Overview

URLm.luvmenow.com/click?offer_id=5812&pid=31430&ref_id=2lo4i287a0pe3&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8=
IP 172.67.165.172 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 00:02:03 UTC
StatusLoading report..
IDS alerts0
Blocklist alert10
urlquery alerts No alerts detected
Tags None

Domain Summary (21)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
m.luvmenow.com (1) 0 2022-06-21 00:24:53 UTC 2022-12-03 20:12:18 UTC 104.21.11.83 Domain (luvmenow.com) ranked at: 252436
ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.164.56.167
ocsp.pki.goog (5) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
cdn-dt.fcdn.info (1) 230544 2019-03-21 02:06:06 UTC 2022-12-02 12:20:00 UTC 104.21.234.87
subscribe.api-push.com (1) 0 2022-06-02 01:41:52 UTC 2022-12-02 12:20:01 UTC 172.64.163.28 Domain (api-push.com) ranked at: 61402
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-12-03 17:15:13 UTC 34.102.187.140
app.api-push.com (2) 307671 2021-12-06 12:20:56 UTC 2022-12-03 12:02:52 UTC 172.64.163.28
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
datify.g2afse.com (1) 639853 No data No data 34.91.226.152
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
meshho.com (1) 0 2022-02-03 20:33:01 UTC 2022-12-03 16:18:26 UTC 54.154.42.150 Unknown ranking
fordats.com (1) 0 2020-01-16 16:22:18 UTC 2022-12-03 22:34:51 UTC 34.242.160.154 Unknown ranking
bl.trackham.com (1) 0 No data No data 18.193.146.82 Unknown ranking
mycasualhookups.com (18) 0 2016-03-19 22:05:44 UTC 2022-12-02 20:36:31 UTC 104.26.13.87 Unknown ranking
fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-12-03 17:32:51 UTC 142.250.74.106
cdnjam.com (1) 204001 2021-02-18 07:53:51 UTC 2022-12-02 22:40:13 UTC 188.114.97.1
r3.o.lencr.org (5) 344 No data No data 95.101.11.115
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-03 17:13:43 UTC 34.117.237.239
t.luvmenow.com (2) 252569 2022-11-09 04:58:33 UTC 2022-12-03 04:19:15 UTC 172.67.165.172
ocsp2.globalsign.com (2) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.21.226

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js Phishing
2022-12-04 2 mycasualhookups.com/sl/html/DE10/js/custom.js Phishing
2022-12-04 2 mycasualhookups.com/sl/common/js/main.js?1670112115 Phishing
2022-12-04 2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js Phishing
2022-12-04 2 mycasualhookups.com/sl/common/js/common-langs.js Phishing
2022-12-04 2 mycasualhookups.com/sl/html/DE10/js/langs.js Phishing
2022-12-04 2 mycasualhookups.com/sl/common/css/style.css?1670112115 Phishing
2022-12-04 2 mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode (...) Phishing
2022-12-04 2 mycasualhookups.com/sl/html/DE10/js/config.js Phishing
2022-12-04 2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 172.67.165.172
Date UQ / IDS / BL URL IP
2023-02-05 21:04:32 +0000 0 - 0 - 13 m.luvmenow.com/click?pid=34496&offer_id=5246& (...) 172.67.165.172
2023-01-31 07:19:33 +0000 0 - 0 - 12 m.luvmenow.com/click?pid=34496&offer_id=5246& (...) 172.67.165.172
2023-01-29 08:33:48 +0000 0 - 0 - 10 m.luvmenow.com/click?pid=34496&offer_id=5246& (...) 172.67.165.172
2023-01-22 20:37:00 +0000 0 - 0 - 2 m.luvmenow.com/click?pid=34496&offer_id=4531& (...) 172.67.165.172
2023-01-19 11:31:21 +0000 0 - 1 - 0 vpnlike.asia/Software/VPNLIKE8.1.exe 172.67.165.172


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-08 19:43:06 +0000 0 - 0 - 11 nadie.pelisplusgo.me/ 104.21.30.65
2023-02-08 19:42:50 +0000 0 - 1 - 0 www.fertstert.org/action/consumeSharedSession (...) 104.18.123.114
2023-02-08 19:42:50 +0000 0 - 1 - 0 www.fertstert.org/retrieve/pii/S0015028210029201 104.18.124.114
2023-02-08 19:42:31 +0000 0 - 4 - 0 www.cureus.com/users/131616-safeera-khan 104.22.4.111
2023-02-08 19:42:09 +0000 0 - 1 - 0 buildbot.libretro.com/stable/1.14.0/windows/x (...) 188.114.97.1


Last 5 reports on domain: luvmenow.com
Date UQ / IDS / BL URL IP
2023-02-05 21:04:32 +0000 0 - 0 - 13 m.luvmenow.com/click?pid=34496&offer_id=5246& (...) 172.67.165.172
2023-01-31 07:19:33 +0000 0 - 0 - 12 m.luvmenow.com/click?pid=34496&offer_id=5246& (...) 172.67.165.172
2023-01-30 12:57:06 +0000 0 - 0 - 12 m.luvmenow.com/click?pid=34496&offer_id=5246& (...) 104.21.11.83
2023-01-30 11:51:39 +0000 0 - 1 - 0 m.luvmenow.com/click?pid=34496&offer_id=4531& (...) 104.21.11.83
2023-01-29 08:33:48 +0000 0 - 0 - 10 m.luvmenow.com/click?pid=34496&offer_id=5246& (...) 172.67.165.172


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-02-02 05:56:37 +0000 0 - 0 - 14 toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63 (...) 52.51.210.211
2023-01-25 06:02:09 +0000 0 - 0 - 11 bl.trackham.com/f9908105-7257-45be-97c0-99904 (...) 18.193.146.82
2023-01-24 22:18:38 +0000 0 - 0 - 12 bl.trackham.com/f9908105-7257-45be-97c0-99904 (...) 18.193.146.82
2023-01-23 06:27:15 +0000 0 - 0 - 10 meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_63ce (...) 52.19.202.187
2023-01-22 09:43:43 +0000 0 - 0 - 13 bl.trackham.com/f9908105-7257-45be-97c0-99904 (...) 18.193.146.82

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (60)


Request Response
                                        
                                            GET /click?offer_id=5812&pid=31430&ref_id=2lo4i287a0pe3&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1 
Host: m.luvmenow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.21.11.83
HTTP/1.1 302 Found
                                        
Date: Sun, 04 Dec 2022 00:01:52 GMT
Content-Length: 0
Connection: keep-alive
X-Adjust-Use-Original-Forwarded-For: 1
Location: https://t.luvmenow.com/sl?id=5fa2c8001a6e4b18792252fc&pid=31430&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8=
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oc8nyk2RwJOEwN8uL3NLc5pHwbt62mTUYQrmClPQzr9xAAVXGJSRmnmATmIoyN%2Bv2jImGEh8pKfC0yzKeCP9ex1NReGUlv6tKcOLezlGKWk18wrTz2ZMSCKhB6eQsla%2BHg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7740451d4ee8fab4-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12214
Expires: Sun, 04 Dec 2022 03:25:26 GMT
Date: Sun, 04 Dec 2022 00:01:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6591
Cache-Control: max-age=130751
Date: Sun, 04 Dec 2022 00:01:52 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 12:21:03 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7034
Expires: Sun, 04 Dec 2022 01:59:06 GMT
Date: Sun, 04 Dec 2022 00:01:52 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 23:18:19 GMT
cache-control: public,max-age=3600
age: 2613
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ypaGgRgEWUYEBZu/9oXc0Z7okwwwL05cYATqIUwkqfABlCrwy4YRVGvSsj74Sv1Ln0rMR+nKDk+cN7EPrp7uSA==
x-amz-request-id: B6S9RK1JWD28Z7ZT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 23:47:19 GMT
age: 873
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 00:01:52 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 23:08:58 GMT
cache-control: public,max-age=3600
age: 3174
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6588
Cache-Control: max-age=125686
Date: Sun, 04 Dec 2022 00:01:53 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:56:39 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mghOs61KOraKTXLFDn8RKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.164.56.167
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1+PrIxX1OK0Yy0XOK7+uubvDHTI=

                                        
                                            GET /sl?id=5fa2c8001a6e4b18792252fc&pid=31430&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1 
Host: t.luvmenow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         172.67.165.172
HTTP/2 302 Found
                                        
date: Sun, 04 Dec 2022 00:01:53 GMT
content-length: 0
location: https://t.luvmenow.com/click?pid=31430&offer_id=29&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T4JU7W5sqAFjbps2KintRd1QHAIbWbiM8JactNXYOKMijV2CSUWbrUQeuw0qOLC0hbNPqQ%2FJd50skn1w9h86FaVw3vNZLpxP0%2FYc6yorsEfBqDzlvK8Q%2Fxn1eMTZKNND4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7740451f6f1db529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /click?pid=31430&offer_id=29&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1 
Host: t.luvmenow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

search
                                         172.67.165.172
HTTP/2 302 Found
                                        
date: Sun, 04 Dec 2022 00:01:53 GMT
content-length: 0
location: https://t.luvmenow.com/click?pid=31430&offer_id=1521&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYHpGxP5sNkyp04yFO9QUBbg%2FOxJU7ioTDz%2Flypgdxd0%2FC%2FscwPG7ZtTZoL73SPHzJAQahq0YbdFx6GDNdhuFQqqNmuu9c6CIQmlbmmy8QvvU18xKkFkySPDbwp2Msq7qw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045266cf2b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4552
Cache-Control: max-age=90206
Date: Sun, 04 Dec 2022 00:01:54 GMT
Etag: "638a8f08-139"
Expires: Mon, 05 Dec 2022 01:05:20 GMT
Last-Modified: Fri, 02 Dec 2022 23:49:28 GMT
Server: ECS (amb/6B74)
X-Cache: HIT
Content-Length: 313

                                        
                                            GET /click?pid=31430&offer_id=5246&sub1=28582&sub2=107.178.232.227&sub3=2lo4i287a0pe3&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1 
Host: datify.g2afse.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         34.91.226.152
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 04 Dec 2022 00:01:54 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=638be37272803900010bcea7; expires=Mon, 04 Dec 2023 00:01:54 GMT; secure; SameSite=None afoffers={"5246":1670112114}; expires=Mon, 04 Dec 2023 00:01:54 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 00:01:54 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 07 Dec 2022 22:33:53 GMT
ETag: "8bf8aacda99a6ec4f13927e2461022116c691aa5"
Last-Modified: Sat, 03 Dec 2022 22:33:54 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7740452b0ab3b4f3-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    2680d970133416562196c9c7f236b352
Sha1:   8bf8aacda99a6ec4f13927e2461022116c691aa5
Sha256: 3d0a333969a5b9338e05fc091fe54609d1ff34d46f8aa034ef501b0fdb827df4
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 00:01:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 00:01:54 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sun, 04 Dec 2022 00:01:54 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff14192d2-8c34-4d50-94dc-78122261fe84.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6007
x-amzn-requestid: 8df18e41-c953-4ccf-9270-5b88e112997d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsB8HBPoAMFjRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc072-054b813f68a6c2240ce1ab8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VESxX-O37ceZf7ezqsTJgqPNemSYvnLGwmx7aRp28DMPkA8bGVyBzA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:58:24 GMT
age: 7410
etag: "7968f87626c48538b4d32e3dd2de243d926171ed"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6007
Md5:    a7ecd2134fe99ba94cb54759cabda754
Sha1:   7968f87626c48538b4d32e3dd2de243d926171ed
Sha256: 321b13c756e1f5b910587e5b2a0ce3435ff889e0ff79ff7dc18807a4e59ddccf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:26:43 GMT
age: 59711
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8285
x-amzn-requestid: 882c673f-4e3f-4f84-a51d-bbac56f716eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAEWUoAMFWuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-3a2c571d6272b3493ec2a1c5;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wAFD-w3-gBFoOjjOYdnZRDPDkkeCf89uS38upjXPknfUZxtSxRpxvg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:50 GMT
age: 7744
etag: "364a32a224b2cacc26b138d57a8945c191e537b1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8285
Md5:    2c37ed587ee5e3fbdc8cab86ef1345f9
Sha1:   364a32a224b2cacc26b138d57a8945c191e537b1
Sha256: 3c66654da4670e0d5ec87afb6c62f0a420d90875c57b280710f2592269a9303e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 7756
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 8273
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff60056a5-9ac8-4274-9b3c-814f69985fdf.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4377
x-amzn-requestid: 33abcd00-02ec-47ba-9302-312453291913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb29cG53IAMFkGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d1ef-317a802f0f84d73949236b9f;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:58:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I6rq82k7xO6aUJRsx-cb9j-_qk4p9L1WmMIoYyxAxXq6LQ1FlF_kdA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:56:23 GMT
age: 57931
etag: "8d3a7f830e57e936a1da8a001f3e78108b20c038"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4377
Md5:    1bdd9e42d71307b201929c3a38c745c6
Sha1:   8d3a7f830e57e936a1da8a001f3e78108b20c038
Sha256: 6e1063a755d64c8102867cd9b347eb83fca2c69af558f111abc46f523a8294da
                                        
                                            GET /?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430 HTTP/1.1 
Host: meshho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         54.154.42.150
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Content-Length: 269
Date: Sun, 04 Dec 2022 00:01:54 GMT
Location: https://fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430&ckmguid=067d5804-6cc9-4f73-a641-6462df92f94b
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   269
Md5:    5f689759877cf39c83947dff7df7d52c
Sha1:   debc37e99b96214a9dcd120687254af54cf1dd5d
Sha256: 036f3ee49bce10b61582619eb42144f780e6dc4c46c654f41c1e76678d4a3371
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 00:01:54 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 07 Dec 2022 22:39:57 GMT
ETag: "90530522b7cdb441137bd138f2f465a392200ef0"
Last-Modified: Sat, 03 Dec 2022 22:39:58 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7740452d4ce0b4f3-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    c836a068a8acb2ae5b383763f545ece3
Sha1:   90530522b7cdb441137bd138f2f465a392200ef0
Sha256: 93157f898c63bd26fd529c0d174f06387ec01b921aeb58d61fbefa8a9b216e25
                                        
                                            GET /?a=16295&c=43694&p=r&s1=&s2=a_638be37272803900010bcea7&s4=31430&ckmguid=067d5804-6cc9-4f73-a641-6462df92f94b HTTP/1.1 
Host: fordats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         34.242.160.154
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Content-Length: 234
Date: Sun, 04 Dec 2022 00:01:55 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738961958&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=F29aBHvsSJtCb0w7dKdawdnZWAOitpA8Jdf8JGdrNpSEVyy/ZOZlNA==; domain=.fordats.com; path=/; HttpOnly trk=+H8Y+2wS6R1lQf0lAaaYSNnZWAOitpA8Jdf8JGdrNpSEVyy/ZOZlNA==; domain=.fordats.com; expires=Wed, 04-Dec-2024 00:01:53 GMT; path=/; HttpOnly c36197=F29aBHvsSJuZi6rzN+Z2wcUAKUOh6VBpB25CpgPbJYleCUghiDE1Zg==; domain=.fordats.com; expires=Tue, 03-Jan-2023 00:01:53 GMT; path=/; HttpOnly
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   234
Md5:    9646d1ee7e427c497e6edb8ae98383c3
Sha1:   87adb1d42bb447b9ffad795ab6b415c5d8ebb681
Sha256: d5ef64bcf8c7935412f5650d567dd9d430ecfb6a0c518dd342093e6017c7205c
                                        
                                            GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738961958&source=16295&sum= HTTP/1.1 
Host: bl.trackham.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         18.193.146.82
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 04 Dec 2022 00:01:55 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=rV8qA5M2KHVulPjX9c-ncB-Va_zH0tWVsIDu_o15YCo; Max-Age=86400; Expires=Mon, 05-Dec-2022 00:01:55 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None cep-v4=DSypXtRkj-DJIXyyWO44vBsqoQklpeEvhK9VZbmPI3JItzVrZdurZ26aJ9wrRdzn8ukEE1UY5pQu27OF4odB8kDEzEFaMoGral0RWV2dtQleM2Xd3bxcjoDZFfkfTXsp8lxoKkYVk29UPOnunVV-AAYCKBJ_9-WhRVsw1D22gNxdKl1oe319yKByOdK0TQePbE9L6M2zzILGO1qppzPHPWC16d8ht8es1W0VZl68LJJefpe8_k0LD0_weWNnYhZMSfwzFnDFTJRNzGobM7V8C9h5i9MQQH-cMtqAvnFDjBQTOpO6HNByHj2Xmz6tUD0xF4qy_HA-xfvGGWYaRUYfR1PpGqMinKxtMFvK-72HZInQrB-GPXrtWNVIPpNWtGeRm90Bd3zIdvtTI3GFLaqE2w; Max-Age=86400; Expires=Mon, 05-Dec-2022 00:01:55 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST /s/gts1p5/Dt6OUty8wSY HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 00:01:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3891
Cache-Control: max-age=170171
Date: Sun, 04 Dec 2022 00:01:56 GMT
Etag: "638bc9fc-117"
Expires: Mon, 05 Dec 2022 23:18:07 GMT
Last-Modified: Sat, 03 Dec 2022 22:13:16 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /swpush.min.js HTTP/1.1 
Host: cdn-dt.fcdn.info
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.234.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 911135
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdtGV87X0ycw9NQBq8TEr15fC4%2FxcEaQJFDh7gFQeAJ164CBiJHlG3JWH2NeY6%2B0DaudbdWIHRC5rRe9v1n1mY1FUlVFZlHOrkEGhyKpp6Z8%2B63ZSruvqaMfANsp4UVb3AFF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404535aa097417-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (34449)
Size:   11533
Md5:    ae468fc2a2616152d17c27250498348a
Sha1:   e492f5a7d2713314f072007c09912c5f3fee07dd
Sha256: 02a0acacd9b6341937af2a7123e506e0ba92749672566b81e15bdf90d9ed1877
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6435
Cache-Control: max-age=122689
Date: Sun, 04 Dec 2022 00:01:56 GMT
Etag: "638b0692-118"
Expires: Mon, 05 Dec 2022 10:06:45 GMT
Last-Modified: Sat, 03 Dec 2022 08:19:30 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280

                                        
                                            OPTIONS /get-keys HTTP/1.1 
Host: app.api-push.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.163.28
HTTP/2 204 No Content
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x010NBIpTsgITKNAuuKvwH72mieEHHfxFupPDCAxXUQOttLjaQ4Z4jQLCWdZdgXvq%2B5IDudR5TasVw31ra9DUlG8Z9JNtM8aGt81sexSkFOVISblGUFqshYVJoogXA88cjEk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045367bdb76c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:55 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 23668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQZh5PU9l8ZPlPtY3FvZsiNdkozZ9h%2FL%2B4lTN76Biuny2AuIEwwAjB40weH9x1327OJI5aREYWXfKSSJh6FjqfWSg3o9sK96vJAPjcD0T9jsep6GX7gW1nCboZ3PV8QV1uwqZcc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534be08b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   31560
Md5:    b2a4ee93c1b2cc3e24a4f190d49e607a
Sha1:   8bd144dae61c960d6c9c8d8428402df57f0020f8
Sha256: ed23e870796f171f430a60357fee303c91cf21e1ce8284f5483aad41f5c03f8b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/DE10/images/03.jpg HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
content-length: 58287
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73%2B6ACawZwlXe9LmtWkTH0rgTZP3gmquQezdDf3%2B934H6glKfaBR4s0SAHb%2Fx1ZB7NEmsYzlob07TDWC4HKHubxCgb%2F51qglZvO6G5LsY2tkMGLKFarSp8f6Wgyo3VHH0N82Kq8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534ce36b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Cropped with ezgif.com", baseline, precision 8, 500x714, components 3\012- data
Size:   58287
Md5:    37bb1c4464d422fc75b5630e9ac8bebb
Sha1:   5e70235d897ab5e25a0905731d63a2e6fbbe0ff6
Sha256: d9ee942a4d8314c9094d342445921f0c46f55adeae1aa51b15599338f73cf7de
                                        
                                            GET /sl/html/DE10/images/02.jpg HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
content-length: 72269
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqIABgJl%2F5EvIJH0%2B8Hvw1AHpyEAYiRzmPt%2BqXCSqELuvT0NdqK3vZAosECbryBceHOvuaE4hghD1%2BlKSWUqStRgwwhAjk1ZfrsScaUs08u0n4WVA5djT%2BGwhEJbowRW%2F3ULvx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534ce28b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x670, components 3\012- data
Size:   72269
Md5:    5a8b9b0560b1efd78ffc4b0a4b26d5dd
Sha1:   02c37f09435dd0df94fc9e291701cea61de47acd
Sha256: 69b803896c47dd6f767ec4475e28005b7a72b0273947a794391d857a93885a52
                                        
                                            GET /sl/html/DE10/images/01.jpg HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
content-length: 63047
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBSxDEjerYp5PQG%2BMn5hQOu%2Bdft1DvGqJwAseAMIocyrR8iM7EYCnR%2Blmc7bwc%2B%2BYN5VxRA6i39QFkj%2B3vftKesunIed5uX0cToWT9AGY1SJEduH4g%2BIy%2FR3NKDqTCRd2MoEHbc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534ce24b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x736, components 3\012- data
Size:   63047
Md5:    3a850bc7c7440247f8464289ab4c282c
Sha1:   3347973cd9aa7a79cf9c87ea147a586a0da7fa9a
Sha256: d62defeba698e9f156e1f6f777d28ff475a8abf37c9dc632005fda06cba77fc1
                                        
                                            GET /sl/html/DE10/images/05.gif HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: image/gif
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
content-length: 295330
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEbrwGLFpRUCGXZHpFOBGhzcBm1t7E%2FtTm39cMHr0othxHlscurCrrRZEH1TKjcclQAXdEEpQEW3FioR8wPpuDq3ErI2O7je37ueJgkfdMsHThibG0S%2FPRr8huhuF1m%2F9N6unzw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534de47b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 250 x 176\012- data
Size:   295330
Md5:    a5d1782e371584dd39fc60be2654dc5e
Sha1:   3347cabe8d40b0b93dff953291e0452c0d81a6e0
Sha256: 7c19aaec94ee7eceeea4171c58384347af75fe5b01374e548c49d9d498b83fea
                                        
                                            GET /sl/html/DE10/images/04.jpg HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
content-length: 47131
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3xZ8Qj%2BQmaHRFqCmTuAuGf4KD3Q5LD8bIGKeULanK1hYZn5wvRJVgiX4dzhZ8%2FaZa1ASfdRNpMw%2FVtwgMcMTxirLX8il%2BQ2Cwzd6zDNreI7BL54goD1qthEcPPughcUaSuZb3c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77404534de42b517-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x393, components 3\012- data
Size:   47131
Md5:    522d1fb81bd75e2160ce5fa2e05bcb80
Sha1:   bea0851dea66e6897cf9681055e34d4149d1f0fe
Sha256: 8305ef4314706cf7468a4d6230039a86c0120e284bd866f4c6b5cdf99d20206d
                                        
                                            GET /sl/html/DE10/js/custom.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=130977
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hV2YD0JBOdDsDcrjpWkprOy8ZPfO4%2FTAVw3cFGM5C8ze6obbj64rbNKSDm2uGzkV5qvOX%2FIqfNzT7caD%2B85Wgx%2BbdqJDHVFqe9lbhvIV6pWzzarrlN4zf%2FGQUhKdpJ8lvmsaqvM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534be03b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1382)
Size:   35729
Md5:    cf5cc3e7d6d6d4a62fee927724222820
Sha1:   18d62fea0e8866ebc40df484e75a9e3f01fdc06f
Sha256: d0113bbc549193116029fcb4b8fd196bc1cf517045ec976a0656d98a7bf4bd07

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Open+Sans:300,400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 00:01:56 GMT
date: Sun, 04 Dec 2022 00:01:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1156
Md5:    b36b9be38b78162ae5c21d0861681006
Sha1:   0709c86e4f360fdb917285971c3be8eb3c694779
Sha256: a485491f627e394ae2ee781ebc1002f00c40fb1fe8e12c23f14c5921c4847590
                                        
                                            POST /get-keys HTTP/1.1 
Host: app.api-push.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.163.28
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLwdSGN0l00J0C8BKSIiZaSVkNbBABCJk4hrVW%2BAEu5kFyZsqnxktF4wicEXliLPydVfrq%2BgLtBEYfeC27SfcuXtRoc5qOpBg5kwN9YL%2FR1iWm4g4y9kGjTbW0OZ1ad8Iqer"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045370c5776c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2116), with no line terminators
Size:   917
Md5:    513e2d6f7c4afa7a467e568b61c21860
Sha1:   ac4f6c25cdb7c39831cb5fbb29145329a81abee4
Sha256: a1d29eaf84ca426460dada1ebf6d4d2c709ad23201f8bc53d4f9dbdc65aa4d20
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 00:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 00:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 00:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sl/common/js/main.js?1670112115 HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 00:01:56 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFicaUF%2FFe5XGYgcG%2B97rD3UEEB335ULKF84j3u8FIsQ35aprqgettOq2J91TdtRqLleWIsTm8LpFn1zM1asOLtsXOltIGv7GZIBK4UNbpmkpFDnL18pJGwe9uIAEyIxVg%2FuzLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce22b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   46674
Md5:    7977c9fdcb0b8b6d844a8ac2d3f91fc9
Sha1:   85b9464764885abb26bd899e76a4693b77002a75
Sha256: d30a0617c149918581859ba43026a292463c5a04752e39405d762a5e6efdc5c7

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 00:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1 
Host: subscribe.api-push.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.163.28
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIqvEvZh3u5RZ41heQBhZ%2FwIFGIToy3kqUAZVU02iPHyFqGzM0k6vdK5D7BLzKxB4ErZJN1Grbx4mhcW7gD3npJe4%2FRJOdTFd2SGwSBHrfyVMmHMs3YC%2FSgpwKBuzAmcLAd6CrAWkCyO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045392e5576c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   5
Md5:    68934a3e9455fa72420237eb05902327
Sha1:   7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
Sha256: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1563
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 00:01:57 GMT
Etag: "638b5250-117"
Last-Modified: Sat, 03 Dec 2022 23:35:54 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /cdn/sdialog.min.css?_=4 HTTP/1.1 
Host: cdnjam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         188.114.97.1
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 04 Dec 2022 00:01:57 GMT
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 6897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKDObLjhJuKbxYbuY0swfWUk8ObXNhskJmbtshQdoy3qPZO98GpuVb69wYna%2FrcBhCr1SDNDsK%2Fi%2B505ej4gzAqNRkORQxm9rbEXqU0cT8lRjdaTcf5j4e5UKtfm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774045415c83b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6775)
Size:   1576
Md5:    2a0c146592842de336e7f1bfb7766117
Sha1:   f6c330aa79225167fa3193a3e6915cea0cbb7b30
Sha256: 399d0f65959a6e5e49c77d772a5aa93e5943e48470d3bf974f3a604e859c7a98
                                        
                                            GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:55 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 23668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPkw1YKmORW0HbEKaAKJ7ksjfbdGK7VIlZr4BIgakqU0P4mD%2BHLB1pRPWdi%2F%2BR98A0vkrlmYmjN0FjEY6hS34k%2FzFB4hFDQvLyV%2BCGfRtmKivS%2BuJwfGh8aL6%2Bk1L4dPWfRLSpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce17b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/common/js/common-langs.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:55 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sun, 04 Dec 2022 17:27:27 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 23668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0g4Dy8OQob4pC9nXkKYiJmrQdjIwSMYYVuDuEfUa6RHP2Kra4w0dHNgf4XJxlkjhn%2B43DkdITRntZWp2%2BZ%2FNETSKneLY9Jh2rfg5ahLUobSVhY1TdfTwQqWOPKJSVZLKVzSBDY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce20b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/DE10/js/langs.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=36979
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVSn7M2JIjHawteBN90rxl%2Bk%2BD8tuXX%2BXJmC6KJPC8gvybWG%2FYTGurryc8%2Bj5Qq8eTQE6OeTmuFpSOHVeMjdAOrkrXib8at%2BVEUufdlf%2Bnhpdms4cUhIr665GaaRkugRaJLN4oU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce1bb517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/common/favicon.ico HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5757594
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqNXmO2y6D95x2LDYHWoH%2BLkeGhHIaeIdYD8rMTHWC2rCfEZhsKg2TPAdliETxCiXZFzigc0ALPs%2BxV6Sz4tp8hTLI9FrjuBX%2FhcZjQrtgZfLeQXAI%2FGFSc6qtb8JVl73BxZcpY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740453a3c5fb517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sl/common/css/style.css?1670112115 HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 00:01:56 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwnpnVSYYgbMEyr09lVlkX9QojH0wB3eG7cD7LefONwCmO%2B97pXMdMGK0KAdSBpFmLN2WmkcAclDR0hqzW4QDJo600xnAfVmPEtPXILp4t%2Fo9p8P%2B7VrvfhxTqtKpkBFhIsCUdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534be06b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/DE10/n.php?cep=QstNfUZSnk985bpoMJBGN5SHkQxOTEbFavNuOpwfHzRWrwcMcJPw0JmNDUVifSMZ0YbTEkPuIKghvvY9wUxbqVhFUXItpf0sttdOEUhH3OvuFhfn2yv__iJ9NeyB2HJ2HsHvIWdyqvYgUC7I75Y7VKskVVV8uz6wHOgGVqi15BojzVc2sUsPnBo9bsKXBv0cALqt9qj4vp6DgoN2e8_kt1NqA-7o6LtVQ_Gtt4zQX5tj-aBseoiHcUGuwdPfFj7wL61CmmJ01fCV8yxZFFDyCPhOdQgAZx0bCCrwSvArJKTkhH8GpqQka7tCsF58UO6IirtjNv6qL5kfa1tB17Y_ENRq7DH4xgRSyBc0ddvFZCPxxskzItc1dIygLYK7qVZye6syTwtBYCHXSNy7ks16ew&lptoken=160a70cd11a3396f1554&external_id=36197-738961958&source=16295&sum= HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 04 Dec 2022 00:01:55 GMT
cache-control: max-age=300
expires: Sun, 04 Dec 2022 00:06:55 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80GZ8wlE7L9J5cZDsT0oKZI9m54zcnxvRcrGEnBHCIKA8p%2BfdYiP59aO4s2MDMQ5IaNwaYmEU4TiL2o3ZtZvXnc%2BUFTnfx3w56n9llQ87CRVGJZy5r%2FQQOkDIMhICQlhUmkL9lE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404530e988b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/cookies-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:57 GMT
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
etag: W/"6387a18d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CbRS8XS%2BhnEPlVDSJlGFmLHG%2B%2FMTRgkTFptdVntU7mRwWWKxB8xaUgrpdjfuc9KdSj8b3oBXMrD4bsoDxtyUxqmlOla%2BSFy2rz1GaKlI3b2yAMmSDiC1Zl15qznpZRuC8BLTGos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7740453c4e2fb517-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 06 Dec 2022 00:01:57 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/DE10/css/main.css HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=2611
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdOKecxvxhfX%2BJPuZmEOHFDta7uaD5dpKp1TSPQv14DnTztocJX5oki%2BHrQlGM%2F5laJx5OHs7hC0aHQ8xYp05OvC5JqcGsEuSryvJfUPDVIPpmd5%2FOoYyi0nNa%2FjVvlixLJsPgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534be00b517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sl/html/DE10/js/config.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:56 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=704
expires: Mon, 05 Dec 2022 00:01:56 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:26:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VL9Kj8WQsVWbxbuWQUAebiZ1ADlTwWZiFlMsNe623Iq3AT1NEwzzhdc%2B6aBonxK1gPZPwE%2FFLFIQVj1bhmtiDZGPjmr55xvpfIE1bj3DJc%2FDifBFjkIBrO7of9ZeYS8dwsBBaLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce1eb517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.13.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 00:01:55 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 23668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpYgzntf5jJXJe8oNg6UF0MXrLc4nAFFgdnAiEZOFYBfepe6yVa2F17WmktFuYsy9a4p9cg4yR%2BEggyjh24djCBqv270pAWEPbj4Bbvjwec76KmH9ULilBREizJvSbIqwRPXHSI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77404534ce0db517-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing