrAzBgBekHJLj0iTgpDoPte4k9AfrRxnTQrFh4l3aJTqFF9Ih70ZkGV7OGqosvG23nuh2LIoX3oBV5oZ1-yZcLvOcwggeZQikKkLhwx6u8vEZaFxXvSrU8ABcBwQhkiJmTw; Max-Age=86400; Expires=Mon, 28-Nov-2022 21:00:43 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 27 Nov 2022 21:00:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST /s/gts1p5/Dt6OUty8wSY HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 27 Nov 2022 21:00:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 20:08:54 GMT
cache-control: public,max-age=3600
age: 3109
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5950
Cache-Control: max-age=135918
Date: Sun, 27 Nov 2022 21:00:44 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:46:02 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JAZT3/FDboFMPYPAVMKhzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.149.83.187
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Vy6Mr5aPG4HFkSn9YoewL4Yq6Ew=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 53
Cache-Control: max-age=90810
Date: Sun, 27 Nov 2022 21:00:44 GMT
Etag: "63828f81-117"
Expires: Mon, 28 Nov 2022 22:14:14 GMT
Last-Modified: Sat, 26 Nov 2022 22:13:21 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /sl/html/EN3/css/style.css HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=13343
expires: Mon, 28 Nov 2022 19:40:30 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 4814
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbIoT4ckGhkOh%2B69T3ALxnMWultm4F7XG3g01b%2BJm9xp%2FQhp6Iyxy5med55CfL9dVy%2BouST6PAXgJcYsi%2F9mTEvsa%2ByvIWhcsdUFehOWQgsOJVLh%2FNr8C6EuYim5N2XY%2Fj%2F%2B4l0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d7bfabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9493), with no line terminators
Size:   2914
Md5:    22b86b6243178ce1ef9ff3208e1d242c
Sha1:   ea2f4ca083a195ea8575d74de002a0753650f6ed
Sha256: 410b68033c226efa2361df811954addf844e8cd07c58779e9d1284944808ef71
                                        
                                            OPTIONS /get-keys HTTP/1.1 
Host: app.api-push.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.139.29
HTTP/2 204 No Content
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGtm9g2Ra6CXTmm7GT5xGS%2Fd%2Bq%2BVZZp11mvZoQmlMRGs9ztnURl7DAZrhRI6gM6QMvG4uN5D0jVr%2BDshScY3Sa1op69TLfrFsXG4pUYe8hMGrSxUZCd1U8NiuojcBE7zg%2Fhb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb8b1ef9d170-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /sl/html/EN3/images/m1.jpg HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
content-length: 199421
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 28 Nov 2022 19:40:31 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 4813
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzeSrxP7%2B7Fo7pqRrciZfz%2BLboJWCOT%2B1ut6AN62Cs2QYL7gD%2F%2ByO%2B9DFbblTbtV%2FFhHdQyhu79OApVdl1RbAsp%2Bm8T2Vmf38Tcjkh1QhD79VO7DKdpmfcv9sbZ1AKFubOSYVBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770dcb8c89d8fabc-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x829, components 3\012- data
Size:   199421
Md5:    6e93b97d9d9f1ce77eda101b7e7cecb9
Sha1:   d05111c47a268204ce75b03bef4bb4e04ff9a8c8
Sha256: e0eac4580020331eaa31dc1ff731b92baf5cbb76db453b3e54ff912cd5aba0b7
                                        
                                            GET /sl/html/EN3/images/m3.jpg HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
content-length: 20890
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 28 Nov 2022 19:40:31 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 4813
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoT9YNkbI7nYXXhHQ6%2BXwJ2ZkXikq7vxqtdwrvEoq9qOUb7aObCq0CH3QAmrGVBws%2FZ64MHklWtR8W%2B7vX%2B2IMjbPntMUX7HY6PFOhcf3wYkv7fpaV31PRxZ8kvR%2BKY0qPLURwc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770dcb8c89dcfabc-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x400, components 3\012- data
Size:   20890
Md5:    c698f5bab1daf1f3745ff2b31e4b5dc3
Sha1:   a175e04604ee3fd474d9818f52f193ff3e7784a0
Sha256: 672edb2ed70499efa3d65fc0eead7f24337897b874228c230c78c334c3ac0cb4
                                        
                                            GET /sl/common/js/main.js?1669582844 HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 28 Nov 2022 21:00:44 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPARXpuwyKczCLv%2F%2F4I5gKTV529Klmrx1Yynw7BTBN7dtAa2UAW9uW378gVYl68RO%2FSIpKIcnYv2Yu1jbfS51%2F0lXlQCmt01fuKqC66zIH7xnFqzb2oGZNn4p6o%2BmQtX%2BKwbvJ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d99fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   210387
Md5:    0a8bba4f4f94c6673eb05e277e98e94c
Sha1:   1f3a33e50df15b61f6df9f6f8d76e2b984c7144b
Sha256: 7da3edf657c879969dea32d438d7e7c0bbed08b8d40a077f6d1ef4ec18d45104

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/EN3/images/1.jpg HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
content-length: 141134
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 28 Nov 2022 19:40:31 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 4813
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQVsoWqsjPgMvwfL%2FYcPIEpdycVnWCJEOIT3MeVmubrcXXTjT5XOibV61e6gPHqMbtii31q2ZXMXQkpfc2w7oSA2JYpBCL2gI%2FYld%2BailqcVzGjPXI8cXi67v3M0kSvmxHvNhEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770dcb8c89defabc-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x900, components 3\012- data
Size:   141134
Md5:    f0bb581fd22d0a746e70159e693678e2
Sha1:   9a0afa1464b37253d19c4ed003854122d300cf8c
Sha256: ed1763dc59e14b6d0731a7b4cebd0e8ef91e2048a04744643b5faef25ec5d01d
                                        
                                            OPTIONS /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1 
Host: subscribe.api-push.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.139.29
HTTP/2 204 No Content
                                        
date: Sun, 27 Nov 2022 21:00:45 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp8QavyDQKWwzxm8YmuMnsCWwd05bHJNQqy%2BAMPyT%2BtT2cEt9u3fkR0tCsrZ9Wb79LPGmp0%2Bb5Mz0WhdxqiIFDPxBrXNr0dbCwWodybeHjVYhXlUhKszBjxcCc52L4DBG9ILMNKE8y13"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb8e0d79d170-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3672
Expires: Sun, 27 Nov 2022 22:01:57 GMT
Date: Sun, 27 Nov 2022 21:00:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3672
Expires: Sun, 27 Nov 2022 22:01:57 GMT
Date: Sun, 27 Nov 2022 21:00:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3672
Expires: Sun, 27 Nov 2022 22:01:57 GMT
Date: Sun, 27 Nov 2022 21:00:45 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8817
x-amzn-requestid: 31bd21c7-1d75-4159-af51-52035da16da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b-krGE6AIAMF2Kg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c1b13-32a7b9c6642592c70783a0cf;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 00:42:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6egDH0h7D08HhaoQHQ0vgghBhPfje2lGIbnWD-t7p4txzHsFxmZfg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 16:15:23 GMT
age: 17122
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8817
Md5:    741ddfb19764ac9a77509e7e87cfbfb2
Sha1:   308c08784ce4a0757cbd112807555b83e17a1d56
Sha256: e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 83437
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7380
Md5:    76c00eceed956377d7469ef58b0815cb
Sha1:   97a135335f5b1b042adeb385718f8808cb78528b
Sha256: 81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 02:31:24 GMT
age: 66561
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4309
Md5:    841a4b110022a99ddea6f7bf66df0fa1
Sha1:   126771b86638108050cf57c0d12faa27f80f0edb
Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
                                        
                                            GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 28 Nov 2022 16:48:43 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 15120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQo4KYZkzf3tYZ9ufo8dmJDQa7%2B%2B9Cu3FfgmUTHv%2BA7%2BBiiEpndLdEQF%2BMLTiqTpiYVzbOdYgss5uPFi9G0KvSSsRV59iw%2BUmg6EpfZbHwvj4AYCP0VV2WwyvwdvSmil%2BSXaRCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d8cfabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (17654)
Size:   15708
Md5:    1f02d9611032d348e7efe9c11a6d678a
Sha1:   d434aad2c1ee461f11fad11a376f63ae92e6848e
Sha256: 91e682cdb2f0aea0e94276b97ab733d523983c4fa3d3201a603bfbafe15e70e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/EN3/js/langs.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=38889
expires: Mon, 28 Nov 2022 00:12:25 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 74899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMhCldS6p2vFs2ZGEXAdIhP6jWcuo38xK5LhrtzLJbfW3IkZiA2X0W6dCw3oXP2TkbBI7fIIiderH%2BWwVTIgvIzMvf6itWySa%2BojOiB57b4RTCuVQUrPZMCZWwZmp7RA8pNgQkY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d90fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (28459), with no line terminators
Size:   20546
Md5:    57c7dd4a380f6492d4a86494604db22e
Sha1:   7f4b73f4acbdcd52a806584684c823664f4da771
Sha256: 0ed335c4e799e417e0dcecb8657262a8bd6d938baac02a0303e6cb6bedb97eed

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 20:58:19 GMT
age: 146
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8387
Md5:    4e97baa4851785eac92c719abf481c64
Sha1:   c32a57038d3cdbc514c9081c9938eca6a04fb481
Sha256: adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3723
Cache-Control: max-age=150235
Date: Sun, 27 Nov 2022 21:00:46 GMT
Etag: "6383694e-118"
Expires: Tue, 29 Nov 2022 14:44:41 GMT
Last-Modified: Sun, 27 Nov 2022 13:42:38 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 69244
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13049
Md5:    1db6041a0bdb2319ae85afcc30caaeec
Sha1:   3b0ec6a7188dadf986f72fda8110296d9abd6f35
Sha256: 05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
                                        
                                            GET /sl/common/js/common-langs.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Mon, 28 Nov 2022 16:48:43 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 15120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeDaflFZOxgdF8LMTsNPJL2tw9V4RJsNIujVF79%2B97n26ey2SqK%2BElyc3DZ06MWEKVk%2Frvvw5cnx%2BXxURSKwhYOEBDm71WIrlb5jaonWGZjEXeBHPAae8KJnY%2F2kU9MXlFy6IGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d96fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 28 Nov 2022 16:48:43 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 15120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9tdei%2BmIbkDC%2B6%2Bm%2FBdMX%2BqKbbB%2FH01PCuEc%2FISbfnYWkAPmofX7WPRe8y7V54xxQTUc9WQ2VfQ7AzfShv57UM%2FEW5bmLVBifhQDPDkrafRZA%2F7P0BuoioJz7BknfO70ETa%2F2g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d89fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/common/favicon.ico HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5228322
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vqT%2B3ouXc7ULO1eZT55eVSkwk55100Xh45Xou9wLZXBhSjDLKYHpCD5xcEx6EEjvpQ3KKXvDivQOD4JQFu2URcUTTQlZh3ymvUk3IeS27Qyj7fXcCqlpLswy0IwKXM36bhWvsY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770dcb8c89d6fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 28 Nov 2022 16:48:43 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 15120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcsm%2BbTQgYf2OmzR3IDKoT0jJv%2F3KaiPPECGp9zwpz2kyzDWvCa1NNLEDyiPGxZdDWd8XIrByZqg1fV2eTqJGPaBvn1VHqmT6jyrx2yuWuv%2B2fPNwGk2QK%2B4lQsdaQHyeJ1kumM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d86fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/EN3/js/config.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Mon, 28 Nov 2022 00:12:25 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:26:18 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 74899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXwZbEc1eQerfV3BlbrXJYEgGqe9MgjUYgK%2BzZacKACr2uHhko5iWAmnPzYWs%2B8cm16orCnZtPFfdvRi0rmSmVJCTSH92rrIBepOPNttArt315k5yG%2Bbkf6NirHp8dUkxFVgFuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d93fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/EN3/js/functions.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=52042
expires: Mon, 28 Nov 2022 00:12:25 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 74898
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAwTHb76n42mJmbRwyMYq1URsLM4DZJZBgCeYv25ISeJ6r7Sf2NrYSbt3KM9Z%2F4i9K1fe%2FYzBFPFM5cUCzij1uZR%2B0zp8MrfRaC6SF2tW8zHTIhsPCvFPitm69LUiaFXu8GtxLw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d9cfabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /swpush.min.js HTTP/1.1 
Host: cdn-dt.fcdn.info
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.234.86
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 382519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwJBlsL6FaMKyXyHrrBY65xisHz6lmIAx%2BlKSzCQ7BmbXU6T2RxMXB1ic0saMlCPl7GFxEqw58wXi%2BdkuX4MiEngC%2FCqac5OkrJJ%2BAgczCJF7ZI%2FATAb9yeg1ZZhYxZkFO1q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770dcb8a4d827689-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sl/common/css/style.css?1669582844 HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 28 Nov 2022 21:00:44 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqb1wWZ2tZ0nNiXqM39B%2BCCn30LWDx4LvcxdRzasEM7KsJVnjSzwCfzKe%2FNp4C8YNVEy7HzYLuW87Jd1jv9zdCzW5w1nv9X9IwzcWnwLNi5Ds0R2xkaLb30lkTJcHT7DLJfHwgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb890d83fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/cookies-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 27 Nov 2022 21:00:45 GMT
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
etag: W/"637cd00d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhFa%2BrS5mjcWOiNtiXC5FxJFPfldaChwNv%2B7ke7NaZV3YVeLqntbX3P5xeK0dSXZB%2FFeHckrVqsxU8ME4O%2BuvnJrRaeYAGct4NwDdsDVwyaQovxqP%2FputqRelPzvIn3kpPB0Wi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770dcb8fddd8fabc-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 29 Nov 2022 21:00:45 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/EN3/n.php?cep=PhY9ernoaD9KL1W56eRUwLEfOnGnKDjxU9EWjGkgbrnYJkV1_CBHVqCYU7K8WOG94qd08tTfWL4URmT0QOh8dLLOkkyFP_UPDiW5U_zz3rrBlWLGzsOB9qoAjvAG_TLUPhRFrCJqhaBChNr4pdHL7cezuAH7B6ddZjVaWPDWdPJWb5jvxnVFE02bf8PJ3KIj5C8GH0bBozYICguLv_7JmNTABXTtA5uTI6Xkxv53oqgurxRuiNVrhSblimvoR0n_oIfHWXUSFilFjts29noFtqh3c5gsg7UJDxP4H7q6OSTf9fDmKX3rWzJV263LmJpHV_vybV4s9lzFwKjjamZ5ExBscSla_zojqcpYooZY-rJoaN64w5qB3bRFJTOYCcK7bVstN-9ZnlgJMhcOM2v_Hg&lptoken=164c696958c34653438f&external_id=36197-738422021&source=16295&sum= HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 27 Nov 2022 21:00:44 GMT
cache-control: max-age=300
expires: Sun, 27 Nov 2022 21:05:44 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FL8rIMcSVpkJFt12EujMpA%2Bd65FRERJUytj1mHxIA8%2FKFLouwsZwufrH0QnCF962cjhXzfmaDccs5vKNlW7tjsJG9L4Y4Qo9Rr7fT9ffeSW2weCkk8sBoi04IZdrMod3agNYZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770dcb84f869fabc-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---