| m.luvmenow.com/click?offer_id=5812&pid=31430&ref_id=2lo4i287a0pe3&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= |  104.21.11.83 | 302 Found | 0 B |
URL HTTP/1.1m.luvmenow.com/click?offer_id=5812&pid=31430&ref_id=2lo4i287a0pe3&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= IP104.21.11.83:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?offer_id=5812&pid=31430&ref_id=2lo4i287a0pe3&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 04 Dec 2022 00:01:52 GMT
Content-Length: 0
Connection: keep-alive
X-Adjust-Use-Original-Forwarded-For: 1
Location: https://t.luvmenow.com/sl?id=5fa2c8001a6e4b18792252fc&pid=31430&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8=
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc8nyk2RwJOEwN8uL3NLc5pHwbt62mTUYQrmClPQzr9xAAVXGJSRmnmATmIoyN%2Bv2jImGEh8pKfC0yzKeCP9ex1NReGUlv6tKcOLezlGKWk18wrTz2ZMSCKhB6eQsla%2BHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7740451d4ee8fab4-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ |  95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashcfec3d7283a9b66d2be426ce54d210f3 808c1feb1ba918951d1928c1f6bfc0c253262774 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12214
Expires: Sun, 04 Dec 2022 03:25:26 GMT
Date: Sun, 04 Dec 2022 00:01:52 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash67e9370f1bf3e4946a01f346eeae8966 aaab391d1134302d718de7a0d5edbedf884633e6 27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6591
Cache-Control: max-age=130751
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:52 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 12:21:03 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash55b4c61a1e99001307750e3647fe1102 7559f9f6770b7d3f45b723167062096312641e08 39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7034
Expires: Sun, 04 Dec 2022 01:59:06 GMT
Date: Sun, 04 Dec 2022 00:01:52 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 23:18:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2613
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ypaGgRgEWUYEBZu/9oXc0Z7okwwwL05cYATqIUwkqfABlCrwy4YRVGvSsj74Sv1Ln0rMR+nKDk+cN7EPrp7uSA==
x-amz-request-id: B6S9RK1JWD28Z7ZT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 23:47:19 GMT
age: 873
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:01:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 23:08:58 GMT
cache-control: public,max-age=3600
age: 3174
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hasha151c326c67e1abb747847c1427db76f 80885d30ef8ba867bf33c40b861976958a27493a de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6588
Cache-Control: max-age=125686
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:53 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:56:39 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 35.164.56.167 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.164.56.167:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mghOs61KOraKTXLFDn8RKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1+PrIxX1OK0Yy0XOK7+uubvDHTI=
|
|
| t.luvmenow.com/sl?id=5fa2c8001a6e4b18792252fc&pid=31430&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= | 172.67.165.172 | 302 Found | 0 B |
URL HTTP/2t.luvmenow.com/sl?id=5fa2c8001a6e4b18792252fc&pid=31430&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= IP172.67.165.172:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=5fa2c8001a6e4b18792252fc&pid=31430&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1
Host: t.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 04 Dec 2022 00:01:53 GMT
content-length: 0
location: https://t.luvmenow.com/click?pid=31430&offer_id=29&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4JU7W5sqAFjbps2KintRd1QHAIbWbiM8JactNXYOKMijV2CSUWbrUQeuw0qOLC0hbNPqQ%2FJd50skn1w9h86FaVw3vNZLpxP0%2FYc6yorsEfBqDzlvK8Q%2Fxn1eMTZKNND4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740451f6f1db529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| t.luvmenow.com/click?pid=31430&offer_id=29&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= | 172.67.165.172 | 302 Found | 0 B |
URL HTTP/2t.luvmenow.com/click?pid=31430&offer_id=29&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= IP172.67.165.172:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=31430&offer_id=29&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1
Host: t.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 302 Found
date: Sun, 04 Dec 2022 00:01:53 GMT
content-length: 0
location: https://t.luvmenow.com/click?pid=31430&offer_id=1521&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYHpGxP5sNkyp04yFO9QUBbg%2FOxJU7ioTDz%2Flypgdxd0%2FC%2FscwPG7ZtTZoL73SPHzJAQahq0YbdFx6GDNdhuFQqqNmuu9c6CIQmlbmmy8QvvU18xKkFkySPDbwp2Msq7qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045266cf2b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 313 B |
IP93.184.220.29:0
Hash3a5dd41d66a41d96a8c56462b30f378f 2c287b7ad1bef5456e5ae76feb311afa7f183783 a49c437f8626c5a5b71273281950cac65dc4fc6c695ad1879104ed760d75ff2f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4552
Cache-Control: max-age=90206
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:54 GMT
Etag: "638a8f08-139"
Expires: Mon, 05 Dec 2022 01:05:20 GMT
Last-Modified: Fri, 02 Dec 2022 23:49:28 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 313
|
|
| datify.g2afse.com/click?pid=31430&offer_id=5246&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= |  34.91.226.152 | 302 Found | 0 B |
URL HTTP/2datify.g2afse.com/click?pid=31430&offer_id=5246&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= IP34.91.226.152:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=31430&offer_id=5246&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1
Host: datify.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 00:01:54 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=638be37272803900010bcea7; expires=Mon, 04 Dec 2023 00:01:54 GMT; secure; SameSite=None
afoffers={"5246":1670112114}; expires=Mon, 04 Dec 2023 00:01:54 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hash2680d970133416562196c9c7f236b352 8bf8aacda99a6ec4f13927e2461022116c691aa5 3d0a333969a5b9338e05fc091fe54609d1ff34d46f8aa034ef501b0fdb827df4
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:01:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 07 Dec 2022 22:33:53 GMT
ETag: "8bf8aacda99a6ec4f13927e2461022116c691aa5"
Last-Modified: Sat, 03 Dec 2022 22:33:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7740452b0ab3b4f3-OSL
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 00:01:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 00:01:54 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 00:01:54 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14192d2-8c34-4d50-94dc-78122261fe84.jpeg | 34.120.237.76 | 200 OK | 6.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14192d2-8c34-4d50-94dc-78122261fe84.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha7ecd2134fe99ba94cb54759cabda754 7968f87626c48538b4d32e3dd2de243d926171ed 321b13c756e1f5b910587e5b2a0ce3435ff889e0ff79ff7dc18807a4e59ddccf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14192d2-8c34-4d50-94dc-78122261fe84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6007
x-amzn-requestid: 8df18e41-c953-4ccf-9270-5b88e112997d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsB8HBPoAMFjRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc072-054b813f68a6c2240ce1ab8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VESxX-O37ceZf7ezqsTJgqPNemSYvnLGwmx7aRp28DMPkA8bGVyBzA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:58:24 GMT
age: 7410
etag: "7968f87626c48538b4d32e3dd2de243d926171ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash14dcca2a9c4792d835ee709bcd947402 1d702df3a64258628f4124eafd580695f2d350af da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:26:43 GMT
age: 59711
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2c37ed587ee5e3fbdc8cab86ef1345f9 364a32a224b2cacc26b138d57a8945c191e537b1 3c66654da4670e0d5ec87afb6c62f0a420d90875c57b280710f2592269a9303e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8285
x-amzn-requestid: 882c673f-4e3f-4f84-a51d-bbac56f716eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAEWUoAMFWuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-3a2c571d6272b3493ec2a1c5;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wAFD-w3-gBFoOjjOYdnZRDPDkkeCf89uS38upjXPknfUZxtSxRpxvg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:50 GMT
age: 7744
etag: "364a32a224b2cacc26b138d57a8945c191e537b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash43309032a892c486f9985ef520df696e 36f4682ca6a33ff80ee02129c77e6f27e996ede0 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 7756
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg | 34.120.237.76 | 200 OK | 4.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc01fe1cccdb3b672bbade6d98217ffe9 a9a529dc9894827f6243a1bf57f81caa4fe88fc2 c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 8273
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg | 34.120.237.76 | 200 OK | 4.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1bdd9e42d71307b201929c3a38c745c6 8d3a7f830e57e936a1da8a001f3e78108b20c038 6e1063a755d64c8102867cd9b347eb83fca2c69af558f111abc46f523a8294da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4377
x-amzn-requestid: 33abcd00-02ec-47ba-9302-312453291913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb29cG53IAMFkGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d1ef-317a802f0f84d73949236b9f;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:58:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6rq82k7xO6aUJRsx-cb9j-_qk4p9L1WmMIoYyxAxXq6LQ1FlF_kdA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:56:23 GMT
age: 57931
etag: "8d3a7f830e57e936a1da8a001f3e78108b20c038"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430 |  54.154.42.150 | 302 Found | 269 B |
URL HTTP/1.1meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430 IP54.154.42.150:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash5f689759877cf39c83947dff7df7d52c debc37e99b96214a9dcd120687254af54cf1dd5d 036f3ee49bce10b61582619eb42144f780e6dc4c46c654f41c1e76678d4a3371
GET /?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 269
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 00:01:54 GMT
Location: https://fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430&ckmguid=067d5804-6cc9-4f73-a641-6462df92f94b
Connection: close
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hashc836a068a8acb2ae5b383763f545ece3 90530522b7cdb441137bd138f2f465a392200ef0 93157f898c63bd26fd529c0d174f06387ec01b921aeb58d61fbefa8a9b216e25
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:01:54 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 07 Dec 2022 22:39:57 GMT
ETag: "90530522b7cdb441137bd138f2f465a392200ef0"
Last-Modified: Sat, 03 Dec 2022 22:39:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7740452d4ce0b4f3-OSL
|
|
| fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430&ckmguid=067d5804-6cc9-4f73-a641-6462df92f94b | 34.242.160.154 | 302 Found | 234 B |
URL HTTP/1.1fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430&ckmguid=067d5804-6cc9-4f73-a641-6462df92f94b IP34.242.160.154:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash9646d1ee7e427c497e6edb8ae98383c3 87adb1d42bb447b9ffad795ab6b415c5d8ebb681 d5ef64bcf8c7935412f5650d567dd9d430ecfb6a0c518dd342093e6017c7205c
GET /?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430&ckmguid=067d5804-6cc9-4f73-a641-6462df92f94b HTTP/1.1
Host: fordats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 00:01:55 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738961958&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=F29aBHvsSJtCb0w7dKdawdnZWAOitpA8Jdf8JGdrNpSEVyy/ZOZlNA==; domain=.fordats.com; path=/; HttpOnly
trk=+H8Y+2wS6R1lQf0lAaaYSNnZWAOitpA8Jdf8JGdrNpSEVyy/ZOZlNA==; domain=.fordats.com; expires=Wed, 04-Dec-2024 00:01:53 GMT; path=/; HttpOnly
c36197=F29aBHvsSJuZi6rzN+Z2wcUAKUOh6VBpB25CpgPbJYleCUghiDE1Zg==; domain=.fordats.com; expires=Tue, 03-Jan-2023 00:01:53 GMT; path=/; HttpOnly
Connection: close
|
|
| bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738961958&source=16295&sum= |  18.193.146.82 | 302 Found | 0 B |
URL HTTP/2bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738961958&source=16295&sum= IP18.193.146.82:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738961958&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 00:01:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=rV8qA5M2KHVulPjX9c-ncB-Va_zH0tWVsIDu_o15YCo; Max-Age=86400; Expires=Mon, 05-Dec-2022 00:01:55 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=DSypXtRkj-DJIXyyWO44vBsqoQklpeEvhK9VZbmPI3JItzVrZdurZ26aJ9wrRdzn8ukEE1UY5pQu27OF4odB8kDEzEFaMoGral0RWV2dtQleM2Xd3bxcjoDZFfkfTXsp8lxoKkYVk29UPOnunVV-AAYCKBJ_9-WhRVsw1D22gNxdKl1oe319yKByOdK0TQePbE9L6M2zzILGO1qppzPHPWC16d8ht8es1W0VZl68LJJefpe8_k0LD0_weWNnYhZMSfwzFnDFTJRNzGobM7V8C9h5i9MQQH-cMtqAvnFDjBQTOpO6HNByHj2Xmz6tUD0xF4qy_HA-xfvGGWYaRUYfR1PpGqMinKxtMFvK-72HZInQrB-GPXrtWNVIPpNWtGeRm90Bd3zIdvtTI3GFLaqE2w; Max-Age=86400; Expires=Mon, 05-Dec-2022 00:01:55 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY | 142.250.74.131 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY IP142.250.74.131:0
Hash3c8438da05d216f73316d117af5081a4 f1cb85c22cfeadb10afc136ae95c4ae3b3dfbbb2 e755abff6cb64075930d0c73d465ab7ee6a7c34286aa65b3190a6ce5af788e87
POST /s/gts1p5/Dt6OUty8wSY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hash053d26573bdbbc0d2a3d91bd762167aa 74d75c1155d8459776bdfb6a22627835e1673f7b d796dbba48783c986acf04714e9f2d0a5d58e81393de79ed9503d965f1ba7430
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3891
Cache-Control: max-age=170171
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:56 GMT
Etag: "638bc9fc-117"
Expires: Mon, 05 Dec 2022 23:18:07 GMT
Last-Modified: Sat, 03 Dec 2022 22:13:16 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279
|
|
| cdn-dt.fcdn.info/swpush.min.js | 104.21.234.87 | 200 OK | 12 kB |
URL HTTP/2cdn-dt.fcdn.info/swpush.min.js IP104.21.234.87:0
File typeASCII text, with very long lines (34449) Hashae468fc2a2616152d17c27250498348a e492f5a7d2713314f072007c09912c5f3fee07dd 02a0acacd9b6341937af2a7123e506e0ba92749672566b81e15bdf90d9ed1877
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 911135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdtGV87X0ycw9NQBq8TEr15fC4%2FxcEaQJFDh7gFQeAJ164CBiJHlG3JWH2NeY6%2B0DaudbdWIHRC5rRe9v1n1mY1FUlVFZlHOrkEGhyKpp6Z8%2B63ZSruvqaMfANsp4UVb3AFF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404535aa097417-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash999e2810699805f508822dfef8a7941c 02223388c11ce158a03aeab09b2bff1fb2b9258b a9053eab6c72a3ad28a9de8df060d4b0580f6f6a7472a924878c77232f7a0320
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6435
Cache-Control: max-age=122689
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:56 GMT
Etag: "638b0692-118"
Expires: Mon, 05 Dec 2022 10:06:45 GMT
Last-Modified: Sat, 03 Dec 2022 08:19:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
|
|
| app.api-push.com/get-keys | 172.64.163.28 | 204 No Content | 0 B |
URL HTTP/2app.api-push.com/get-keys IP172.64.163.28:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 00:01:56 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x010NBIpTsgITKNAuuKvwH72mieEHHfxFupPDCAxXUQOttLjaQ4Z4jQLCWdZdgXvq%2B5IDudR5TasVw31ra9DUlG8Z9JNtM8aGt81sexSkFOVISblGUFqshYVJoogXA88cjEk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045367bdb76c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js | 104.26.13.87 | 200 OK | 32 kB |
URL HTTP/2mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js IP104.26.13.87:0
File typeASCII text, with very long lines (65451) Hashb2a4ee93c1b2cc3e24a4f190d49e607a 8bd144dae61c960d6c9c8d8428402df57f0020f8 ed23e870796f171f430a60357fee303c91cf21e1ce8284f5483aad41f5c03f8b
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 23668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQZh5PU9l8ZPlPtY3FvZsiNdkozZ9h%2FL%2B4lTN76Biuny2AuIEwwAjB40weH9x1327OJI5aREYWXfKSSJh6FjqfWSg3o9sK96vJAPjcD0T9jsep6GX7gW1nCboZ3PV8QV1uwqZcc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534be08b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/images/03.jpg | 104.26.13.87 | 200 OK | 58 kB |
URL HTTP/2mycasualhookups.com/sl/html/DE10/images/03.jpg IP104.26.13.87:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Cropped with ezgif.com", baseline, precision 8, 500x714, components 3\012- data Hash37bb1c4464d422fc75b5630e9ac8bebb 5e70235d897ab5e25a0905731d63a2e6fbbe0ff6 d9ee942a4d8314c9094d342445921f0c46f55adeae1aa51b15599338f73cf7de
GET /sl/html/DE10/images/03.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: image/jpeg
content-length: 58287
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73%2B6ACawZwlXe9LmtWkTH0rgTZP3gmquQezdDf3%2B934H6glKfaBR4s0SAHb%2Fx1ZB7NEmsYzlob07TDWC4HKHubxCgb%2F51qglZvO6G5LsY2tkMGLKFarSp8f6Wgyo3VHH0N82Kq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534ce36b517-OSL
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/images/02.jpg | 104.26.13.87 | 200 OK | 72 kB |
URL HTTP/2mycasualhookups.com/sl/html/DE10/images/02.jpg IP104.26.13.87:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x670, components 3\012- data Hash5a8b9b0560b1efd78ffc4b0a4b26d5dd 02c37f09435dd0df94fc9e291701cea61de47acd 69b803896c47dd6f767ec4475e28005b7a72b0273947a794391d857a93885a52
GET /sl/html/DE10/images/02.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: image/jpeg
content-length: 72269
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqIABgJl%2F5EvIJH0%2B8Hvw1AHpyEAYiRzmPt%2BqXCSqELuvT0NdqK3vZAosECbryBceHOvuaE4hghD1%2BlKSWUqStRgwwhAjk1ZfrsScaUs08u0n4WVA5djT%2BGwhEJbowRW%2F3ULvx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534ce28b517-OSL
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/images/01.jpg | 104.26.13.87 | 200 OK | 63 kB |
URL HTTP/2mycasualhookups.com/sl/html/DE10/images/01.jpg IP104.26.13.87:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x736, components 3\012- data Hash3a850bc7c7440247f8464289ab4c282c 3347973cd9aa7a79cf9c87ea147a586a0da7fa9a d62defeba698e9f156e1f6f777d28ff475a8abf37c9dc632005fda06cba77fc1
GET /sl/html/DE10/images/01.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: image/jpeg
content-length: 63047
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBSxDEjerYp5PQG%2BMn5hQOu%2Bdft1DvGqJwAseAMIocyrR8iM7EYCnR%2Blmc7bwc%2B%2BYN5VxRA6i39QFkj%2B3vftKesunIed5uX0cToWT9AGY1SJEduH4g%2BIy%2FR3NKDqTCRd2MoEHbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534ce24b517-OSL
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/images/05.gif | 104.26.13.87 | 200 OK | 295 kB |
URL HTTP/2mycasualhookups.com/sl/html/DE10/images/05.gif IP104.26.13.87:0
File typeGIF image data, version 89a, 250 x 176\012- data Size295 kB (295330 bytes) Hasha5d1782e371584dd39fc60be2654dc5e 3347cabe8d40b0b93dff953291e0452c0d81a6e0 7c19aaec94ee7eceeea4171c58384347af75fe5b01374e548c49d9d498b83fea
GET /sl/html/DE10/images/05.gif HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: image/gif
content-length: 295330
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEbrwGLFpRUCGXZHpFOBGhzcBm1t7E%2FtTm39cMHr0othxHlscurCrrRZEH1TKjcclQAXdEEpQEW3FioR8wPpuDq3ErI2O7je37ueJgkfdMsHThibG0S%2FPRr8huhuF1m%2F9N6unzw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534de47b517-OSL
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/images/04.jpg | 104.26.13.87 | 200 OK | 47 kB |
URL HTTP/2mycasualhookups.com/sl/html/DE10/images/04.jpg IP104.26.13.87:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x393, components 3\012- data Hash522d1fb81bd75e2160ce5fa2e05bcb80 bea0851dea66e6897cf9681055e34d4149d1f0fe 8305ef4314706cf7468a4d6230039a86c0120e284bd866f4c6b5cdf99d20206d
GET /sl/html/DE10/images/04.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: image/jpeg
content-length: 47131
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3xZ8Qj%2BQmaHRFqCmTuAuGf4KD3Q5LD8bIGKeULanK1hYZn5wvRJVgiX4dzhZ8%2FaZa1ASfdRNpMw%2FVtwgMcMTxirLX8il%2BQ2Cwzd6zDNreI7BL54goD1qthEcPPughcUaSuZb3c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534de42b517-OSL
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/js/custom.js | 104.26.13.87 | 200 OK | 36 kB |
URL HTTP/2mycasualhookups.com/sl/html/DE10/js/custom.js IP104.26.13.87:0
File typeASCII text, with very long lines (1382) Hashcf5cc3e7d6d6d4a62fee927724222820 18d62fea0e8866ebc40df484e75a9e3f01fdc06f d0113bbc549193116029fcb4b8fd196bc1cf517045ec976a0656d98a7bf4bd07
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sl/html/DE10/js/custom.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=130977
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hV2YD0JBOdDsDcrjpWkprOy8ZPfO4%2FTAVw3cFGM5C8ze6obbj64rbNKSDm2uGzkV5qvOX%2FIqfNzT7caD%2B85Wgx%2BbdqJDHVFqe9lbhvIV6pWzzarrlN4zf%2FGQUhKdpJ8lvmsaqvM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534be03b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:300,400,700 | 142.250.74.106 | 200 OK | 1.2 kB |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:300,400,700 IP142.250.74.106:0
Hashb36b9be38b78162ae5c21d0861681006 0709c86e4f360fdb917285971c3be8eb3c694779 a485491f627e394ae2ee781ebc1002f00c40fb1fe8e12c23f14c5921c4847590
GET /css?family=Open+Sans:300,400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 00:01:56 GMT
date: Sun, 04 Dec 2022 00:01:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| app.api-push.com/get-keys | 172.64.163.28 | 200 OK | 917 B |
URL HTTP/2app.api-push.com/get-keys IP172.64.163.28:0
File typeJSON data\012- , ASCII text, with very long lines (2116), with no line terminators Hash513e2d6f7c4afa7a467e568b61c21860 ac4f6c25cdb7c39831cb5fbb29145329a81abee4 a1d29eaf84ca426460dada1ebf6d4d2c709ad23201f8bc53d4f9dbdc65aa4d20
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLwdSGN0l00J0C8BKSIiZaSVkNbBABCJk4hrVW%2BAEu5kFyZsqnxktF4wicEXliLPydVfrq%2BgLtBEYfeC27SfcuXtRoc5qOpBg5kwN9YL%2FR1iWm4g4y9kGjTbW0OZ1ad8Iqer"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045370c5776c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashbaaba92c2ccd740f080a25a9ea5cb3ad 3322d5a9fb0b3a2ec83247eac9865234cbcefece 5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashbaaba92c2ccd740f080a25a9ea5cb3ad 3322d5a9fb0b3a2ec83247eac9865234cbcefece 5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashda9700d928847bca71f73dc9ca89bd1c 2f156a1557a7504da776ed9a82dc52563662be6f 428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mycasualhookups.com/sl/common/js/main.js?1670112115 | 104.26.13.87 | 200 OK | 47 kB |
URL HTTP/2mycasualhookups.com/sl/common/js/main.js?1670112115 IP104.26.13.87:0
Hash7977c9fdcb0b8b6d844a8ac2d3f91fc9 85b9464764885abb26bd899e76a4693b77002a75 d30a0617c149918581859ba43026a292463c5a04752e39405d762a5e6efdc5c7
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sl/common/js/main.js?1670112115 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 00:01:56 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFicaUF%2FFe5XGYgcG%2B97rD3UEEB335ULKF84j3u8FIsQ35aprqgettOq2J91TdtRqLleWIsTm8LpFn1zM1asOLtsXOltIGv7GZIBK4UNbpmkpFDnL18pJGwe9uIAEyIxVg%2FuzLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce22b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hashbaaba92c2ccd740f080a25a9ea5cb3ad 3322d5a9fb0b3a2ec83247eac9865234cbcefece 5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b | 172.64.163.28 | 200 OK | 5 B |
URL HTTP/2subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b IP172.64.163.28:0
File typeASCII text, with no line terminators Hash68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIqvEvZh3u5RZ41heQBhZ%2FwIFGIToy3kqUAZVU02iPHyFqGzM0k6vdK5D7BLzKxB4ErZJN1Grbx4mhcW7gD3npJe4%2FRJOdTFd2SGwSBHrfyVMmHMs3YC%2FSgpwKBuzAmcLAd6CrAWkCyO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045392e5576c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashadbe1ddce89059b54473bdfaa2544ac0 4ee6f50f8a8e1706b0c29151c5bd6abd267ad47f 77bf315dfca58e7b0004587fab89ac4cc9e574cf0ce5b87e1e02c4ef07a98621
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1563
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:01:57 GMT
Etag: "638b5250-117"
Last-Modified: Sat, 03 Dec 2022 23:35:54 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279
|
|
| cdnjam.com/cdn/sdialog.min.css?_=4 |  188.114.97.1 | 200 OK | 1.6 kB |
URL HTTP/2cdnjam.com/cdn/sdialog.min.css?_=4 IP188.114.97.1:0
File typeASCII text, with very long lines (6775) Hash2a0c146592842de336e7f1bfb7766117 f6c330aa79225167fa3193a3e6915cea0cbb7b30 399d0f65959a6e5e49c77d772a5aa93e5943e48470d3bf974f3a604e859c7a98
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:57 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 6897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKDObLjhJuKbxYbuY0swfWUk8ObXNhskJmbtshQdoy3qPZO98GpuVb69wYna%2FrcBhCr1SDNDsK%2Fi%2B505ej4gzAqNRkORQxm9rbEXqU0cT8lRjdaTcf5j4e5UKtfm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045415c83b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/js/lib/additional-methods.min.js | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/js/lib/additional-methods.min.js IP104.26.13.87:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 23668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPkw1YKmORW0HbEKaAKJ7ksjfbdGK7VIlZr4BIgakqU0P4mD%2BHLB1pRPWdi%2F%2BR98A0vkrlmYmjN0FjEY6hS34k%2FzFB4hFDQvLyV%2BCGfRtmKivS%2BuJwfGh8aL6%2Bk1L4dPWfRLSpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce17b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/js/common-langs.js | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/js/common-langs.js IP104.26.13.87:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:55 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sun, 04 Dec 2022 17:27:27 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 23668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0g4Dy8OQob4pC9nXkKYiJmrQdjIwSMYYVuDuEfUa6RHP2Kra4w0dHNgf4XJxlkjhn%2B43DkdITRntZWp2%2BZ%2FNETSKneLY9Jh2rfg5ahLUobSVhY1TdfTwQqWOPKJSVZLKVzSBDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce20b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/js/langs.js | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/html/DE10/js/langs.js IP104.26.13.87:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sl/html/DE10/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=36979
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVSn7M2JIjHawteBN90rxl%2Bk%2BD8tuXX%2BXJmC6KJPC8gvybWG%2FYTGurryc8%2Bj5Qq8eTQE6OeTmuFpSOHVeMjdAOrkrXib8at%2BVEUufdlf%2Bnhpdms4cUhIr665GaaRkugRaJLN4oU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce1bb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/favicon.ico | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/favicon.ico IP104.26.13.87:0
GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5757594
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqNXmO2y6D95x2LDYHWoH%2BLkeGhHIaeIdYD8rMTHWC2rCfEZhsKg2TPAdliETxCiXZFzigc0ALPs%2BxV6Sz4tp8hTLI9FrjuBX%2FhcZjQrtgZfLeQXAI%2FGFSc6qtb8JVl73BxZcpY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740453a3c5fb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/css/style.css?1670112115 | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/css/style.css?1670112115 IP104.26.13.87:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sl/common/css/style.css?1670112115 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 00:01:56 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwnpnVSYYgbMEyr09lVlkX9QojH0wB3eG7cD7LefONwCmO%2B97pXMdMGK0KAdSBpFmLN2WmkcAclDR0hqzW4QDJo600xnAfVmPEtPXILp4t%2Fo9p8P%2B7VrvfhxTqtKpkBFhIsCUdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534be06b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum= | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum= IP104.26.13.87:0
GET /sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:55 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Sun, 04 Dec 2022 00:06:55 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80GZ8wlE7L9J5cZDsT0oKZI9m54zcnxvRcrGEnBHCIKA8p%2BfdYiP59aO4s2MDMQ5IaNwaYmEU4TiL2o3ZtZvXnc%2BUFTnfx3w56n9llQ87CRVGJZy5r%2FQQOkDIMhICQlhUmkL9lE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404530e988b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP104.26.13.87:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/cookies-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:57 GMT
content-type: application/javascript
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbRS8XS%2BhnEPlVDSJlGFmLHG%2B%2FMTRgkTFptdVntU7mRwWWKxB8xaUgrpdjfuc9KdSj8b3oBXMrD4bsoDxtyUxqmlOla%2BSFy2rz1GaKlI3b2yAMmSDiC1Zl15qznpZRuC8BLTGos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740453c4e2fb517-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 06 Dec 2022 00:01:57 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/css/main.css | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/html/DE10/css/main.css IP104.26.13.87:0
GET /sl/html/DE10/css/main.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=2611
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdOKecxvxhfX%2BJPuZmEOHFDta7uaD5dpKp1TSPQv14DnTztocJX5oki%2BHrQlGM%2F5laJx5OHs7hC0aHQ8xYp05OvC5JqcGsEuSryvJfUPDVIPpmd5%2FOoYyi0nNa%2FjVvlixLJsPgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534be00b517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/DE10/js/config.js | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/html/DE10/js/config.js IP104.26.13.87:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sl/html/DE10/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:56 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=704
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:26:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VL9Kj8WQsVWbxbuWQUAebiZ1ADlTwWZiFlMsNe623Iq3AT1NEwzzhdc%2B6aBonxK1gPZPwE%2FFLFIQVj1bhmtiDZGPjmr55xvpfIE1bj3DJc%2FDifBFjkIBrO7of9ZeYS8dwsBBaLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce1eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js | 104.26.13.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js IP104.26.13.87:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Phishing | |
GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:01:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 23668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpYgzntf5jJXJe8oNg6UF0MXrLc4nAFFgdnAiEZOFYBfepe6yVa2F17WmktFuYsy9a4p9cg4yR%2BEggyjh24djCBqv270pAWEPbj4Bbvjwec76KmH9ULilBREizJvSbIqwRPXHSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce0db517-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|