hot-desire.com/
104.21.235.204301 Moved Permanently 0 B IP 104.21.235.204:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: hot-desire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 00:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 01:24:09 GMT
Location: https://hot-desire.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FCwwPnwq6AWhco6cJdzfIJzOnKS6mbKWn%2Bb1Q3BMDElCa2C1WzGdNCLLAEfQw4oWAaEXYT88PKIb4FO8kBDEW5VxcuoTU77mvRVQcNGQhzHeZ9nR0gHAENNh9yUDuwWEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7706b8208b3a407e-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15541
Expires: Sun, 27 Nov 2022 04:43:10 GMT
Date: Sun, 27 Nov 2022 00:24:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2233
Cache-Control: max-age=125052
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:09 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:08:21 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18334
Expires: Sun, 27 Nov 2022 05:29:43 GMT
Date: Sun, 27 Nov 2022 00:24:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 00:17:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 396
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: j/KLwwZ7iGojusnjPGIp9n0LwBxlDhP7Y/mczAbYL1EUxsOpIYiAMxswcYAJk/8qe8SqFNhnOdE=
x-amz-request-id: D3WFDH5GM43K6RJY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 23:41:24 GMT
age: 2565
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 00:24:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 645fa7c86b42c32cfbd44157d55ad6d9
a269bc77ba2bfa612077a210d219e29d6decf205
80a4d8f6dc2f3b87656fb1cbf98d82e01cf4ce9e8d96eff093d7818429cc07e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=139393
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:09 GMT
Etag: "63822baa-117"
Expires: Mon, 28 Nov 2022 15:07:22 GMT
Last-Modified: Sat, 26 Nov 2022 15:07:22 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 645fa7c86b42c32cfbd44157d55ad6d9
a269bc77ba2bfa612077a210d219e29d6decf205
80a4d8f6dc2f3b87656fb1cbf98d82e01cf4ce9e8d96eff093d7818429cc07e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=139393
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:09 GMT
Etag: "63822baa-117"
Expires: Mon, 28 Nov 2022 15:07:22 GMT
Last-Modified: Sat, 26 Nov 2022 15:07:22 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 00:11:12 GMT
cache-control: public,max-age=3600
age: 777
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 960a7ec8fbf17e5da76095b7cec7c01f
86ea131782e6f724c0ded30c04215cd2122e6d6f
fa534001078b706c78ff31811939ca595f8375fce8c3585bfd9dc8c0d8bc610d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=97583
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:09 GMT
Etag: "63818858-117"
Expires: Mon, 28 Nov 2022 03:30:32 GMT
Last-Modified: Sat, 26 Nov 2022 03:30:32 GMT
Server: nginx
Content-Length: 279
m.luvmenow.com/click?offer_id=5246&pid=31430&ref_id=s8hnpa78b0ob&sub1=28582&sub2=91.90.42.154&sub3=s8hnpa78b0ob&sub4=&sub5=&sub6=&sub7=&sub8=
172.67.165.172302 Found 0 B URL HTTP/2 m.luvmenow.com/click?offer_id=5246&pid=31430&ref_id=s8hnpa78b0ob&sub1=28582&sub2=91.90.42.154&sub3=s8hnpa78b0ob&sub4=&sub5=&sub6=&sub7=&sub8=
IP 172.67.165.172:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?offer_id=5246&pid=31430&ref_id=s8hnpa78b0ob&sub1=28582&sub2=91.90.42.154&sub3=s8hnpa78b0ob&sub4=&sub5=&sub6=&sub7=&sub8= HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 27 Nov 2022 00:24:10 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_6382ae29ffeb1c0001bde8f9&s4=31430
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6382ae29ffeb1c0001bde8f9; expires=Mon, 27 Nov 2023 00:24:10 GMT; secure; SameSite=None
afoffers={"5246":1669508650}; expires=Mon, 27 Nov 2023 00:24:10 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARYvL1XkJlls1rQNTGeZd295f%2BRWFWX5aSUqmWy8DwUs4GsKu2FUR5o6JBSEyMHEYQfVtv51croZlm7ymqb8eXZQrGYU0VNWcsCU3Eq75vVuGDl1emCWTCUgCxXImfJMyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b825ff770afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4381
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:10 GMT
Last-Modified: Sat, 26 Nov 2022 23:11:09 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 960a7ec8fbf17e5da76095b7cec7c01f
86ea131782e6f724c0ded30c04215cd2122e6d6f
fa534001078b706c78ff31811939ca595f8375fce8c3585bfd9dc8c0d8bc610d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=97583
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:10 GMT
Etag: "63818858-117"
Expires: Mon, 28 Nov 2022 03:30:33 GMT
Last-Modified: Sat, 26 Nov 2022 03:30:32 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KZA6Jq5cDArkU8LfgLJLvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DJEOcw0i2a9rPprEIOfCKGXFzw4=
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 1db4e1caf26d741ceaefb7704d182929
230d93d4322b2c7114f8c7f2aa3943912191bdc4
cca58cb58398aa3d2be19a937998edfc9c0d1f351e6850f0a8424c4a7ad94aea
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 00:24:10 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 01 Dec 2022 00:24:09 GMT
ETag: "230d93d4322b2c7114f8c7f2aa3943912191bdc4"
Last-Modified: Sun, 27 Nov 2022 00:24:10 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7706b8275cf70b31-OSL
meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_6382ae29ffeb1c0001bde8f9&s4=31430
54.154.42.150302 Found 269 B URL HTTP/1.1 meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_6382ae29ffeb1c0001bde8f9&s4=31430
IP 54.154.42.150:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b75952c24fa05aa2ca707a55cf31ba7b
6d247c1ddbfe2a1c32571df9b7268b675f4ce53b
177d0a57df535189bc96bc00c55363fa6051a36dfc3264587964faf74e82ca13
GET /?a=16295&c=43694&p=r&s1=&s2=a_6382ae29ffeb1c0001bde8f9&s4=31430 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 269
Content-Type: text/html; charset=utf-8
Date: Sun, 27 Nov 2022 00:24:10 GMT
Location: https://fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_6382ae29ffeb1c0001bde8f9&s4=31430&ckmguid=8de5f797-338f-4191-a9f3-d2ae90fc39d0
Connection: close
ocsp2.globalsign.com/gsalphasha2g2
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.20.226:0
Hash 2fe10cc6906e31a7d8383d2cc633ccb9
0deee9813d8f6576d1dfdc1c72b8318cd859e2a0
0e37c241e1b1964b8d9b822dcb118c67af6605262016388a5bacfb0bad1974c5
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 00:24:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Wed, 30 Nov 2022 21:49:42 GMT
ETag: "0deee9813d8f6576d1dfdc1c72b8318cd859e2a0"
Last-Modified: Sat, 26 Nov 2022 21:49:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7706b82adefb0b31-OSL
fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_6382ae29ffeb1c0001bde8f9&s4=31430&ckmguid=8de5f797-338f-4191-a9f3-d2ae90fc39d0
52.18.157.191302 Found 234 B URL HTTP/1.1 fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_6382ae29ffeb1c0001bde8f9&s4=31430&ckmguid=8de5f797-338f-4191-a9f3-d2ae90fc39d0
IP 52.18.157.191:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash fd133249939b86b7607bc16d1fe6c500
281e94ea7e23efd0c98a878a9b9a3d7ebb799cc7
8c51147795f78dd61c92f39f3ad259c1064dd2ad88ed3f5e81f3709f298b8e32
GET /?a=16295&c=43694&p=r&s1=&s2=a_6382ae29ffeb1c0001bde8f9&s4=31430&ckmguid=8de5f797-338f-4191-a9f3-d2ae90fc39d0 HTTP/1.1
Host: fordats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Sun, 27 Nov 2022 00:24:11 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738351990&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=SFhnHM6weEAovSGPLBEUPaW/CbkkUimROKBzs9ZGfvBbkBLyiDO5GA==; domain=.fordats.com; path=/; HttpOnly
trk=7qDaU3LBZpMBflLY7+sDKqW/CbkkUimROKBzs9ZGfvBbkBLyiDO5GA==; domain=.fordats.com; expires=Wed, 27-Nov-2024 00:24:11 GMT; path=/; HttpOnly
c36197=SFhnHM6weEBY3apQIC+ns4QUl8E6rXJiasbnmUDzi39eCUghiDE1Zg==; domain=.fordats.com; expires=Tue, 27-Dec-2022 00:24:11 GMT; path=/; HttpOnly
Connection: close
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738351990&source=16295&sum=
18.193.146.82302 Found 0 B URL HTTP/2 bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738351990&source=16295&sum=
IP 18.193.146.82:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-738351990&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 27 Nov 2022 00:24:11 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/032107/n.php?cep=JZuuY-M8tFBtHTFi1dpZp63LSR-gIf4dUIMqIfitLeGBJG_pjr7dIpLTbLgbp5cuny6B9ZR_GmTVeZoEyMsJayJuKc1iY4FX2cquxeKNmcJdYJQi_3B0O-IpvXJm2wpN4rOiHN6MhDjopEUDtQNiTpLkj7l2hKOFumqCDohdKLZvRM8O9_cb4NkAwfcvKg6uH4OdBy1HXsQ8Ycs7tIU-m63GA3cid_Dm24DQUMul7_nLiyD6y9kel6m0kW8AA8vueW0ofr6K4FNWPQ3REPfB47l0192ENKNcMeLISCI8qQIHjkHBWQdUnLu-9bG2Hfn5PPWw6NoOsskX1_0oRh0CDKwq_b0GaMYx_bHTOm_i9iStTsJK1bjITferCkJN8iJLNsq51w-S8Kw2mkk3AIO9og&lptoken=160369a6515704225155&external_id=36197-738351990&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=ORgGKWvyIY8wFsbrnRJcJFb2_laAFNhoVq7GCs6h5rg; Max-Age=86400; Expires=Mon, 28-Nov-2022 00:24:11 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=mL8icBGOtfKq0H2_80gpw86vbua_dzfi_LHZdhP6JtyVTmj6m6-WE0d-EY79_wDHwDk7Fxu1zWja0aenUmvjk-RFxVU0PPtCmfCHtKErimZuQxbXYF_W-2kcz-P7-WdfY9Lyh-B872BU3ycd5B9kS51ZauiZxCvFLUkk2Yz8yaoYaLe9PKAzEELHCAltpGygK-9O94O0byFpZR464Ug6TBKn6_9UMV8mN4DyQyzbNQZObVmbDav2nyxhQ5BHJqyC84u_LzcWjvwgZzFxpDYefr_zT6f69m5PwktOC5gJKv990lWNpSz2IH4kQt3vqHzTt4Up8ECwgeJC97WZFkPbBol0qnbU7f484hTHbgIp27L11qm9CWO5XhDme-resLSlxVL2Z9oy9wQT3aNLulNiPg; Max-Age=86400; Expires=Mon, 28-Nov-2022 00:24:11 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY
IP 142.250.74.35:0
Hash ddc8b5904d1f9796635dcae3203eaaef
3e066730d80431c7e040dba1a6fb493d837790ff
ba23d9ae807910e7ebe2ee49a8c2711234f7388158b66a91a72b5afe8ddca374
POST /s/gts1p5/Dt6OUty8wSY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:11 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8761
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sun, 27 Nov 2022 00:24:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8761
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sun, 27 Nov 2022 00:24:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8761
Expires: Sun, 27 Nov 2022 02:50:12 GMT
Date: Sun, 27 Nov 2022 00:24:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 9154
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e586c141835f4ac8819c55dcb811b4d
a23fd98701ac35cd8740d1f7a832118c770e20c8
4296f391f755a649897a2211f9072c69a0510e43a313674908bb0a771b12650e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa78e81d9-dbc4-4911-9711-219f64026531.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10944
x-amzn-requestid: ed714e4a-0f80-4b2d-ae82-b28d617fe927
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b42xTGpSoAMF9Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d1a1-1235a4ad16a6bfee50615fbb;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:05:05 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: UzVSiMniBPN9LTEIutLmWn7BZX7d5RWIxtH0H-RpLfIGqdIBTovGMg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 22:36:11 GMT
age: 6480
etag: "a23fd98701ac35cd8740d1f7a832118c770e20c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:50:08 GMT
age: 9243
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 116eb5028a206e55f758f3e34887c87e
10577d9fc19028a0e0303634ec16ad8b2d41fa7a
d5d0f5518f8346e78f00a57632efe36f3363cabfa9abb30b7bea60261b29910b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6188ef1b-7a47-4903-9867-0e57b53def62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5103
x-amzn-requestid: 203eadee-9375-4290-ae0a-dd48e83df697
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFGzTE90oAMFTyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637eb814-2c32253b155d5dd0283fdd07;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:17:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NQEJS9-L2M6WJ5nqH7C7MqIv96GDNUexqw60hbX_3z8wxv8bp0ARwQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 17:52:17 GMT
age: 23514
etag: "10577d9fc19028a0e0303634ec16ad8b2d41fa7a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z7Hy7zEJmW8khrRb_uNcDa3UATX8DaKsdis-wUJAXfOZN4BM-0JtvQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 01:46:48 GMT
age: 81443
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccb536b51f31391c89fb2abe3be6c749
c9a5ab962bfdd174aecd4809d770f0fe305ab8e4
b4b6f70603ab79399aeda1d8b7e8f2662da37b51a2d076b8e754c812b6fa5b47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31dafe91-0b1b-40e9-927c-c01863516712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9073
x-amzn-requestid: 6cf20b75-6b27-4a34-97a8-017d7169f31b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JuVHY7IAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2328-1ca76b3537613fb26358b8f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: lg8rdnHT_ndB-9CMrHcVN8a2xZCubuTEpUQ2m6i77l-NfdNfhfITEQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 16:41:41 GMT
age: 27750
etag: "c9a5ab962bfdd174aecd4809d770f0fe305ab8e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/jquery.min.js
172.67.71.67200 OK 38 kB URL HTTP/2 mycasualhookups.com/sl/html/032107/js/jquery.min.js
IP 172.67.71.67:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2447)
Hash 2ba9bd397d255aaeaa8556067ed00c4a
f5ebf0cca4ade4ec8fbfefa380549b94fd1881b3
4ebca02b702e2c9c8aeb9619d98dfe22cbf6f5f6264cfebf1cf9e54ca1b54255
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/jquery.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Sun, 27 Nov 2022 23:58:57 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 1515
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCbOQNyIkspgqPHvH3GAg5TlMVGtrKJuKAblOmuZ2cbjdR8dUl%2BcnGe8sxtYzS9cWTEpDGr2ZHUIjCqRO8pzwoSvd8uvHgi8Bjr2%2BxvsNZzHDsDaUpY7H%2BR4XxKHYHrpWCWrGDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833b8f90b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
216.58.207.202200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
IP 216.58.207.202:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 20:15:47 GMT
expires: Thu, 23 Nov 2023 20:15:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 274105
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/css/css.css
172.67.71.67200 OK 2.9 kB URL HTTP/2 mycasualhookups.com/sl/html/032107/css/css.css
IP 172.67.71.67:0
File type ASCII text, with very long lines (6865), with no line terminators
Hash e80cffacff491402b41f144a8f03561f
08dd139590b6e056e21df50dc76d8c224f0261ca
9b701bef675cac9af5c7dab9d500669885f293c3c2738938ac9af34b890c5ce8
GET /sl/html/032107/css/css.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=9103
expires: Sun, 27 Nov 2022 23:58:57 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 1515
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eS%2BVvdWOUtrBZZfrqmFO6a7HVBhOPpaH13BLuTihyMjEj0WhcApWhMq%2BP5IFNznebtHJKvpOi9JM%2BDuIuQjtXwZS1CfA21a5WYCVhhdBXL7ntrUNegsr%2FdLP4e1OJJsI4W%2FfzZo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833b8f50b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7f54bbd738ff3a9375af04b8d89ab419
f0051ffb9265b8637061cb760db1ababb908eff3
ba7a9f3d6db6ad7bcc658734fa55a74097699eb72aee168f861192346f809842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=164949
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:12 GMT
Etag: "63828f81-117"
Expires: Mon, 28 Nov 2022 22:13:21 GMT
Last-Modified: Sat, 26 Nov 2022 22:13:21 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7f54bbd738ff3a9375af04b8d89ab419
f0051ffb9265b8637061cb760db1ababb908eff3
ba7a9f3d6db6ad7bcc658734fa55a74097699eb72aee168f861192346f809842
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=164949
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:12 GMT
Etag: "63828f81-117"
Expires: Mon, 28 Nov 2022 22:13:21 GMT
Last-Modified: Sat, 26 Nov 2022 22:13:21 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
mycasualhookups.com/sl/html/032107/js/config.js
172.67.71.67200 OK 50 kB URL HTTP/2 mycasualhookups.com/sl/html/032107/js/config.js
IP 172.67.71.67:0
File type ASCII text, with very long lines (332)
Hash c933a5fdaa6d85f126dfdb4cb0c42065
09d4f9254862c16c6d228df6120a2d9d50f842dd
812407b6fb5809da1981a442b00889b3b92ae77642925135dffd985fec2cd93d
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Sun, 27 Nov 2022 23:58:57 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:19:29 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 1515
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8Qe4m7O%2F4bn9P5P2btxxLnIX3HUmBkaSFUhcJq49OrVht4N1lI2DE2%2F22uIuuD0c%2F6lAXpysfOwXotttSk2P8H3mwFCvXGJ%2BwOnDefPmay%2FYk11WMDbsjoZSIKGgx42phAFRnE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833c9070b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
172.67.71.67200 OK 9.0 kB URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP 172.67.71.67:0
File type Unicode text, UTF-8 text, with very long lines (23122)
Hash 3c2f3b787d3cfab7de8999b126555db0
3fa048558cf1997631cdb3f990327a5c029c4048
8e00a8f89a6a199e3b006280d857992eee54033e7da0f3103e13546d69658070
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 27 Nov 2022 16:39:41 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 27871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaII9NoysDEwnNaxZn5b3LyGUCoVBnuDhlJnCOZrXRN0FyGftvCd%2BO1EhoZzpr9WOflEmi8cxy3E2ttPxNni%2Fq4GU4%2FOx5JLAGA0jO7u%2BNneQHyWbsh%2BZV0YkKXiFdiIK%2FIIWjM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833c9010b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/n.php?cep=JZuuY-M8tFBtHTFi1dpZp63LSR-gIf4dUIMqIfitLeGBJG_pjr7dIpLTbLgbp5cuny6B9ZR_GmTVeZoEyMsJayJuKc1iY4FX2cquxeKNmcJdYJQi_3B0O-IpvXJm2wpN4rOiHN6MhDjopEUDtQNiTpLkj7l2hKOFumqCDohdKLZvRM8O9_cb4NkAwfcvKg6uH4OdBy1HXsQ8Ycs7tIU-m63GA3cid_Dm24DQUMul7_nLiyD6y9kel6m0kW8AA8vueW0ofr6K4FNWPQ3REPfB47l0192ENKNcMeLISCI8qQIHjkHBWQdUnLu-9bG2Hfn5PPWw6NoOsskX1_0oRh0CDKwq_b0GaMYx_bHTOm_i9iStTsJK1bjITferCkJN8iJLNsq51w-S8Kw2mkk3AIO9og&lptoken=160369a6515704225155&external_id=36197-738351990&source=16295&sum=
172.67.71.67200 OK 6.3 kB URL HTTP/2 mycasualhookups.com/sl/html/032107/n.php?cep=JZuuY-M8tFBtHTFi1dpZp63LSR-gIf4dUIMqIfitLeGBJG_pjr7dIpLTbLgbp5cuny6B9ZR_GmTVeZoEyMsJayJuKc1iY4FX2cquxeKNmcJdYJQi_3B0O-IpvXJm2wpN4rOiHN6MhDjopEUDtQNiTpLkj7l2hKOFumqCDohdKLZvRM8O9_cb4NkAwfcvKg6uH4OdBy1HXsQ8Ycs7tIU-m63GA3cid_Dm24DQUMul7_nLiyD6y9kel6m0kW8AA8vueW0ofr6K4FNWPQ3REPfB47l0192ENKNcMeLISCI8qQIHjkHBWQdUnLu-9bG2Hfn5PPWw6NoOsskX1_0oRh0CDKwq_b0GaMYx_bHTOm_i9iStTsJK1bjITferCkJN8iJLNsq51w-S8Kw2mkk3AIO9og&lptoken=160369a6515704225155&external_id=36197-738351990&source=16295&sum=
IP 172.67.71.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4330)
Hash 7762b60761bcd2beef2c6b3d40fb5c48
42729d50d3b016c96e00fcc84b5ae7719dce5ce8
a174c1afba403bbb411144c04274bd54157bb9caabcce19e2421ce8f9b20adcc
GET /sl/html/032107/n.php?cep=JZuuY-M8tFBtHTFi1dpZp63LSR-gIf4dUIMqIfitLeGBJG_pjr7dIpLTbLgbp5cuny6B9ZR_GmTVeZoEyMsJayJuKc1iY4FX2cquxeKNmcJdYJQi_3B0O-IpvXJm2wpN4rOiHN6MhDjopEUDtQNiTpLkj7l2hKOFumqCDohdKLZvRM8O9_cb4NkAwfcvKg6uH4OdBy1HXsQ8Ycs7tIU-m63GA3cid_Dm24DQUMul7_nLiyD6y9kel6m0kW8AA8vueW0ofr6K4FNWPQ3REPfB47l0192ENKNcMeLISCI8qQIHjkHBWQdUnLu-9bG2Hfn5PPWw6NoOsskX1_0oRh0CDKwq_b0GaMYx_bHTOm_i9iStTsJK1bjITferCkJN8iJLNsq51w-S8Kw2mkk3AIO9og&lptoken=160369a6515704225155&external_id=36197-738351990&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:11 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Sun, 27 Nov 2022 00:29:11 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i5sKGusP0N70tyMJ7qLd7zKF9f4%2BsspCLRGCsfZaOw9FA2bnSwkiNtKES9QDlme8NPxIfufwCqJKaNJO6q%2FxYWXkf0PkDGXBpn4M%2BV3l7Avfte41I64cLC2LgBVYavxrhV8av%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b82ede020b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/videos/video1.webm
172.67.71.67206 Partial Content 1.8 MB URL HTTP/2 mycasualhookups.com/sl/html/032107/videos/video1.webm
IP 172.67.71.67:0
File type WebM\012- EBML file, creator webmB\20\012- data
Size 1.8 MB (1787154 bytes)
Hash 275783ec04582836653aefff2ea6644c
c33c6cc9494ea3789cdfc22b925916164aee4253
cd69ec1ee91bec9876983cd47b3381838aaee8be56ef467400d55bf1f5f758fd
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/videos/video1.webm HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://mycasualhookups.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: video/webm
content-length: 1787154
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Sun, 27 Nov 2022 16:44:08 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 27604
content-range: bytes 0-1787153/1787154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBSGTwOrr6lnyY5tBFUc1JikY%2FUUu55tSQoFBoIgDhskzCO7dVEVE%2FQ%2BDkzUW74Bg1oLK9k3Aj%2F1NKAhRJv5nK9vxyUxrVwXFHDIxDQ68iPAiJbNplyIdIsmnz0cQMcMyV0PAXM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b837cb370b06-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-dt.fcdn.info/swpush.min.js
104.21.234.86200 OK 11 kB URL HTTP/2 cdn-dt.fcdn.info/swpush.min.js
IP 104.21.234.86:0
File type ASCII text, with very long lines (34449)
Hash 06fd10c15cb7d9518c48a7434d811ca7
01ed736653a5e1e517568af784bac66269cfbab6
5e7513ecc9b7c3ba1e5e52ec834601cba7e6d672f46510f8ac03a00969f96306
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 307671
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJCyZrCUZ%2F%2Fe58gIp87AdnWkEHNJXnecN8k1f5KVRfu8ghzWtZVHYa8FcL79oWkOTfLvctqHbhLsPRMbSGXgLpouHQltyODUTUt9zLTsUsnJtyJDCJvs3%2B4UqcSYvgdi%2BHIJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7706b8363c43731b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mycasualhookups.com/sl/common/js/common-langs.js
172.67.71.67200 OK 51 kB URL HTTP/2 mycasualhookups.com/sl/common/js/common-langs.js
IP 172.67.71.67:0
File type Unicode text, UTF-8 text, with very long lines (12768)
Hash c0e73eac7869f6e184838cef44a9d8c0
4ff2da48fbc39b7d149e0dc22c11c9111892c7d9
5bcc86e8e52b563ba2bbf862c4c8597d53a3e7752c8729f8ee34a4162bc67042
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sun, 27 Nov 2022 16:39:41 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 27871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85KP7FMNC8KER%2BsMzqy8IQ3eCRhpjh4eQaadR%2Bzuk7rGv3jGuM0rY2EuSmsZ3EF9vuLXoJCb25ndGCJytOdY%2BsJ6CaE%2BZJy8g6FNBVKDSguO9Zjp3CHyPJoAcNxfVY88yBgD7UU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833c9080b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b05606331c6f88a724d9e404e62974e4
72176bc6b618fbbe567b5746ed54e14d381a9815
7179b3d4ee227d9bf6d768a5fb1a9499f285d5949d21893c9a6997da8ea7b026
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
172.64.139.29204 No Content 0 B URL HTTP/2 subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP 172.64.139.29:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 00:24:13 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81X7o4IZxzQpUvIiQAl9AB2%2BvWqLUhttaf115S4zsWdme0HxXS%2FEwnYbnIlL2IihXaTrBlE4qOQI0p1yZ7KPQb%2B2A%2FVQQEmVO6FZeauhKLfEUz%2FHiDe3A6XM0KKGwXtmimJoLcSf7CBe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b83d3a4c4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
172.64.139.29200 OK 5 B URL HTTP/2 subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP 172.64.139.29:0
File type ASCII text, with no line terminators
Hash 68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=JZuuY-M8tFBtHTFi1dpZp63LSR-gIf4dUIMqIfitLeGBJG_pjr7dIpLTbLgbp5cuny6B9ZR_GmTVeZoEyMsJayJuKc1iY4FX2cquxeKNmcJdYJQi_3B0O-IpvXJm2wpN4rOiHN6MhDjopEUDtQNiTpLkj7l2hKOFumqCDohdKLZvRM8O9_cb4NkAwfcvKg6uH4OdBy1HXsQ8Ycs7tIU-m63GA3cid_Dm24DQUMul7_nLiyD6y9kel6m0kW8AA8vueW0ofr6K4FNWPQ3REPfB47l0192ENKNcMeLISCI8qQIHjkHBWQdUnLu-9bG2Hfn5PPWw6NoOsskX1_0oRh0CDKwq_b0GaMYx_bHTOm_i9iStTsJK1bjITferCkJN8iJLNsq51w-S8Kw2mkk3AIO9og&lptoken=160369a6515704225155&external_id=36197-738351990&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:13 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9R6%2FNchLY%2F%2F7gRprn1rhh8C4mGIu8nNVOI7h6ghLtONJNZ%2Bpnu9sjoi6j1pRQlh5MLqAJ%2BHZrbBjAdxnrTTKWx7DUNG35pYE5Xw9nKjs%2FUBS1RXl7r3OrTVyCCO8MiGCFS%2BkYHvcaEO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b83e1ad84083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash db6aab5a8ad97fcd88eb84d682718c7f
91c5fec9c3cc47d750423b41ad587ccfabae73a1
e5c69d237270b93e20a16eb4e652097949ba86c5150585b83a08eb904a6e1a32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=134304
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 00:24:15 GMT
Etag: "638217cf-116"
Expires: Mon, 28 Nov 2022 13:42:39 GMT
Last-Modified: Sat, 26 Nov 2022 13:42:39 GMT
Server: nginx
Content-Length: 278
cdnjam.com/cdn/sdialog.min.css?_=4
172.67.166.71200 OK 1.6 kB URL HTTP/2 cdnjam.com/cdn/sdialog.min.css?_=4
IP 172.67.166.71:0
File type ASCII text, with very long lines (6775)
Hash d72e8b0d6a07382d6b5914d94d5d861a
51009b685e7b742afa31d880450a99034f2d2920
50cbd4a2f51668a43256c5054534b21f2281fae015e443f9a505eb9b91a7b135
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:15 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 3151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXOcAS7kYrPLhhZQZH0uBfI8m3GQoBnLWfbzkVYUYNYCPsAc5lQvx8dz8fJyIKFu5W3orXZRkPvnBNIHmq9fsX6T723jhWTfgvCtI9OQ%2B9B%2F0p5rA%2BFWqK%2FqcVKg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b8471aa6b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 9157
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/css/style.css
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/css/style.css
IP 172.67.71.67:0
GET /sl/html/032107/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=4300
expires: Sun, 27 Nov 2022 23:58:57 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 1515
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gy6eNjUPhV1M%2BFeqRmv5op4vRURgYWPYn8ywWW%2Fq4kvygCX3nLaJPMIoA1FzC%2Fva2m302GCbI6%2FiC2eqkawVZEbBX%2Fhunh7e6XYsr9XTeRqKKMVwEuDpDlbLMzhrXwQ4lMdP%2BLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833b8f40b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 27 Nov 2022 16:39:41 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 27871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwG2uVBuKB%2F93Z%2F6IxVqID08HfmaoaczDjr%2BiBCFmaUI8pAhN2uxIKSJ04vMQMy68ZzOUfI1BX72sh7LFZrzdDU9OsOW4qsGMHc4LkEfDcjSxSYI%2B4z7%2Bu7seEKSQGr4yaYZQqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833c9040b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
app.api-push.com/get-keys
172.64.139.29200 OK 0 B URL HTTP/2 app.api-push.com/get-keys
IP 172.64.139.29:0
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=JZuuY-M8tFBtHTFi1dpZp63LSR-gIf4dUIMqIfitLeGBJG_pjr7dIpLTbLgbp5cuny6B9ZR_GmTVeZoEyMsJayJuKc1iY4FX2cquxeKNmcJdYJQi_3B0O-IpvXJm2wpN4rOiHN6MhDjopEUDtQNiTpLkj7l2hKOFumqCDohdKLZvRM8O9_cb4NkAwfcvKg6uH4OdBy1HXsQ8Ycs7tIU-m63GA3cid_Dm24DQUMul7_nLiyD6y9kel6m0kW8AA8vueW0ofr6K4FNWPQ3REPfB47l0192ENKNcMeLISCI8qQIHjkHBWQdUnLu-9bG2Hfn5PPWw6NoOsskX1_0oRh0CDKwq_b0GaMYx_bHTOm_i9iStTsJK1bjITferCkJN8iJLNsq51w-S8Kw2mkk3AIO9og&lptoken=160369a6515704225155&external_id=36197-738351990&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:13 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub7UBHiiwM5ENvLbGbkKdIzeZarXwSgZqxbhiTAYAowly85ctZlXPba1kU%2FqMXWP4tQUMhI7I4Kf63WokTG7Zu2T%2FnhbR9h9EOJlITheD2EQzA6rxE7bKR0zoIufNs6Cf4ws"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b83a5ff34083-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/privacy-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:13 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 13:35:09 GMT
etag: W/"637cd00d-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=55f%2B8Nbz%2Fb9Oku67yynSG3hPYLzEY1scyjuJRvClIxkGyteSrJZa6KSE9QgXNuawe%2BNAstIoqg9u8rbevF0byseRyPy8yxYFcOCJIicRipizZuKKeIYgO2QCyoO490OW9LEL6rU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7706b83cde350b06-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 29 Nov 2022 00:24:13 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/main.js
172.67.71.67404 Not Found 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/js/main.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/main.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=7200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXirySaE4JZVxAJmplM5UFA%2BnyoESsCjt4mHhjwyBq8mVlZyEnLKz0Gb7rj341qVhTBAuqFtrL2AdEVnwJVoRbcm9andm1dKuexodAuF%2FmCUE%2Bb%2F6etJjUlnluPfF0o3Bi7XYzM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7706b833b8fa0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/favicon.ico
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/favicon.ico
IP 172.67.71.67:0
GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:13 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5154131
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bl%2FXRYqR0mD0n4Lr13AZGT0fsS8os7exkT%2BgzlJMAb6E6XDvq9zRdbU1vz17B7cvtyW7FBkL0gf%2F54N6wLbsfB3W6GF%2FHX%2BB58TruO31LJlICr72WLXD0ClOZdjD5A8u8K9DLO4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7706b83b2d310b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/privacy-policy.html
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/privacy-policy.html
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/privacy-policy.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:13 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Sun, 27 Nov 2022 00:29:13 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19J3Q5lFeTYexzvv9YkYgCbhV8A6wPz%2FRGepRQSDNV4qesu8goQo8NpBlg3zzzcNmE%2BLtx0oKar4Al8%2B%2B2OkOumkiRaqXENbvcqbF60%2F1y%2B98XW8Lk0NcQxN1%2Fb6zHH7kbk2%2FZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b8374ad90b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/css/style.css?1669508651
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/css/style.css?1669508651
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/css/style.css?1669508651 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 28 Nov 2022 00:24:12 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wy%2B23vY%2B5u2GOAKaqle8onmAv%2BHWV5xtRFdFtcGRwpQ1KzHzHBaEdAbBjvXs8gxK2MFh2psX0DP1GOYDU0eUdZlDOtmo14tUfXkZZfVcyJyH2WtM4h%2FBjjluu23KGSIPfAaGe6A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833b8fc0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/html/032107/js/langs.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/html/032107/js/langs.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/html/032107/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=7419
expires: Sun, 27 Nov 2022 23:58:57 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 1515
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQIXp9gIdUoBYBLAjwjy%2B41HtZ%2FXZHuGCLtERFUaFTLMWiH%2B32RLm%2FqR4yDt2%2FJf44fyI75kRU7ItfdUb7awvQTmBg4FKoBBoO3PgshqDWFsUxcZTbfwQ29k%2BlCml%2Bk%2Bi%2BhS20w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833c9050b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
172.67.71.67200 OK 0 B URL HTTP/2 mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP 172.67.71.67:0
Analyzer Verdict Alert fortinet Phishing
GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 00:24:12 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 27 Nov 2022 16:39:41 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 27871
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hh4jFQvtFhC6g20gkE3ICwDa9atTM%2FMMvr4%2Fi87jXeXEEciAec359XQ9SA2LdCCVsabCoy6W9FfigHG5%2BPRPL9DvuLKeavh7tlnLteQESWF7bcnFIR4OFCydyb5UUNLNw28qP6o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b833c8fe0b06-OSL
content-encoding: br
X-Firefox-Spdy: h2
hot-desire.com/
104.21.235.204302 Found 0 B IP 104.21.235.204:0
GET / HTTP/1.1
Host: hot-desire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 27 Nov 2022 00:24:09 GMT
content-type: text/html; charset=UTF-8
location: https://m.luvmenow.com/click?offer_id=5246&pid=31430&ref_id=s8hnpa78b0ob&sub1=28582&sub2=91.90.42.154&sub3=s8hnpa78b0ob&sub4=&sub5=&sub6=&sub7=&sub8=
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Sun, 27 Nov 2022 00:24:09 GMT
pragma: no-cache
set-cookie: _subid=s8hnpa78b0ob;Expires=Wednesday, 28-Dec-2022 00:24:09 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpa78b0ob_s8hnpa78b0ob6382ae299aa509.97440352;Expires=Wednesday, 28-Dec-2022 00:24:09 GMT;Max-Age=2678400;Path=/
9bf24=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI5MTAxNVwiOjE2Njk1MDg2NDl9LFwiY2FtcGFpZ25zXCI6e1wiMjg1ODJcIjoxNjY5NTA4NjQ5fSxcInRpbWVcIjoxNjY5NTA4NjQ5fSJ9.zojyAIjulZax589dH7D2JiWh339sCNjHlijDo-bvQ8g;Expires=Thursday, 24-Oct-2075 00:48:18 GMT;Max-Age=1669595049;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73HvlsAlI2cRsoObIJyP6mV5N651jCGDlW7dRenbICsFE1EAeJBKUrVFRR4d1WWuKBK88MyLaH71A0rhG5eMVY5raclIg8wpE0Xh2dz3GAcrLta%2F7QNQLfTKvLMAdpR9iw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7706b823f93176bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2