Report - m.luvmenow.com/click?offer_id=2247&pid=25009&ref_id=3qc18i47bs79d&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051

Report Overview

Submitted URL
m.luvmenow.com/click?offer_id=2247&pid=25009&ref_id=3qc18i47bs79d&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
IP
172.67.165.172
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-12 20:01:28
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.237.93.5
meshho.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	503 B	570 B	34.242.160.154
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	50 kB	34.120.237.76
mycasualhookups.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.8 kB	1.9 MB	172.67.71.67
m.luvmenow.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	522 B	793 B	172.67.165.172
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
datify.g2afse.com	639853	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	845 B	34.90.14.205
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	507 B	46 kB	142.250.74.35
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	945 B	104.21.58.242
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.2 kB	93.184.220.29
ocsp2.globalsign.com	1544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	3.8 kB	104.18.20.226
fordats.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	549 B	986 B	52.18.157.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	4.2 kB	142.250.74.131
cdn-dt.fcdn.info	230544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	12 kB	104.21.234.86
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
t.luvmenow.com	252569	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.6 kB	104.21.11.83
bl.trackham.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	527 B	1.5 kB	18.193.146.82
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	35 kB	142.250.74.170
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
subscribe.api-push.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.6 kB	172.64.162.28
app.api-push.com	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	850 B	172.64.162.28

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-12	medium	mycasualhookups.com/sl/html/032107/js/config.js	Phishing
2022-12-12	medium	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	Phishing
2022-12-12	medium	mycasualhookups.com/sl/html/032107/js/jquery.min.js	Phishing
2022-12-12	medium	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	Phishing
2022-12-12	medium	mycasualhookups.com/sl/html/032107/videos/video1.webm	Phishing
2022-12-12	medium	mycasualhookups.com/sl/common/css/style.css?1670875280	Phishing
2022-12-12	medium	mycasualhookups.com/sl/html/032107/js/main.js	Phishing
2022-12-12	medium	mycasualhookups.com/sl/common/js/common-langs.js	Phishing
2022-12-12	medium	mycasualhookups.com/sl/common/unsubscribe.html	Phishing
2022-12-12	medium	mycasualhookups.com/sl/common/js/main.js?1670875280	Phishing
2022-12-12	medium	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	Phishing
2022-12-12	medium	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	18 kB	2023-03-07	2024-04-10
Pretty URL mycasualhookups.com/sl/common/js/lib/additional-methods.min.js IP 172.67.71.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:43 Last Seen2024-04-10 02:04:24 Times Seen257 Hash 3a53c5eac97b98ed3833970d43bf7fc9 b8805460b5754be8b16a223df737d9577da4c182 8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8 Loading...

	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-26
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js IP 172.67.71.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 22:50:36 Times Seen106409 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	mycasualhookups.com/sl/common/js/main.js?1670875280	7.4 kB	2023-03-07	2023-08-07
Pretty URL mycasualhookups.com/sl/common/js/main.js?1670875280 IP 172.67.71.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-08-07 07:25:23 Times Seen115 Hash b87e1c868deb5fadb6c9661630d4f0db e893295cfb31b37a247c509c53b1eae346c528fc 44523924092ddcf715dae1c6c23059400dfb24781643ddb760b0f6b82724a0a8 Loading...

	mycasualhookups.com/sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum=#p%23	487 B	2023-03-08	2023-05-21
Pretty URL mycasualhookups.com/sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum=#p%23 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-05-21 15:59:11 Times Seen18 Hash eb3361ce29dba68e5f6374b4129a7240 e9226d27e25cff9e8fd1026b4107d90919d59c14 8eb0cb2db6b9f3b562f0b58f4c9b1f6c48c31cce516872a20efbd90a5c6d33ff Loading...

	mycasualhookups.com/sl/common/unsubscribe.html	1.9 kB	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/common/unsubscribe.html IP 172.67.71.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash b65ff9705865169981f3ac388816cc72 c79a72e04d9b766e27ea4fe8d2a0cc5d9c484c41 67da9ca751409ddfd1a8b1b7a1fdfe5b66b37e6d9b1d0c4e083fb357debca5de Loading...

	mycasualhookups.com/sl/html/032107/js/langs.js	6.2 kB	2023-03-08	2023-05-27
Pretty URL mycasualhookups.com/sl/html/032107/js/langs.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:46 Last Seen2023-05-27 17:52:36 Times Seen6 Hash c895285afd534a475c5953dee6ad3495 4ca789d37a3648284e1eaf3d83da4818860089e8 e70037ef79e847cc316e58b94ebe5d4c33cb97be85a0a99125f500d38de043a5 Loading...

	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	23 kB	2023-03-07	2024-04-26
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js IP 172.67.71.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2024-04-26 20:22:35 Times Seen993 Hash 93c1dd8416ac2af1850652d5b620a142 6a76e4c7db479053350580469aa010febfdcacd0 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50 Loading...

	mycasualhookups.com/sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum=#p%23	90 B	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum=#p%23 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash 366614100df3a1aad7eaa097204bb879 462a34ed6013dced533568a3bafe7bb7da1b212d b52856d21909444a7b1f4afb75479ca00aa7a05fc60cdf860dcb3ce4f0b75f01 Loading...

	mycasualhookups.com/sl/html/032107/js/jquery.min.js	127 kB	2023-03-08	2023-05-27
Pretty URL mycasualhookups.com/sl/html/032107/js/jquery.min.js IP 172.67.71.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:46 Last Seen2023-05-27 17:52:36 Times Seen16 Hash 60deb99052f1a9728c143c8e618dc9b3 f4bfc781f9cc075a20f8e9fb51c11ef4edb2d3c6 85ea6624a9f99bbf4f890125e45b2cbc2a9ac73aba9c9ad67dab935b8b4108f6 Loading...

	mycasualhookups.com/sl/common/js/common-langs.js	15 kB	2023-03-07	2023-07-02
Pretty URL mycasualhookups.com/sl/common/js/common-langs.js IP 172.67.71.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-07-02 18:22:18 Times Seen47 Hash 9dd6dd34babf310236383a7eb7d569e3 f396ed09424e282aa4e7b96d463541fc42556f46 7ae9fc07390e221821ced9edb8e092859afbc5653d7878c3d3074ed24be2c050 Loading...

	mycasualhookups.com/sl/html/032107/js/config.js	395 B	2023-03-08	2023-08-07
Pretty URL mycasualhookups.com/sl/html/032107/js/config.js IP 172.67.71.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-08-07 07:25:23 Times Seen53 Hash 628061c41e011910d93e2eb32b7e8a24 edaa1d1ca254452b8c77111a7d2dd928276b5971 33015ae6fe9c43a1d94f0b77b94a17e903ca8be952608b85f70ce0df0193161b Loading...

	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-26
Pretty URL mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.71.67 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 22:35:48 Times Seen55078 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949	97 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 22:31:30 Times Seen118760 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	cdn-dt.fcdn.info/swpush.min.js	34 kB	2023-03-07	2023-08-07
Pretty URL cdn-dt.fcdn.info/swpush.min.js IP 104.21.234.86 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-08-07 07:25:23 Times Seen135 Hash af2540aefe6334edb036a720947abb72 f17f394267c73b004d0f2c6dfb8a790aa2d7bf7e 7af8787e4bc78270a5a72a75f86a45ae9d3bd803c3c57ec3efb84d2aabe102a2 Loading...

HTTP Transactions (63)

URL IP Response Size

m.luvmenow.com/click?offer_id=2247&pid=25009&ref_id=3qc18i47bs79d&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=

172.67.165.172

302 Found

0 B

URL HTTP/1.1
m.luvmenow.com/click?offer_id=2247&pid=25009&ref_id=3qc18i47bs79d&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
IP
172.67.165.172:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?offer_id=2247&pid=25009&ref_id=3qc18i47bs79d&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8= HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Mon, 12 Dec 2022 20:01:17 GMT
Content-Length: 0
Connection: keep-alive
X-Adjust-Use-Original-Forwarded-For: 1
Location: https://datify.g2afse.com/click?pid=25009&offer_id=29&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j20o86bdqszKH6bJmvKMJWG%2BXLij2Cszf5S25ztTk3wgygInbMTgTQrL4BUCeHjAmjGC9RdMeqV0XdjzrD52oADz7J0aRIVxK%2F%2B8Ru1tGF5Zgmp5QHZZ3YBXrPejChuU5A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77890d122a431c16-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2645
Expires: Mon, 12 Dec 2022 20:45:22 GMT
Date: Mon, 12 Dec 2022 20:01:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2554
Expires: Mon, 12 Dec 2022 20:43:51 GMT
Date: Mon, 12 Dec 2022 20:01:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5901
Expires: Mon, 12 Dec 2022 21:39:38 GMT
Date: Mon, 12 Dec 2022 20:01:17 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 19:33:43 GMT
content-type: application/json
age: 1654
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: rbcqooa/IHVAPukqIYuJs24jhBDueZWhbgMgJL5oSLYqcIvd/6LkhhDQ0iSYvVqO7J8zUfWv4bU=
x-amz-request-id: N7ZN1NTM1VHKGP7P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 19:51:37 GMT
age: 580
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 20:01:17 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
67d7d9070c3c85bdd580253d9e137106
5b07c7e8130c94470218203e8219297834ec83c9
73ee37fb7e01bf6a58c436b0f60af1027018d281827467680b63a225ce4f2b50

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1449
Cache-Control: max-age=101553
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:17 GMT
Etag: "63966c95-139"
Expires: Wed, 14 Dec 2022 00:13:50 GMT
Last-Modified: Sun, 11 Dec 2022 23:49:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 313

datify.g2afse.com/click?pid=25009&offer_id=29&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=

34.90.14.205

302 Found

0 B

URL HTTP/2
datify.g2afse.com/click?pid=25009&offer_id=29&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
IP
34.90.14.205:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=25009&offer_id=29&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8= HTTP/1.1
Host: datify.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Mon, 12 Dec 2022 20:01:17 GMT
content-length: 0
location: https://t.luvmenow.com/click?pid=25009&offer_id=1521&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 19:07:56 GMT
age: 3201
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

t.luvmenow.com/click?pid=25009&offer_id=1521&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=

104.21.11.83

302 Found

0 B

URL HTTP/2
t.luvmenow.com/click?pid=25009&offer_id=1521&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
IP
104.21.11.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=25009&offer_id=1521&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8= HTTP/1.1
Host: t.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
date: Mon, 12 Dec 2022 20:01:18 GMT
content-length: 0
location: https://t.luvmenow.com/click?pid=25009&offer_id=1946&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DZK0jmQ%2BWtWXu51ZdhHVlwHCA2yjMhW2p74w8QC%2BPIwGb8NLOzY1E43Yuo7sa%2BTwYzygE4%2F4e37OvyWMNT0RkU8NFek38tLhfQ04XUQh%2Fp0kFKd6oMf6ALHg9FC8NUCSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d178dd30b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee19f96e42a0eca99d00c8d91f977c35
3bf8dbf8b8ce6ea7adadf7bb92cae2f9502fbee9
6d8adcb1494bfe2ca73cd6b77eb57b2d08e07b05eb892fea98a1fde0bfb2ea12

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4126
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:18 GMT
Last-Modified: Mon, 12 Dec 2022 18:52:32 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

t.luvmenow.com/click?pid=25009&offer_id=1946&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=

104.21.11.83

302 Found

0 B

URL HTTP/2
t.luvmenow.com/click?pid=25009&offer_id=1946&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
IP
104.21.11.83:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=25009&offer_id=1946&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8= HTTP/1.1
Host: t.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
date: Mon, 12 Dec 2022 20:01:18 GMT
content-length: 0
location: https://datify.g2afse.com/click?pid=25009&offer_id=5246&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqDkKRaIGZHhTvuleqQ55ldLTXRXJ3zM0%2Fkmlix6UDU1tLw%2Bo1Kg1OkIDZjKIqRKOQZoNfCVBjWTn5yGlpP8TtkoR%2BeQ8abkCTBwVbl7PUWc%2FmO5lyY%2FWsowdPZtJweVWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d182e720b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

datify.g2afse.com/click?pid=25009&offer_id=5246&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=

34.90.14.205

302 Found

0 B

URL HTTP/2
datify.g2afse.com/click?pid=25009&offer_id=5246&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8=
IP
34.90.14.205:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=25009&offer_id=5246&sub1=22151&sub2=2600:1900:2001:10::15&sub3=3qc18i47bs79d&sub4=aa4ab7v15uoj2wj8ee&sub5=&sub6=sme_3403_us_5051_0712&sub7=&sub8= HTTP/1.1
Host: datify.g2afse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 302 Found
server: nginx
date: Mon, 12 Dec 2022 20:01:18 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_6397888ebdb77b0001ca0097&s4=25009
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6397888ebdb77b0001ca0097; expires=Tue, 12 Dec 2023 20:01:18 GMT; secure; SameSite=None
afoffers={"5246":1670875278}; expires=Tue, 12 Dec 2023 20:01:18 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.237.93.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.93.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CFYSyVw6lZ0nxcKsBt6WnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MaMt3TCNzkLBQ/kbaZq/7dl4Ax4=

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
83a8e2f6f5f8773bfd23642d69369f37
a7ef67f793a6be715ecbcc4cd21000a073725b21
30388b34d0d1af2efd5d16fa87dedf9801cabb49c6686fb27901c740f9636fc7

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 20:01:18 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 16 Dec 2022 20:01:17 GMT
ETag: "a7ef67f793a6be715ecbcc4cd21000a073725b21"
Last-Modified: Mon, 12 Dec 2022 20:01:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77890d19cc1f0b59-OSL

meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_6397888ebdb77b0001ca0097&s4=25009

34.242.160.154

302 Found

269 B

URL HTTP/1.1
meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_6397888ebdb77b0001ca0097&s4=25009
IP
34.242.160.154:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
269 B (269 bytes)
Hash
7fe5bf85b6d5d699e312b552b37a5c8e
cda20da4b1e2ea0934cfe8c442bdc235d3f5941b
ecbcfe5679cab280d4d2ab696e7b374ebc5ae6898559e8d24d8282c839a86d60

HTTP Headers

GET /?a=16295&c=43694&p=r&s1=&s2=a_6397888ebdb77b0001ca0097&s4=25009 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 269
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Dec 2022 20:01:18 GMT
Location: https://fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_6397888ebdb77b0001ca0097&s4=25009&ckmguid=7c07f4a7-7cb0-4af6-9c02-6e754b2d4350
Connection: close

ocsp2.globalsign.com/gsalphasha2g2

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsalphasha2g2
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1423 bytes)
Hash
7776f17225b917e6fb6ebcae30c21342
cdce7aed34c950746325addd1cecd30a0b8060f9
04d8fafb1fefe82295394d11444180096925ee00b8905c8cef79119193367f21

HTTP Headers

POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 20:01:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Fri, 16 Dec 2022 19:15:08 GMT
ETag: "cdce7aed34c950746325addd1cecd30a0b8060f9"
Last-Modified: Mon, 12 Dec 2022 19:15:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77890d1da82f0b59-OSL

fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_6397888ebdb77b0001ca0097&s4=25009&ckmguid=7c07f4a7-7cb0-4af6-9c02-6e754b2d4350

52.18.157.191

302 Found

234 B

URL HTTP/1.1
fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_6397888ebdb77b0001ca0097&s4=25009&ckmguid=7c07f4a7-7cb0-4af6-9c02-6e754b2d4350
IP
52.18.157.191:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
234 B (234 bytes)
Hash
c4f6c31f0a6d56b05d7831fcc62b4ea5
f69237fd5bd5de36e2d1a398ebb77a76698e402d
f978c6f448c5a39ac7d5eac3c1b2caebcde454411c0992f6ccbc9d56d41aa5b4

HTTP Headers

GET /?a=16295&c=43694&p=r&s1=&s2=a_6397888ebdb77b0001ca0097&s4=25009&ckmguid=7c07f4a7-7cb0-4af6-9c02-6e754b2d4350 HTTP/1.1
Host: fordats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Dec 2022 20:01:19 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739622313&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=SHBj2uJfiwL0/LOJgrl3Uv3w8KvhhA7pvn5OOvczL1Q4V8L8nbCSkg==; domain=.fordats.com; path=/; HttpOnly
trk=5kpn/XLu8NOQjqE6+i2h5P3w8KvhhA7pvn5OOvczL1Q4V8L8nbCSkg==; domain=.fordats.com; expires=Thu, 12-Dec-2024 20:01:16 GMT; path=/; HttpOnly
c36197=SHBj2uJfiwJWb0/PEuFRQDNJ4SuJbWGAOparX9tV+9teCUghiDE1Zg==; domain=.fordats.com; expires=Wed, 11-Jan-2023 20:01:16 GMT; path=/; HttpOnly
Connection: close

bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739622313&source=16295&sum=

18.193.146.82

302 Found

0 B

URL HTTP/2
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739622313&source=16295&sum=
IP
18.193.146.82:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739622313&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Mon, 12 Dec 2022 20:01:19 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=_2qyANKaCOLxKVuKrD14TI0UW2c7WvxZtYNjd4fTihA; Max-Age=86400; Expires=Tue, 13-Dec-2022 20:01:19 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=wYTTIvVH60b2asxflFhi1cPUsge3U6JqhEryNNwYxLdSk-5lT8GM5sGPtI1vP2l5M-16jT4CTg6zmdoD8TMcbhDsHwN_s_QKtPIAsQkwOGyXAoKpkdUNGdb90_5Ssd2zkv6UUKrl70KAigTc8JgsYSn9Dxu1DCGPFa3ArumTa3x_Ohp7CPKFcBxUr8xQJyFneLh6BXcxxwYO-1AORCCxA-VbaChAlToYthtat0pG1Mrc6agr_k8n6lBzDLALRkNRjbo9tZk8h2iTgndNDG7DzmmR9UJZfhJhctP1keMrU5_LdkenxN1mqKoNgPH1TSaTErmsiH64mO_HrmS1bbH8PB6q9YB4SzkxLRF7o5H-FyRffPjUGADZXRssaNTZwx70P1lcvsw4gOfOQRVrzb_t9g; Max-Age=86400; Expires=Tue, 13-Dec-2022 20:01:19 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4686
Expires: Mon, 12 Dec 2022 21:19:25 GMT
Date: Mon, 12 Dec 2022 20:01:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4686
Expires: Mon, 12 Dec 2022 21:19:25 GMT
Date: Mon, 12 Dec 2022 20:01:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4686
Expires: Mon, 12 Dec 2022 21:19:25 GMT
Date: Mon, 12 Dec 2022 20:01:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6438 bytes)
Hash
75dd1ecae61b991cd21929deb9244aac
4f14c9f7b36dfa356877251f1e6a0f5936286c4b
3435eda8961bb9954fcf5fd7c957ce58fd7aa4bb9e00525b8f42756adcf341e7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcded97a1-bc2d-405f-b231-35f5af035463.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6438
x-amzn-requestid: 517b1627-9789-48e8-b5df-106fee878820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENaGN6IAMFoUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d88-28cbd126745e8ab15d937936;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: amWbF9zOStURk7mvKoCOs0babDMecP7hOWzf4Hrn8RGThFiqv-_elg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:59:55 GMT
etag: "4f14c9f7b36dfa356877251f1e6a0f5936286c4b"
content-type: image/jpeg
age: 79284
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5619 bytes)
Hash
9f8d3e3c9e5d2ed74c3894b4825fcc2f
6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da
9e44f93e65206ae7095cf9177296f4f528f1c2597cffa4853b7d6dcabf032796

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc57568b-de5b-4cc8-9e29-a57a302df9b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5619
x-amzn-requestid: df7189d2-5cad-43a2-9511-20c5de53f710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEMPFCSIAMF4uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d81-729683c606fd6abc5bc70534;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: kbfjvh64NjCUE-e-3z7W58vyJMisRwERUV_W99jn3vrErY4bF1SFsg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:59:55 GMT
etag: "6bbd19dbf5112b5c52a1ccbfff3c9d7d0ab030da"
content-type: image/jpeg
age: 79284
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5530 bytes)
Hash
a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WNDIG6TS5ADSskNQmMZjuNmw03SwD_NfSBHNFKVkeU0lVM3b9MGKUw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 16:19:06 GMT
age: 13333
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8841 bytes)
Hash
9051770b3587c195bea670f8820e8cfe
abf58087f0e345202da088238daea85d177b431b
f687a10c0ae63699a551977e9a4ec5bc7ba606b1925178d7ed4ec6728889bb2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa9678b-479f-4894-b9e7-3d05e236f19c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8841
x-amzn-requestid: 09b64f8e-60c0-4cf6-a0dc-15e597bd9d85
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eMWH7MIAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4e-3471ee5f5a78b55c424e2c6d;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wk9BI6v5Q6COMKhEiVyGW07a43hO-gddJZdFGb-Miu4LuOa7azKqyQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:36:02 GMT
age: 77117
etag: "abf58087f0e345202da088238daea85d177b431b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4720 bytes)
Hash
38876d760ef06c8471468c474c1e28a7
d43cd03d5eb3e7618b6fb70c935010c2ac92ad32
a0747f29eb6084eef42d3c247594973b02c619c7ec56b6137e24b6d0362557a0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a765cd8-d4ff-441c-a948-f6a223fa2b0b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4720
x-amzn-requestid: dd990fe1-8447-403e-b276-40889af5baa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAENuF6SoAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d8a-59b5a8f92ef6111e64e16079;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kwweq9Tz-UmF0uP_LKgkPlXwvak8U55ZoBW37FyytkDV0peSujBf5Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:16:48 GMT
age: 78271
etag: "d43cd03d5eb3e7618b6fb70c935010c2ac92ad32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6311 bytes)
Hash
2020df3404a4b7c3e142af4a1330b848
2fe69b52fe03128e86550bf08474ecac82682384
37a52c158d5cfdf3589e19163cf446c02ce1466f444656080b02da82d2bcefae

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6bca12a-103c-4b98-a218-27a61f8d6951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6311
x-amzn-requestid: 46ccaee0-bde8-4be6-9dc8-46e3ae356dc8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c8xUYH10oAMF8Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6394fc1b-2440251f06cb950a57489555;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 21:37:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UU3eyJXDqth6F65_913HL9lqA3qZHfGExAV89BRzHpQho5wZbQRTmw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:38:41 GMT
age: 80558
etag: "2fe69b52fe03128e86550bf08474ecac82682384"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
803a6204cce07d08c6fcc687c2a2b8e8
663402394822c98c7a7e173b97cd2ba60897bcff
e319d94e591a25f70991a116399d1bcf3acdc2e8f22168652412c9d11c37a129

HTTP Headers

POST /s/gts1p5/Dt6OUty8wSY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:19 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mycasualhookups.com/sl/html/032107/js/config.js

172.67.71.67

200 OK

660 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/config.js
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (332)
Size
660 B (660 bytes)
Hash
fe2d0cdd19ac8fb947c11bdca9a77cd8
6afebae7db72f4958e67e19fa73033de98dc2dc5
b529a3904069074fb8f6ec7d83f6f0ad1244731d3e09d32c19421d4b8cfae5ac

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Tue, 13 Dec 2022 12:58:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:19:29 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 25387
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nf09ZLz4ViOkyIRIlDMXuCx%2FdQq9qlvrrPE%2F6AI%2FgkD2HrxABuDyWBeI4o2nanDsPCnb58448ZA%2BS%2BMDSRVbcsKDVxjqs2uHzcgn6XTHNlFabN1hrLBJ9Ueoyzm4uCVoy%2F5EPV4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d267f1dfac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949

142.250.74.170

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:47:32 GMT
expires: Thu, 07 Dec 2023 20:47:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 429228
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js

172.67.71.67

200 OK

8.1 kB

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (23122)
Size
8.1 kB (8095 bytes)
Hash
907d1d5f91a9c839083e522859ecc5bf
fd9be012279e86487ea8c068077b722bb3dcbca9
6152613be1182ace8e7cef74e83d2eb347259f0264ea4521b324909f55c73eff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Tue, 13 Dec 2022 18:57:43 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 3817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=um1GBDv%2F1kMlHkhaTdTm0XK49B05%2FNJEjN2922yJdIGGALNXpENVpBodWe6v4hIeq75kkCfkvXNhnnFCS5s7R%2Bfd9qBfjSio3r%2Bfj4ShGuU%2Fz42RyDKow9htcOnOBjbhwW5azvU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d267f19fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0f3dad0d025c4b6b8abd5d698f00cfbd
3a82ecac8709c7acd620316502a0e774ac3b1170
8d98454c05e1bfb1e534913e69fe76f4b0cb619c02626bcdc163f7be48b1621f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-dt.fcdn.info/swpush.min.js

104.21.234.86

200 OK

12 kB

URL HTTP/2
cdn-dt.fcdn.info/swpush.min.js
IP
104.21.234.86:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (34449)
Size
12 kB (11533 bytes)
Hash
308c2005c7df76e5ae19c51af68e7227
f93f48c3ec16abab209e73c9895af4e0f2b8485e
f6299f99748f5d737b4c9ae57de187d095059085614d4adf03647c6ddf2e1e2a

HTTP Headers

GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 657244
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5cfmjwabynmj5V0rKtTw3iZ0CzwgPKJ1qjdmV%2BAC%2FQtVG%2B5bvDj%2BHjrTuSbo5KrfKzR0OzJt%2BFNUc1tpeyMTF%2F%2BCueVxGQrAsFy6OGNA6g%2FV2dGkGnM9Nc3SL8tUz2k6s7Br"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77890d275ed82404-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5891a5056e86a9dc649e48ab815aad11
205b7916523f5ad07b5c6f01984416902a13b7f1
ea88566c368b3006a717b9f4fecefbff291affc156e3913535c7971623c0210b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2271
Cache-Control: max-age=132954
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:20 GMT
Etag: "6396e40c-116"
Expires: Wed, 14 Dec 2022 08:57:14 GMT
Last-Modified: Mon, 12 Dec 2022 08:19:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5891a5056e86a9dc649e48ab815aad11
205b7916523f5ad07b5c6f01984416902a13b7f1
ea88566c368b3006a717b9f4fecefbff291affc156e3913535c7971623c0210b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1495
Cache-Control: max-age=132179
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:20 GMT
Etag: "6396e40c-116"
Expires: Wed, 14 Dec 2022 08:44:19 GMT
Last-Modified: Mon, 12 Dec 2022 08:19:24 GMT
Server: ECS (amb/6BB3)
X-Cache: HIT
Content-Length: 278

mycasualhookups.com/sl/html/032107/js/jquery.min.js

172.67.71.67

200 OK

38 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/jquery.min.js
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2447)
Size
38 kB (38510 bytes)
Hash
d21cec74e24e930408993c997fba9556
eb0e362ab2501deb5a475a0d2958b8acf0852b18
fcee9ca86cf9ef83541d86264e6f1e961ec865e348a7a4fafeff0402c59f4dee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/jquery.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Tue, 13 Dec 2022 18:23:08 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5892
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lz1egJs%2F4CqCY%2FsVU3nmgPEDzcyuw2K4aWpAKUok9NYkNpKlJXUXvwsEtjc85IuKesFa6syd5GbSKHmrosucVUdcJgC9i9%2FhFp5eoJbzrXcCiOAEVXSphylgZMvI%2BQltFgCcpgs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d266f11fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
5891a5056e86a9dc649e48ab815aad11
205b7916523f5ad07b5c6f01984416902a13b7f1
ea88566c368b3006a717b9f4fecefbff291affc156e3913535c7971623c0210b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1495
Cache-Control: max-age=132179
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:20 GMT
Etag: "6396e40c-116"
Expires: Wed, 14 Dec 2022 08:44:19 GMT
Last-Modified: Mon, 12 Dec 2022 08:19:24 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 278

mycasualhookups.com/sl/html/032107/img/top_panel.png

172.67.71.67

200 OK

1.2 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/img/top_panel.png
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 640 x 63, 8-bit colormap, non-interlaced\012- data
Size
1.2 kB (1231 bytes)
Hash
3d5a8980cd2bd44fdcc440b2b4a7b715
ce08d2573e3193b1cf1ec576bdcb9cc5c01efb18
066fba09681917ca5d2df75ef149c9cb8b7f3e71fd8cb2dbc63f6267af1946ea

HTTP Headers

GET /sl/html/032107/img/top_panel.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/html/032107/css/css.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:21 GMT
content-type: image/png
content-length: 1231
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Tue, 13 Dec 2022 18:23:12 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5889
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pavSb84ztIoj05vIcVYgnfvfnd56evM9Rh9zwsa8XQzQ5urw1oYxG7eE%2BV3IpaKkRcgOXzueDJTZBVZwV%2F%2FuDgSek5Hk71Z0ERd0g3oJKBq2CsMkvSDD1xhetkLfvGqTg1ZWGKk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77890d2a7a2afac0-OSL
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/additional-methods.min.js

172.67.71.67

200 OK

55 kB

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (17654)
Size
55 kB (55417 bytes)
Hash
1716b27744b0f67b1076a866d4150bee
1ba1ee178b5879cab74e8b651b4fe2896d2a5a29
00cb096cd180456576ed6811010d28c145176e63be683c51e0dba663827c08b5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Tue, 13 Dec 2022 18:57:43 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 3817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cP65pt9DPLOLVirmnCtRrFJTh2cHRFlnT09Trv%2Ff3tNmgVOqywjlaHvIcqarvPRUFUA0q9lzQ379WpCS4P1c9QVDA%2F5edyWHXrEM%2B10PY6%2F2c6k4SgPC%2FXgjj5V1EebPzhWkunc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d267f1bfac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/videos/video1.webm

172.67.71.67

206 Partial Content

1.8 MB

URL HTTP/2
mycasualhookups.com/sl/html/032107/videos/video1.webm
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.8 MB (1787154 bytes)
Hash
275783ec04582836653aefff2ea6644c
c33c6cc9494ea3789cdfc22b925916164aee4253
cd69ec1ee91bec9876983cd47b3381838aaee8be56ef467400d55bf1f5f758fd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/videos/video1.webm HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://mycasualhookups.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
date: Mon, 12 Dec 2022 20:01:21 GMT
content-type: video/webm
content-length: 1787154
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Tue, 13 Dec 2022 18:23:12 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5889
content-range: bytes 0-1787153/1787154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuW8m7aHnWEI2rP5SEdUr840QQ70qNTBA86yreYTBigOhYIvK4GGzm0MxJJ%2FSFioJsTLMep3eOk5IT2GbouEUZDClKK6AXEBeh2kY%2B%2BUxhmPtzvlo9j0BlEfvulYF2mLgix8Jio%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d2aaa4dfac0-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.35

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Dec 2022 18:52:41 GMT
expires: Tue, 12 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 4120
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6d462d3e6bc6168ee30040355f8b96ee
7578100cefe27a95fc25fa11481d78353185a9f0
7371baa9980618773809e1f238fb57f8ec6eef6bdc37d127bead092b7fde990c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 20:01:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b

172.64.162.28

204 No Content

0 B

URL HTTP/2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Mon, 12 Dec 2022 20:01:21 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhqvFU0yEq1UYFb6w8jp42aRCVlj5ihVALXH8F1O7VX3AJnBJJMFY%2B9kvp71fNEfOdfZKXJrgas6XfOLeHpvezH3TaIKe%2F%2BMD3I56m%2Fwbf60rgjVaDHXPYtWK%2B1%2Fpg1R9vMrAZsfRpDL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d2bca8b771f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b

172.64.162.28

200 OK

5 B

URL HTTP/2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

HTTP Headers

GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:21 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4HZS8RteqO%2Bh5St4tdYPKECoo9227yk3qaoQaKvVySzuFX3cT4YCHZvl64nF6aKfZfX%2BYH00htcXST9GLLDI0Hqv44Wageon30Mv9zbgJI8ESMrdfsgUGonxIN6z32KR%2FKDH7jqFzBT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d2d0ca8771f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum=

172.67.71.67

200 OK

7.6 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum=
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4330)
Size
7.6 kB (7638 bytes)
Hash
30b39f81ff8c588b91bb5c2c90883a42
dcae7ec0745500190b09f04e7081b7b503333d91
2c73f86ff8d3cfff3677f84a51bbde0565c16f6b1f2b4135e81456a7a54fe7d4

HTTP Headers

GET /sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Mon, 12 Dec 2022 20:06:20 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUgTzlhFcvriWbqJ%2BQTiiBzoOhpzSVlCAPac5xt%2BZuHr7GruHe9JD61wCyDvCJNBat9KgBQQDF0cJ7fb1nWOSXHQfeHHcqqwlFWCRJn4R9sG6QMyWl2c4tzpCD0LZKzN81LkyxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d227c12fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5452 bytes)
Hash
24d5e5918cf53c569d6674e598228246
241a28d882355e06b0a2428c931f9d72dd5c6c53
2ebf30d1844d23a2b7516b900b1aa4473e5c042b0e0ecb2c39675d4b4bc7910e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 5452
x-amzn-requestid: eb6aca44-e834-4123-b191-eb3f007bf7b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6OCrGM-IAMFnxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393f6dd-71fee2de2dd69c7d1d4d32fe;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 03:02:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SQJoOlmklC9KQSsedNiaNHyhmvIUvHCg0IU1PfXcZba1LXU-7VmMjw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 02:35:07 GMT
age: 62779
etag: "241a28d882355e06b0a2428c931f9d72dd5c6c53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/css/style.css?1670875280

172.67.71.67

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/css/style.css?1670875280
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/css/style.css?1670875280 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Tue, 13 Dec 2022 20:01:20 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oy12dFUOcCYwoDok2z0iVuxPRvsahVkSMZaPeiPhxAh2nhnX77TIl%2B97zV7LuFGfTiHP9gq%2FohPZDV9bb6A%2Bm3KSsgUBxjVvPtL0Ps0NAPUZ2u3CaiMhUNPyDKB%2FZPFGJTaBUi0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d267f15fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnjam.com/cdn/sdialog.min.css?_=4

104.21.58.242

200 OK

0 B

URL HTTP/2
cdnjam.com/cdn/sdialog.min.css?_=4
IP
104.21.58.242:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:22 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5370
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FFoe8wpfCd5yi8toYqPvRoaTDEopcsfo7F%2B9Z%2FK4mJBfVBk0WxnD%2F2DTAg4wdp%2Fi0obIANsjcmMPD1z%2BHm6oL6dCnKRqGaeZLLQLT5XSLC%2Bf5l00B01cPd4go7t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d346cc9b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/favicon.ico

172.67.71.67

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/favicon.ico
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:21 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 6520759
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aZsko4eZEHUjOGmWTzuEPvXQLT0IqtDYIsQ9IYQpQAFaV8cj%2BXkiHy7oS7Wtt5iaYXpn7q44S8dMFJurECIb2UOq5xC0P%2BJWxhFGdi4912fYvWw5vapdV0ZdbQL%2FcF1Y%2BMsvww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77890d2d1c4dfac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/js/main.js

172.67.71.67

404 Not Found

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/main.js
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/main.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=7200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BMHP01pXwzG%2Fvs3zFAuRvk%2Bf%2FcVB5JHxYp%2FO5ttuWBJoQy9itJbA%2BC1EP7wTwum%2FC8WjnNckyCZVflpIpdPBMpdszJ90kCAXS3%2BCiBiri%2FA59EJmigud%2BOVCiPOaHqjdI1lT8w8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77890d266f12fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/common-langs.js

172.67.71.67

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/common-langs.js
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Tue, 13 Dec 2022 18:57:43 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 3817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKKni2N4d3%2F7bKZ%2Fn9%2BFmaoyIYX6%2Fd3OJcAKqg41fNXYiKtGiINQ4Uxed0JjM13da9xJ7IKE9mF8thepGCuFKPo85lwXmPAZf%2B0uixbt%2BE01%2BKsU1wfWR7VofY7ngTWq4FkDd%2Bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d267f1efac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/css/css.css

172.67.71.67

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/css/css.css
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/css/css.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=9103
expires: Tue, 13 Dec 2022 12:58:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 25387
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37ML0sKwDKna1fmszAre6yjlvzZrpI9296Ixeu5mufwO7v4zC%2Fsb94rG%2B2r6lOiurcjVMwlHOkTTqtuSpG2OONkr0YLNHX0ZSbhg5hn4rr9oyeXBMl8%2FnfoOAh7mWZ4HmVepVdM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d266f10fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/unsubscribe.html

172.67.71.67

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/unsubscribe.html
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/unsubscribe.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:21 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Mon, 12 Dec 2022 20:06:21 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oeskGoWLKqAE9DeovS6eaKmb4vzl5%2F49CuaxDTgcjUb%2BXOxkoF6eS%2Fq01YLf71pdkD%2Bdh9AVXNl19xo6Euox%2BUpkNOBk6VS7EAYLIPCHCqnHmmQeH6vIsdQh0NqzwTg7UFlyU5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d2a6a16fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/main.js?1670875280

172.67.71.67

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/main.js?1670875280
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/main.js?1670875280 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Tue, 13 Dec 2022 20:01:20 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6uyhDVRGoi94DbFnpEZV1FKi2dN0BMrzeFz0D4JkvdphgO%2F0O5ogMu16%2BZTcQqH3HCr%2FbiJ9GyydDKbm51ckrRYaEAcfJnt4Gvs2QsQAX5rEU0Un%2Bhg4LKZkcipI%2F0izggId5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d267f20fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/css/style.css

172.67.71.67

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/css/style.css
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=4300
expires: Tue, 13 Dec 2022 12:58:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 25387
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep7gK1pXYzXqugL6LbKdzTSoeKhnDw1VgolFHEmUFLe1cybyP7o59GQLBiMY0i7Ll6B4BXrMIZYxRl2He%2B3zmfD4DmNU7jBc4r%2BC1rxNb0FBZs9unjc6pyC%2B39%2BYs4nWsBygQps%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d266f0ffac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.162.28

200 OK

0 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=orjW5GPu6wXiNQiNvhkvwNfHK1uWV6iH9ry2exKZ-kBf4wMtgCMdBOPrUtErMXzQCm0QNX3TJCuTnI04Ng_aS-3SIIp1GtxyT_fZInGkZvgRcte7o2xhEF2ENVqANCuGNHSznFUxXUkMBkKeMaYwPwoR-dEJvRZ0nMsYni5jR98Uyfk1yN0cVvQQ59LM5YwDUbw6iuybUJFz4B46BM3M9ZGMMqOZxkJNNcCkjCrnKC_tvMI_p9lwBGQ8BOj1LhHzH2F7S3fVmX_ChF4kyqYreSg5fH_0nZq9SI1hRBY1Z784abEO0bTOxti7j-JGGgs6MiSB7FxMSl5NKHFwNuxBpoLWhs33ZRcT7dTuIcfrIzHgjd1ylmDrI7gx6ptmuCL1XlhnkT7Zt6ykpsTdkM4H4w&lptoken=162870ad870670d779d6&external_id=36197-739622313&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKVvpMTmLVz8zYgn3a4BFhqIfsuh4bRiV6nFjy2zYXYJ3XN2%2FijwCPpwV60MR%2BOaWFLVB4OXCrP04m%2Fk3Iewjc1iC%2B%2BfxR6hYK3Rtz5NHoHYS97xA3Jd7MRan1mgqEdGa%2BFs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d291e65771f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js

172.67.71.67

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:20 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Tue, 13 Dec 2022 18:57:43 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 3817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Q%2F4OJi7Knqt%2Bkc6Onw4uae3hSeLyhwX1Qeyl3178wJw609WrGAv%2FLPMrgL2EiswbahdCrK5XlvTXgB4HMY8%2BTZSXnTANxxXNxv%2FC2GLd9GXgbnIvnpANlMKXrsVSGhhmKkON7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77890d267f18fac0-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.71.67

200 OK

0 B

URL HTTP/2
mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.71.67:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/privacy-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 12 Dec 2022 20:01:21 GMT
content-type: application/javascript
last-modified: Wed, 07 Dec 2022 18:45:45 GMT
etag: W/"6390df59-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BVLdAvkob%2FLIFDe8xR0LePTWaMGphrrn0s94842x9TYXzd4PW4eGVSLza2ZgadQnMrueyJSgM03gJUfs0863KK94dYAz4KK6GDCkEoDvyfYkzxg21bk5UCcNE90COVIlKM%2BgVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77890d2bcb21fac0-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Wed, 14 Dec 2022 20:01:21 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations