Report - fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63a86db687f8990001a5c4fb&s4=31423&ckmguid=27c34f86-3c73-4423-a65a-f9c00649547b

Report Overview

Submitted URL
fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63a86db687f8990001a5c4fb&s4=31423&ckmguid=27c34f86-3c73-4423-a65a-f9c00649547b
IP
54.154.42.150
ASN
#16509 AMAZON-02
Submitted
2022-12-25 15:36:04
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	2.6 kB	216.58.207.234
app.api-push.com	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	1.6 kB	172.64.162.28
subscribe.api-push.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.6 kB	172.64.162.28
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	74 kB	34.120.237.76
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	941 B	188.114.96.1
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.9 kB	7.8 kB	142.250.74.131
mycasualhookups.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.3 kB	1.9 MB	104.26.13.87
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.4 kB	93.184.220.29
bl.trackham.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	527 B	1.5 kB	18.193.146.82
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.200.107.47
cdn-dt.fcdn.info	230544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	729 B	104.21.234.87
fordats.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	451 B	967 B	52.19.202.187
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	35 kB	216.58.207.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-25	medium	mycasualhookups.com/sl/html/032107/js/jquery.min.js	Phishing
2022-12-25	medium	mycasualhookups.com/sl/html/032107/js/config.js	Phishing
2022-12-25	medium	mycasualhookups.com/sl/common/css/style.css?1671982553	Phishing
2022-12-25	medium	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	Phishing
2022-12-25	medium	mycasualhookups.com/sl/html/032107/videos/video1.webm	Phishing
2022-12-25	medium	mycasualhookups.com/sl/html/032107/js/langs.js	Phishing
2022-12-25	medium	mycasualhookups.com/sl/common/privacy-policy.html	Phishing
2022-12-25	medium	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing
2022-12-25	medium	mycasualhookups.com/sl/common/js/common-langs.js	Phishing
2022-12-25	medium	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	Phishing
2022-12-25	medium	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	Phishing
2022-12-25	medium	mycasualhookups.com/sl/html/032107/js/main.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	mycasualhookups.com/sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum=#p%23	90 B	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum=#p%23 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash 366614100df3a1aad7eaa097204bb879 462a34ed6013dced533568a3bafe7bb7da1b212d b52856d21909444a7b1f4afb75479ca00aa7a05fc60cdf860dcb3ce4f0b75f01 Loading...

	mycasualhookups.com/sl/common/unsubscribe.html	1.9 kB	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/common/unsubscribe.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash b65ff9705865169981f3ac388816cc72 c79a72e04d9b766e27ea4fe8d2a0cc5d9c484c41 67da9ca751409ddfd1a8b1b7a1fdfe5b66b37e6d9b1d0c4e083fb357debca5de Loading...

	mycasualhookups.com/sl/html/032107/js/jquery.min.js	127 kB	2023-03-08	2023-05-27
Pretty URL mycasualhookups.com/sl/html/032107/js/jquery.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:46 Last Seen2023-05-27 17:52:36 Times Seen16 Hash 60deb99052f1a9728c143c8e618dc9b3 f4bfc781f9cc075a20f8e9fb51c11ef4edb2d3c6 85ea6624a9f99bbf4f890125e45b2cbc2a9ac73aba9c9ad67dab935b8b4108f6 Loading...

	mycasualhookups.com/sl/common/js/common-langs.js	15 kB	2023-03-07	2023-07-02
Pretty URL mycasualhookups.com/sl/common/js/common-langs.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-07-02 18:22:18 Times Seen47 Hash 9dd6dd34babf310236383a7eb7d569e3 f396ed09424e282aa4e7b96d463541fc42556f46 7ae9fc07390e221821ced9edb8e092859afbc5653d7878c3d3074ed24be2c050 Loading...

	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	23 kB	2023-03-07	2024-05-09
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2024-05-09 07:58:56 Times Seen1000 Hash 93c1dd8416ac2af1850652d5b620a142 6a76e4c7db479053350580469aa010febfdcacd0 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50 Loading...

	cdn-dt.fcdn.info/swpush.min.js	34 kB	2023-03-07	2023-08-07
Pretty URL cdn-dt.fcdn.info/swpush.min.js IP 104.21.234.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-08-07 07:25:23 Times Seen135 Hash af2540aefe6334edb036a720947abb72 f17f394267c73b004d0f2c6dfb8a790aa2d7bf7e 7af8787e4bc78270a5a72a75f86a45ae9d3bd803c3c57ec3efb84d2aabe102a2 Loading...

	mycasualhookups.com/sl/html/032107/js/langs.js	6.2 kB	2023-03-08	2023-05-27
Pretty URL mycasualhookups.com/sl/html/032107/js/langs.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:46 Last Seen2023-05-27 17:52:36 Times Seen6 Hash c895285afd534a475c5953dee6ad3495 4ca789d37a3648284e1eaf3d83da4818860089e8 e70037ef79e847cc316e58b94ebe5d4c33cb97be85a0a99125f500d38de043a5 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949	97 kB	2023-03-07	2024-05-10
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-10 23:59:05 Times Seen119364 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	mycasualhookups.com/sl/common/js/main.js?1671982553	7.4 kB	2023-03-07	2023-08-07
Pretty URL mycasualhookups.com/sl/common/js/main.js?1671982553 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-08-07 07:25:23 Times Seen115 Hash b87e1c868deb5fadb6c9661630d4f0db e893295cfb31b37a247c509c53b1eae346c528fc 44523924092ddcf715dae1c6c23059400dfb24781643ddb760b0f6b82724a0a8 Loading...

	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	18 kB	2023-03-07	2024-05-06
Pretty URL mycasualhookups.com/sl/common/js/lib/additional-methods.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:43 Last Seen2024-05-06 18:28:17 Times Seen259 Hash 3a53c5eac97b98ed3833970d43bf7fc9 b8805460b5754be8b16a223df737d9577da4c182 8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8 Loading...

	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-05-11
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-11 00:48:48 Times Seen110575 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	mycasualhookups.com/sl/html/032107/js/config.js	395 B	2023-03-08	2023-08-07
Pretty URL mycasualhookups.com/sl/html/032107/js/config.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-08-07 07:25:23 Times Seen53 Hash 628061c41e011910d93e2eb32b7e8a24 edaa1d1ca254452b8c77111a7d2dd928276b5971 33015ae6fe9c43a1d94f0b77b94a17e903ca8be952608b85f70ce0df0193161b Loading...

	mycasualhookups.com/sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum=#p%23	487 B	2023-03-08	2023-05-21
Pretty URL mycasualhookups.com/sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum=#p%23 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-05-21 15:59:11 Times Seen18 Hash eb3361ce29dba68e5f6374b4129a7240 e9226d27e25cff9e8fd1026b4107d90919d59c14 8eb0cb2db6b9f3b562f0b58f4c9b1f6c48c31cce516872a20efbd90a5c6d33ff Loading...

	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-05-11
Pretty URL mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.26.13.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-11 00:20:21 Times Seen56579 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

HTTP Transactions (58)

URL IP Response Size

fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63a86db687f8990001a5c4fb&s4=31423&ckmguid=27c34f86-3c73-4423-a65a-f9c00649547b

52.19.202.187

302 Found

234 B

URL HTTP/1.1
fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_63a86db687f8990001a5c4fb&s4=31423&ckmguid=27c34f86-3c73-4423-a65a-f9c00649547b
IP
52.19.202.187:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
234 B (234 bytes)
Hash
85f5e02d81162a902ed9cebaf0f657ed
806d0e35c23097be86bdb3792440d443dad50767
88aa89693e1524252f4455a51effd79a98a44c9d1c9f4a9098cf887e31cde642

HTTP Headers

GET /?a=16295&c=43694&p=r&s1=&s2=a_63a86db687f8990001a5c4fb&s4=31423&ckmguid=27c34f86-3c73-4423-a65a-f9c00649547b HTTP/1.1
Host: fordats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
date: Sun, 25 Dec 2022 15:35:53 GMT
content-type: text/html; charset=utf-8
content-length: 234
cache-control: private
location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-740469621&source=16295&sum=#p#
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: sid=vW0WA5nJzzobX0Zh6qmutj558P4uMs2gMK2AO82zhC5phqSxCUPe1g==; domain=.fordats.com; path=/; HttpOnly
trk=6det6iCuULYeaDbCghyxJT558P4uMs2gMK2AO82zhC5phqSxCUPe1g==; domain=.fordats.com; expires=Wed, 25-Dec-2024 15:35:53 GMT; path=/; HttpOnly
c36197=vW0WA5nJzzoEenrlgp0NVgECKEAsn2uo/vCwpOdCbU1eCUghiDE1Zg==; domain=.fordats.com; expires=Tue, 24-Jan-2023 15:35:53 GMT; path=/; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb20c18681040b740ab1730562beb45c
abedefb801b0e13987d6619a77e0368771f9dfcb
288c1832db391da57e3d74ffa893ec2c47ef9c1945f85b88473c563b55a3dfb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "288C1832DB391DA57E3D74FFA893EC2C47EF9C1945F85B88473C563B55A3DFB3"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7740
Expires: Sun, 25 Dec 2022 17:44:53 GMT
Date: Sun, 25 Dec 2022 15:35:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9cce060ddc316540d079e6816a1e7412
709a74969d1996d2b35ef0f7f34ae18455169f1e
6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16584
Expires: Sun, 25 Dec 2022 20:12:17 GMT
Date: Sun, 25 Dec 2022 15:35:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b1d63d9d906daa309dc263b4991bbe9
04680ddd86781d46dfe6a9671571b3ad1f3758f3
46fff7230b88de4cd81dfb0feb783d2dec27e49041f9257d2fb891030781bf6c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FFF7230B88DE4CD81DFB0FEB783D2DEC27E49041F9257D2FB891030781BF6C"
Last-Modified: Fri, 23 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4282
Expires: Sun, 25 Dec 2022 16:47:15 GMT
Date: Sun, 25 Dec 2022 15:35:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 25 Dec 2022 15:34:55 GMT
content-type: application/json
age: 58
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: +earizjkw2o1/ntLi9hVZiGia5OZtEm8lRbg77mq0h37BOKHhwL/eyFP3w8aU4aVbvBua6NdPQw=
x-amz-request-id: 1SZNEPM8JN0RBMQ3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Dec 2022 14:57:03 GMT
age: 2330
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-740469621&source=16295&sum=

18.193.146.82

302 Found

0 B

URL HTTP/2
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-740469621&source=16295&sum=
IP
18.193.146.82:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-740469621&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Sun, 25 Dec 2022 15:35:53 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=d6noC4Em_kCm56lIT-4Nz0hXMFoW3FJ8UHr7BgOYON0; Max-Age=86400; Expires=Mon, 26-Dec-2022 15:35:53 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=tG7DHo8jw9-ehD5rimwRcl_6q_6FildqWRtnRi9WlwNnl2RGbPyFIiNV5EJvwYUp7-nUf0cxM8W-sDnsK9qiR_FAp4LmgmPq8EKvnkUwdOusU-JLJ_ntdMDhMidfUeieijXIkPAFLF_Z9ACssYt1YRkr-1KaGwC-hET_GeCWFWMpWEefFuITHHY9JJZt4YC6sm0k4RKwYJL2x-zbODUupE-obbIUx1dpsjHHmvNYGSkgfL4UnHUxgybo83r2clpLWzFvG6tS-qwEJUVRKPEG6b7qwxP50uRtkelqPmjBo1u2f4D_5opmfiUWgrcB7BfkvuMuggVyZzRx1bjLISzpvTRyC0xYVpLJgKKmOQSrKpWm6qQoEJ4UncJ1QVPcE3rYiPvq1cKF5K4h5lxw3HXf5Q; Max-Age=86400; Expires=Mon, 26-Dec-2022 15:35:53 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 25 Dec 2022 15:35:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8bc715d9aa2407e84da56a021387c8ea
e6f5c3cca83a70a190c89a6d5749bdd6c37b0b35
6b8f5789eaa757e83cab7147c1583204f9650277e9b3561f89f809a9a6fb2962

HTTP Headers

POST /s/gts1p5/Dt6OUty8wSY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 25 Dec 2022 15:08:04 GMT
age: 1669
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bdc6ddd27a64c85bd15f78b39a79874c
965b8f1b763483b4b4dfe35526d27393d1fdf05c
d2f4dee4d920109e0751634731bea278c9ea9e6c0120ac07969eba74ddbfe615

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2562
Cache-Control: max-age=152016
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:54 GMT
Etag: "63a812a8-1d7"
Expires: Tue, 27 Dec 2022 09:49:30 GMT
Last-Modified: Sun, 25 Dec 2022 09:06:48 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5100021a7f8224edae91cf7c15ece4b2
2b0877c1cde0483463babb806f610158761489c7
701becec3ebad5661cfc231ad96cd17d95c4453206036fd3d05a246db72debef

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949

216.58.207.234

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Dec 2022 20:20:20 GMT
expires: Wed, 20 Dec 2023 20:20:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 414934
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:600

216.58.207.234

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:600
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1075 bytes)
Hash
1cccbe40c2dc3ca6357ea59fd6eba4de
7f4dc0593a0fe61bc33cea6083a151c7472600d3
cbc3e5bb40c45195af7eb5461cd559c38e95cab14ecf6ea428f9a9f4aff5a96d

HTTP Headers

GET /css?family=Open+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Dec 2022 15:35:54 GMT
date: Sun, 25 Dec 2022 15:35:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
93edaf5d2db33a09625c3b1eaef19fb6
f8c0920a9bf75c94f18e4e8509f80b3b227b8327
ea4c14b833610ae6b1eeddc514e384cfe3ff82fcf991c60455d816b4975fead4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=110249
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:54 GMT
Etag: "63a77983-116"
Expires: Mon, 26 Dec 2022 22:13:23 GMT
Last-Modified: Sat, 24 Dec 2022 22:13:23 GMT
Server: nginx
Content-Length: 278

push.services.mozilla.com/

54.200.107.47

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.200.107.47:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: g3OlMW2tRobQVaySKOKx3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bKwaqesWbiDPphjdWh8TvTPSRlo=

mycasualhookups.com/sl/html/032107/js/jquery.min.js

104.26.13.87

200 OK

38 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/jquery.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2447)
Size
38 kB (38185 bytes)
Hash
3a3d8ddb51b701469bd9b783d45c007e
427d902c8fc48f10897cf4688cc8082a7eee1567
1ecb599e9f9a51f582a1d2dfcdb6f3ff2d138f39782c309a303bfe7d9f6950d4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/jquery.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Mon, 26 Dec 2022 02:29:14 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 47200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=somamg4zpxgVDzHlMET8hFGDW0IZTqVtivfGlEy%2BK4TmIQqQfKMrMalOZ9c1ZQAtTwAvCvXnwOFs7nJ8tsckQj7IY%2BUPVapf%2FJ73Q3PjqDGDOZaHEa2skzQd0s1ukRNtExC%2BEWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6337d840afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/K0TBC4DjskA

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9a8b11b2b7f85c3ca02eca7d6c2f558e
26eaad787c488781366b142b0219e4ec41c48cf6
c49d17accf82ac359e2c817db3083d070289811c39fda19458345ecb2527e867

HTTP Headers

POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/K0TBC4DjskA

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9a8b11b2b7f85c3ca02eca7d6c2f558e
26eaad787c488781366b142b0219e4ec41c48cf6
c49d17accf82ac359e2c817db3083d070289811c39fda19458345ecb2527e867

HTTP Headers

POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mycasualhookups.com/sl/html/032107/js/config.js

104.26.13.87

200 OK

50 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/config.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (332)
Size
50 kB (50096 bytes)
Hash
c933a5fdaa6d85f126dfdb4cb0c42065
09d4f9254862c16c6d228df6120a2d9d50f842dd
812407b6fb5809da1981a442b00889b3b92ae77642925135dffd985fec2cd93d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Mon, 26 Dec 2022 02:29:14 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:19:29 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 47200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLL0Krw376an11hTy7%2F1Sv5kLwtQMOgq1dKdaxriAlgcN8OxRmF1HBVNyladIdAYL92IjVxlQBN62Y%2B1D0BJ6fulfhk3ZQo%2ByH1P4fJPvZP1rqcGL09kRq6%2BZkPH7QopRuM1B6o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6338d9a0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/css/style.css?1671982553

104.26.13.87

200 OK

2.1 kB

URL HTTP/2
mycasualhookups.com/sl/common/css/style.css?1671982553
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
2.1 kB (2077 bytes)
Hash
5cb9f7a717ac56f5b3b8e387f161f604
0b39b1d2067fc0421ca7249320598aa0bf558bb8
ef3ca2022ceb0649e592e7d748eed9be819b9a7e202322991a5309bff62edc8a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/css/style.css?1671982553 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 26 Dec 2022 15:35:54 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyCjwjsbTFUUTXxYnBMgRrikeR1az%2BuV1cwGnoWXF5qCN8jAGW4Bq9XH8Con0xLkvYLSMl5Bb01twIJ857Cls0Hltuh5id%2BYIGe8SPjR13wWE%2BKHwIl%2FuLQ%2F5fUK0l1xgqdt5R0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6337d890afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/additional-methods.min.js

104.26.13.87

200 OK

8.5 kB

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (17654)
Size
8.5 kB (8547 bytes)
Hash
c14397bd6e623c81ba4c1e3e69b931a7
5325fa33f2b31c94f956d5b32c8e3917fcabd460
c79824f6bb03247834d8ffc9642479e0492ff48a0617aeeb230b223859f21fee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 25 Dec 2022 21:10:05 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 66349
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuPOu%2BRsd%2FbHoR0LyEtZSU2WzPOUO%2FKf5mdu8HutErkVICb6N9Obj2ICLz9V5NlXdY4pMTCI0f8cTPmwEizepws7IMWTzluycf9DJQ8GyACfeArB8J7TQIM81wVH7gBL8JH6Bqo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6338d900afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/videos/video1.webm

104.26.13.87

206 Partial Content

1.8 MB

URL HTTP/2
mycasualhookups.com/sl/html/032107/videos/video1.webm
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.8 MB (1787154 bytes)
Hash
275783ec04582836653aefff2ea6644c
c33c6cc9494ea3789cdfc22b925916164aee4253
cd69ec1ee91bec9876983cd47b3381838aaee8be56ef467400d55bf1f5f758fd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/videos/video1.webm HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://mycasualhookups.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: video/webm
content-length: 1787154
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Mon, 26 Dec 2022 02:29:14 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 47199
content-range: bytes 0-1787153/1787154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kmtuzFV96mq4HMg89u2j9C3eCdSPvnJxbGkOhqsyqc9jiPob6blm2Ag8VuMScDCoQRONBuFF9ACJov5d0yKIu%2BDWYLG0wwibaqC7CUWO9uaygOEix1r84QNmbJSzHGC00Wve7SQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6373ffa0afa-OSL
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.162.28

204 No Content

0 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sun, 25 Dec 2022 15:35:54 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksEKJ0fq4JVENjAVIVjuMr79WLKC4B4zqeTpq%2BQpd4bUC9VB397lD4ErBxcTGOWo6%2BKgCh%2FBMty2MhMj1lCGorQEF%2FjdDBSDMBZTWM%2FhwbwnTxmztNxeGgQB1elAkSUGl4YE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a636b9ec731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9527d889a5b94c28b4dcd8809ffba513
b2ee81348df6ebc3f72fcd64b7767df0a1903fb5
9d3cfbc6c96f2da85420d44bdd58f8e860487d3cbf1ffda4d21477b566f23059

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a4887aa0a07d726c889d8dfbddc359c6
83658ae9db1abb14fb2b869bf451caa97ef58e4d
085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9527d889a5b94c28b4dcd8809ffba513
b2ee81348df6ebc3f72fcd64b7767df0a1903fb5
9d3cfbc6c96f2da85420d44bdd58f8e860487d3cbf1ffda4d21477b566f23059

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mycasualhookups.com/sl/html/032107/js/langs.js

104.26.13.87

200 OK

48 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/langs.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (5153), with no line terminators
Size
48 kB (48008 bytes)
Hash
a6bf89d2592dd79b9334bfa96da3870e
eeab4e2e92471f2a8d8090c8823810847b5333db
0b42c6d935b093deb9d05b3efeb3d2b8671a9fd94893044e4d2ec2df73c0499f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=7419
expires: Mon, 26 Dec 2022 02:29:14 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 47200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHrxIkZCQJwZmJe0C53hK1aaSm6LiED%2FEV1BFdh004058w%2FATSSWKqAW%2BCBaG6FImzwSFOV90z8FiG5fjsxaM1WAEpsKXWye5pXNup6YvG7iBpA1oTqPpkg5z2iDO8bh0iOU2hk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6338d910afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9527d889a5b94c28b4dcd8809ffba513
b2ee81348df6ebc3f72fcd64b7767df0a1903fb5
9d3cfbc6c96f2da85420d44bdd58f8e860487d3cbf1ffda4d21477b566f23059

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/K0TBC4DjskA

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/K0TBC4DjskA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9a8b11b2b7f85c3ca02eca7d6c2f558e
26eaad787c488781366b142b0219e4ec41c48cf6
c49d17accf82ac359e2c817db3083d070289811c39fda19458345ecb2527e867

HTTP Headers

POST /s/gts1p5/K0TBC4DjskA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b

172.64.162.28

204 No Content

0 B

URL HTTP/2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Sun, 25 Dec 2022 15:35:55 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvgiI3rkxvltWwDwXi0vBkgxBwdtrh3VssIUosCf4KXsgkoj20xoO3Ov83FjlSB0dxCiA96zcGE%2Bu4OqXrYRbOBHW54DSB4DLkWyQxBuzpVDYEjmuhPK3VD%2F6zzcmCkyz717kM0Bn9tZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a63a4d2f731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b

172.64.162.28

200 OK

5 B

URL HTTP/2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

HTTP Headers

GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:55 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0rO6TGDrQV%2F3GhJGEfxPSN0IinWdRN%2BkRt5uTmrvkOkw992aAmajg7E5z1SsVqt3TLmLOc0DHxjM8KbUxc5WgrgiXhIwUwXF9u2qfjQwKZFsbvtmAvXMjURD%2F0rijZfBRqCVq1HW%2Fra"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a63b2dd4731b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/favicon.ico

104.26.13.87

200 OK

937 B

URL HTTP/2
mycasualhookups.com/sl/common/favicon.ico
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size
937 B (937 bytes)
Hash
f2a316c074d98577949be724f5b80938
f3c7b7a38169c034c583fef965cb53095f2b0c9a
27c18b65ddbd71ed372d5b7863010273bb65f8b2aca443b96b25325e4ba98b02

HTTP Headers

GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:55 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 7628033
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZk%2Fd38UyJWIzF8nYh7MesFKRdT2wfcKopY3quwdba27upUrCM3SNhnlV%2B%2FCTc5G%2F7uTJbr1gjQPlpwP%2FPpeEDXJ8ky%2FhHKrGE%2FFsegHGZOpXOnQCbpRPX6kt5SDH0hFmLokGeY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77f2a63909210afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2338
Expires: Sun, 25 Dec 2022 16:14:53 GMT
Date: Sun, 25 Dec 2022 15:35:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2338
Expires: Sun, 25 Dec 2022 16:14:53 GMT
Date: Sun, 25 Dec 2022 15:35:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
796e102a616f07b0de39f5476179ccd5
bf1d8b0944ffa91afc7d31d2ffb3291652f903c3
6881d46edd3d3730884da6719176d7d4bc79aa6d05cda0f4ef97ac10c4591279

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881D46EDD3D3730884DA6719176D7D4BC79AA6D05CDA0F4EF97AC10C4591279"
Last-Modified: Sun, 25 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2338
Expires: Sun, 25 Dec 2022 16:14:53 GMT
Date: Sun, 25 Dec 2022 15:35:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2a1f057-d23b-436a-bff6-82977d1d5527.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2a1f057-d23b-436a-bff6-82977d1d5527.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11084 bytes)
Hash
8dee6282a859a55ad30148c8e36e3cc8
c55bdd00c0d39f468908bd22a62a6e9b3182e4b8
4d951f758f425e3a8f127d2bc6e43558ee9ad775f147e8aae6f016007fbf4160

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2a1f057-d23b-436a-bff6-82977d1d5527.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11084
x-amzn-requestid: ee635254-6e82-4c96-b4b3-590fabf5b188
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbNEXGT9IAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a12882-248a27d00736e6c643109714;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 03:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: phFiS2Rrln0CSLvdj9TGf57DMmNji3BmRgO0wBBpZK4UqxhNHWln4g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 13:43:23 GMT
age: 6752
etag: "c55bdd00c0d39f468908bd22a62a6e9b3182e4b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98adc653-f9a6-4ecb-ac9e-bc2f050bce18.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8691 bytes)
Hash
f8c72ec1e9749463326e11f003982211
a76cc3e7d6ca04b4e1d1c947c25ad10a11e9750c
afeea88b39c0fa6957e58d13562222415705d408f89583adcf428a02140abbdd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98adc653-f9a6-4ecb-ac9e-bc2f050bce18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8691
x-amzn-requestid: e8b31f4c-cf9e-4027-ba28-86dcc5ac5190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnRDHvSIAMF9Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f39-06c81a124ae007023d03c375;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K4yo4xbEQJQh6HZOfia0oQeSLF0UCRjP6_2utECzhCITAQIEGvGWjw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 21:39:55 GMT
age: 64560
etag: "a76cc3e7d6ca04b4e1d1c947c25ad10a11e9750c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90be501d-93e5-40ba-98d6-b790fc50966b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10502 bytes)
Hash
5d780f4b4a5928afafeea1348a117ab7
f0623d0355e6b57a5b9bed048b93e1b6b102dfe9
ad6dd8216b30147c99abfff2d1672d731ff940b2fb1da015d3fd5b0b96d11d0d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90be501d-93e5-40ba-98d6-b790fc50966b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10502
x-amzn-requestid: 52ecc48a-9ba2-45ce-b4d4-a05b6bd49214
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dlFHaFnfoAMF6wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a51bc8-527601d115cb2f6d76d14958;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 03:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5obtiiP91WkrOa9NATTuqVwUG64JoT_PbMfG7rmw6BdgGhilopoCGA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 03:14:39 GMT
age: 44476
etag: "f0623d0355e6b57a5b9bed048b93e1b6b102dfe9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09c8810b-667c-45b5-b2d1-f4afc3505a7a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6632 bytes)
Hash
d0ab1bb58f592edab2abf55836383389
266ca036a6ff4a0f6be79fd1281e8c61ecdc5fab
73456092e6c143a996789bf1b0513c817daf01219bfa310cfbf212d565b0644b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09c8810b-667c-45b5-b2d1-f4afc3505a7a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6632
x-amzn-requestid: f0ed9030-aa96-42a8-bde0-85169dea945c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: do621E9zIAMFoSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a6a4f8-22a8ca5212c4bf5366ca5543;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 07:06:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VcgEvhBEeCgObGGrtdlB96fzY6degQk22KsZlKTCmTbRuiO7CbJodw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 07:10:18 GMT
age: 30337
etag: "266ca036a6ff4a0f6be79fd1281e8c61ecdc5fab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfcc8c32-c58e-4619-a571-4fe67835fb5a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9903 bytes)
Hash
f05951322bb0251f4d30ee5aa2358247
53c51221619a43a05a613eeac66ed5d63eb7fcb0
f5f17d41c12c5392e1f354e0ed599197d532aeac0c3064e68f9edbdbb1f34891

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfcc8c32-c58e-4619-a571-4fe67835fb5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9903
x-amzn-requestid: a6333cc9-7adc-4148-bd04-2ebf413ddb9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnPzH5XoAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-1104e20a41c9311c37e15c8e;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QWmdPj5TGq4NRlIamW8KBKQy-RUCu4oddhkqGFTzg1QlL6ErqfuVKg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 21:45:39 GMT
age: 64216
etag: "53c51221619a43a05a613eeac66ed5d63eb7fcb0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F534406aa-3cfc-4a91-b7aa-f80f72f66437.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10071 bytes)
Hash
060f377fc7bb087a495ce5bb536d246f
64d4ff943882dd8f80e860505218e321d2951465
36566e692827354e1d91c9223e3c3ddc78de454b7a2ba3a4240f93869bc021ff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F534406aa-3cfc-4a91-b7aa-f80f72f66437.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10071
x-amzn-requestid: c32aaf36-e6d2-4dbc-8bb6-91aaa85657b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJ4rHjPoAMFxFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebd04-3ee9cc203213ff6d2963696a;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:11:00 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: xdL7TgKIkDaxdkkLKSILVUiiNYWxNjHMhaFY5zo6qTRVl0LZpLCgVw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 da4fa914888b330b3e8a08632b8e41be.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 21:59:56 GMT
age: 63359
etag: "64d4ff943882dd8f80e860505218e321d2951465"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1be42f101ce48c62df1783cffac357a
94051809cc4f25eda49f805d48272735ffbea15f
1b75c73f754e902b147e698b7823965691f6188c912b3fa619780f944a1288f8

HTTP Headers

POST /s/gts1p5/EmMTM2F0_rU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/EmMTM2F0_rU
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1be42f101ce48c62df1783cffac357a
94051809cc4f25eda49f805d48272735ffbea15f
1b75c73f754e902b147e698b7823965691f6188c912b3fa619780f944a1288f8

HTTP Headers

POST /s/gts1p5/EmMTM2F0_rU HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 15:35:56 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc91439-b5c5-4e34-9a35-d0d01e44e767.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10261 bytes)
Hash
869162c237be7787a0ce7f77d8138fab
de8d05483030d643e52384855ec71aa86c7ae679
1ddafd96f4d2d9343a0ab5d1b07adfe5917cfe2b8e0e99e95ffe2d9cf05cf78d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc91439-b5c5-4e34-9a35-d0d01e44e767.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10261
x-amzn-requestid: 26599021-2d46-4d78-bdcb-6e17f6d421a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbNEeFedIAMFYEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a12882-124ee28534a6572d49c89379;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 03:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oGT6l1Pn_ZCq0KpZ_dn2tnjPSn-yMckZqTB6pJRXBIIl6T6pynLeBw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 08:47:50 GMT
age: 24492
etag: "de8d05483030d643e52384855ec71aa86c7ae679"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/privacy-policy.html

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/privacy-policy.html
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/privacy-policy.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:55 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Sun, 25 Dec 2022 15:40:55 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNqUKD%2FEwjsnDtgKkKR7Qrcjyjume%2Fd%2FJ9FXKaecDBf2DoRDvEEsWj2hbpDMJwMt%2Fgzxm4nNJEKVwYMx6NX41S3rLxy0%2B2nGsTNl6LQ9Zqi4fQC8yt971G%2FW6ZT3lfdWqC7iut4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6370fcf0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdnjam.com/cdn/sdialog.min.css?_=4

188.114.96.1

200 OK

0 B

URL HTTP/2
cdnjam.com/cdn/sdialog.min.css?_=4
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:56 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 5139
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drskvehGTmYuKj4mtSQ6xXaNT%2B4zinglISmw%2BEl4LAFpTCAKJe9pCzSceev8p8zHJxaD7O2YTNiD57uJq%2F3%2Fvjuc85bVvoW%2BIdiIjY6XE0vwlSohhRdUOFezohrq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a642ef491c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/css/css.css

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/css/css.css
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/css/css.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=9103
expires: Mon, 26 Dec 2022 02:29:14 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 47200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WX7N1qGaboc3PRa0P96%2B3MYnMSEQcO8X62N3Pmsq5Zxu%2F1tOk7BAnVZGXkmdTy5xUeYn5orZVO2VUTVInOG9mX8EUsm7KypmfEKi9KfvarhlPO65okLnQlZZ1xtPAs56LA0iIRU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6337d810afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/css/style.css

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/css/style.css
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=4300
expires: Mon, 26 Dec 2022 02:29:14 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 47200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6tf3KDKZ6ySQ3hmxNiFwYnvRqnbcx9J9Ju5eGVTNehiA7IUslgq0flMG%2BXGExZvAQ6wZ%2FKXJKZ7qhx57jTtxhTVFcDCn1T%2FWFCAEUQWbty%2FYDmIudHwFHGGHYmvVJuDP0YN7yk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6337d800afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/cookies-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: application/javascript
last-modified: Tue, 20 Dec 2022 16:36:20 GMT
etag: W/"63a1e484-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqPL0G2%2B07Lmo4dnzIcbx6G3iX9k9raJ1Xu4mNXl4P%2BbezdpX7%2F%2BuAPRPftv0o4Z7wdYXVx0b6nhXlT8Qkn2KpvOZkjO8%2Fc44EQDUtqnF4DNNCG4sc5t5GwKE5ABS4Ug4QAOJMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77f2a63868ba0afa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 27 Dec 2022 15:35:54 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/common-langs.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/common-langs.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sun, 25 Dec 2022 21:10:05 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 66349
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrubrXTKrYlk4dUI75toDcbspozUGzBSUZg4tagbccvWG76huMZExQdVc2ZOWDbrlMU1rn6O4zwqZKQO%2BI%2BExLPfY3sCyobwMAOXG7iDpwUgj5Bw4fIHS6a2Gh4fGCl3qNCecu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6338d9b0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 25 Dec 2022 21:10:05 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 66349
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MOg60Nl88yLNQ5YFXDuWPx%2FGJyCrwW2B%2FtZi8yx0hi5YnZRDyrIhFnnUj6wHsYq49qz%2BjisASrkq29ODWu1wrynoA47WnlX73CzkrzKxJjVIrJoWaqWeYuVrtUne0vqvvBq68z4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6337d8f0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn-dt.fcdn.info/swpush.min.js

104.21.234.87

200 OK

0 B

URL HTTP/2
cdn-dt.fcdn.info/swpush.min.js
IP
104.21.234.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 362250
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF5fsSm%2BnAUk%2FOqs7rSjCD85iDYEcJzNFMDi4MUUZn3WTH%2F%2B9yaHiJRe%2FJrXM34jmAOF2jjhvNNpb2%2BnQ1cejUtP1C5jbejGyaPoSw7pp0kTJ6ajUZFHJtI6X8fT4Ah%2BcqpL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77f2a6352bfc72a0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum=

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum=
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Sun, 25 Dec 2022 15:40:53 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZE9s71OWq3kpUhZyhAh7%2FGL8vrWplucijXQRD6ibeqzIs3azGPH1P4GNeXOprePQo0eb%2FyofIBuqA1dUZxxcA7FyVxkX%2BcC%2BKmFWmwr8foQoCBIuVqa7PagFPgFkb5dcb7e5Oc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a62fbae40afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js

104.26.13.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 25 Dec 2022 21:10:04 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 66349
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLlQVWDqQDsMg2EJPXiHcx%2B%2F6y3WlVStXuFjZiT84tqyxEPnbjIoTwfVmbMmA8Kt83jTAf%2Bi69ZfnzQnxHFkNtqlVyvtpw3uvdV2sjZtbUDhkun7bVQMbBvUk3cacDkOTpSlfYE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6337d8c0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

app.api-push.com/get-keys

172.64.162.28

200 OK

0 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.162.28:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/032107/n.php?cep=2Ljda-lfYSGXHS5gS5NRI68vFPCtbVpp683tisGChgmVtmmHSblYOmqvgGJQk62dftDbVT72q4weXWxHK2q4q0WLNzs8VrBlhOsgsgiCxkHy3Z2yCwo738Lo5iz6ZbplVVG1QBxHHkIIYfgkJPXAkQMH4d8aJYhnDg3C2nP_sNpYNjEtmH489-dyLlAQiCmgtSeQmAHi0uf2MirHA5H2USz4GD4SuwNyibLc_JEY4tNI8vKA7msWPH3uSXOBDcws0i6zc4PJ6rPoGKwQE14GY-nMx2SSwPtm6DSNKfrTTxp1bSmw8uwhwr36Z1d_YEX6cHSKatQgjCP-s73GhijXBUfn_Cz4H-7PspuSrpqa6HB5V7SQlD7HM9cMVERUfVDSIw8-wvTMav-gGSbAsv6EfQ&lptoken=16e1715698d3432e536a&external_id=36197-740469621&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 25 Dec 2022 15:35:55 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7q36aR724AM0dsctvGHo8MbU0b59PVzNAMkHyGmKJm1XH3k4qTY96%2BjJpLoMZdxWA14cyEYiUZctu8kUvIrIqT4uy2TDpV2OesmWj%2BqD%2FKhdHcGCuQfmxJdg1M6NCubRMhu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f2a6383b60731b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,600,800

216.58.207.234

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,600,800
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,600,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Dec 2022 15:35:54 GMT
date: Sun, 25 Dec 2022 15:35:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/js/main.js

104.26.13.87

404 Not Found

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/main.js
IP
104.26.13.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/main.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sun, 25 Dec 2022 15:35:54 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=7200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbGskWz4wrTacHP1sITlVIkvtC0UCZ%2BgHk8wyYW6A7tN4U4h5MoQZKPavi4ASDUsqK1hvlwzdJ0O4mvVFoH%2Beirbf9q7zcrKVr0RTyuWYWqu%2FlBcLbBe8LR%2B%2BYwNhx2jTMHQQ9A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77f2a6337d860afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations