Report - bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external

Report Overview

Submitted URL
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739479371&source=16295&sum=
IP
18.193.146.82
ASN
#16509 AMAZON-02
Submitted
2022-12-10 15:44:51
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
mycasualhookups.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.2 kB	1.9 MB	104.26.12.87
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.164.186.39
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	507 B	46 kB	216.58.207.227
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	407 B	35 kB	142.250.74.42
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	37 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	9.7 kB	142.250.74.74
bl.trackham.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	937 B	1.5 kB	18.193.146.82
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	216.58.211.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	14 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-10	medium	mycasualhookups.com/sl/html/032107/js/jquery.min.js	Phishing
2022-12-10	medium	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	Phishing
2022-12-10	medium	mycasualhookups.com/sl/common/js/common-langs.js	Phishing
2022-12-10	medium	mycasualhookups.com/sl/html/032107/js/langs.js	Phishing
2022-12-10	medium	mycasualhookups.com/sl/html/032107/js/config.js	Phishing
2022-12-10	medium	mycasualhookups.com/sl/html/032107/js/main.js	Phishing
2022-12-10	medium	mycasualhookups.com/sl/common/css/style.css?1670687080	Phishing
2022-12-10	medium	mycasualhookups.com/sl/html/032107/videos/video1.webm	Phishing
2022-12-10	medium	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	Phishing
2022-12-10	medium	mycasualhookups.com/sl/common/js/main.js?1670687080	Phishing
2022-12-10	medium	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	Phishing
2022-12-10	medium	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-24
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 10:53:58 Times Seen105837 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	mycasualhookups.com/sl/html/032107/n.php?cep=Qf8RKzbtBUea9FETeq48MqstCn3glXMwPOJvpOS1o-JyWKbyITmw6ClTRUUtmaCCwKa1zjMKgj67Fcca7fXUuWOjk1mSUKc70N3NRPgZMBUJMlrQyytlk4_30AA-3ORUVbQkpKwpZ_TY5LB9FFJeRZ7efkiphX8XHLTasfNAjUHpJzFSlLvszQmU4cKJbqsyMJkvTNEAkTWc5PFXIR3mLALhpIxp8E66zVa5Av00kNXxtQHBQer9DIdLivfeTj7av8VO6CZ0D8ZV1burt3pknU5Y9Y3DLYMwmj20Scc-4YZmfR8Q9iLPNf_-ZmxxIUoCYxdqpBh7vDyjY9IbwIDo1nJlLjBNbCuwNXYl8mSxHFm8692upGi9L0ysEWIdM2lwA_q2PbjHQ9XN7_sWnGwi8w&lptoken=16887003684b880279ba&external_id=36197-739479371&source=16295&sum=	487 B	2023-03-08	2023-05-21
Pretty URL mycasualhookups.com/sl/html/032107/n.php?cep=Qf8RKzbtBUea9FETeq48MqstCn3glXMwPOJvpOS1o-JyWKbyITmw6ClTRUUtmaCCwKa1zjMKgj67Fcca7fXUuWOjk1mSUKc70N3NRPgZMBUJMlrQyytlk4_30AA-3ORUVbQkpKwpZ_TY5LB9FFJeRZ7efkiphX8XHLTasfNAjUHpJzFSlLvszQmU4cKJbqsyMJkvTNEAkTWc5PFXIR3mLALhpIxp8E66zVa5Av00kNXxtQHBQer9DIdLivfeTj7av8VO6CZ0D8ZV1burt3pknU5Y9Y3DLYMwmj20Scc-4YZmfR8Q9iLPNf_-ZmxxIUoCYxdqpBh7vDyjY9IbwIDo1nJlLjBNbCuwNXYl8mSxHFm8692upGi9L0ysEWIdM2lwA_q2PbjHQ9XN7_sWnGwi8w&lptoken=16887003684b880279ba&external_id=36197-739479371&source=16295&sum= IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-05-21 15:59:11 Times Seen18 Hash eb3361ce29dba68e5f6374b4129a7240 e9226d27e25cff9e8fd1026b4107d90919d59c14 8eb0cb2db6b9f3b562f0b58f4c9b1f6c48c31cce516872a20efbd90a5c6d33ff Loading...

	mycasualhookups.com/sl/html/032107/js/config.js	395 B	2023-03-08	2023-08-07
Pretty URL mycasualhookups.com/sl/html/032107/js/config.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-08-07 07:25:23 Times Seen53 Hash 628061c41e011910d93e2eb32b7e8a24 edaa1d1ca254452b8c77111a7d2dd928276b5971 33015ae6fe9c43a1d94f0b77b94a17e903ca8be952608b85f70ce0df0193161b Loading...

	mycasualhookups.com/sl/html/032107/js/jquery.min.js	127 kB	2023-03-08	2023-05-27
Pretty URL mycasualhookups.com/sl/html/032107/js/jquery.min.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:46 Last Seen2023-05-27 17:52:36 Times Seen16 Hash 60deb99052f1a9728c143c8e618dc9b3 f4bfc781f9cc075a20f8e9fb51c11ef4edb2d3c6 85ea6624a9f99bbf4f890125e45b2cbc2a9ac73aba9c9ad67dab935b8b4108f6 Loading...

	mycasualhookups.com/sl/html/032107/js/langs.js	6.2 kB	2023-03-08	2023-05-27
Pretty URL mycasualhookups.com/sl/html/032107/js/langs.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:46 Last Seen2023-05-27 17:52:36 Times Seen6 Hash c895285afd534a475c5953dee6ad3495 4ca789d37a3648284e1eaf3d83da4818860089e8 e70037ef79e847cc316e58b94ebe5d4c33cb97be85a0a99125f500d38de043a5 Loading...

	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	23 kB	2023-03-07	2024-04-19
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2024-04-19 18:27:15 Times Seen986 Hash 93c1dd8416ac2af1850652d5b620a142 6a76e4c7db479053350580469aa010febfdcacd0 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50 Loading...

	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	18 kB	2023-03-07	2024-04-10
Pretty URL mycasualhookups.com/sl/common/js/lib/additional-methods.min.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:43 Last Seen2024-04-10 02:04:24 Times Seen257 Hash 3a53c5eac97b98ed3833970d43bf7fc9 b8805460b5754be8b16a223df737d9577da4c182 8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8 Loading...

	mycasualhookups.com/sl/common/js/main.js?1670687080	7.4 kB	2023-03-07	2023-08-07
Pretty URL mycasualhookups.com/sl/common/js/main.js?1670687080 IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-08-07 07:25:23 Times Seen115 Hash b87e1c868deb5fadb6c9661630d4f0db e893295cfb31b37a247c509c53b1eae346c528fc 44523924092ddcf715dae1c6c23059400dfb24781643ddb760b0f6b82724a0a8 Loading...

	cdn-dt.fcdn.info/swpush.min.js	34 kB	2023-03-07	2023-08-07
Pretty URL cdn-dt.fcdn.info/swpush.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-08-07 07:25:23 Times Seen135 Hash af2540aefe6334edb036a720947abb72 f17f394267c73b004d0f2c6dfb8a790aa2d7bf7e 7af8787e4bc78270a5a72a75f86a45ae9d3bd803c3c57ec3efb84d2aabe102a2 Loading...

	mycasualhookups.com/sl/html/032107/n.php?cep=Qf8RKzbtBUea9FETeq48MqstCn3glXMwPOJvpOS1o-JyWKbyITmw6ClTRUUtmaCCwKa1zjMKgj67Fcca7fXUuWOjk1mSUKc70N3NRPgZMBUJMlrQyytlk4_30AA-3ORUVbQkpKwpZ_TY5LB9FFJeRZ7efkiphX8XHLTasfNAjUHpJzFSlLvszQmU4cKJbqsyMJkvTNEAkTWc5PFXIR3mLALhpIxp8E66zVa5Av00kNXxtQHBQer9DIdLivfeTj7av8VO6CZ0D8ZV1burt3pknU5Y9Y3DLYMwmj20Scc-4YZmfR8Q9iLPNf_-ZmxxIUoCYxdqpBh7vDyjY9IbwIDo1nJlLjBNbCuwNXYl8mSxHFm8692upGi9L0ysEWIdM2lwA_q2PbjHQ9XN7_sWnGwi8w&lptoken=16887003684b880279ba&external_id=36197-739479371&source=16295&sum=	90 B	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/html/032107/n.php?cep=Qf8RKzbtBUea9FETeq48MqstCn3glXMwPOJvpOS1o-JyWKbyITmw6ClTRUUtmaCCwKa1zjMKgj67Fcca7fXUuWOjk1mSUKc70N3NRPgZMBUJMlrQyytlk4_30AA-3ORUVbQkpKwpZ_TY5LB9FFJeRZ7efkiphX8XHLTasfNAjUHpJzFSlLvszQmU4cKJbqsyMJkvTNEAkTWc5PFXIR3mLALhpIxp8E66zVa5Av00kNXxtQHBQer9DIdLivfeTj7av8VO6CZ0D8ZV1burt3pknU5Y9Y3DLYMwmj20Scc-4YZmfR8Q9iLPNf_-ZmxxIUoCYxdqpBh7vDyjY9IbwIDo1nJlLjBNbCuwNXYl8mSxHFm8692upGi9L0ysEWIdM2lwA_q2PbjHQ9XN7_sWnGwi8w&lptoken=16887003684b880279ba&external_id=36197-739479371&source=16295&sum= IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash 366614100df3a1aad7eaa097204bb879 462a34ed6013dced533568a3bafe7bb7da1b212d b52856d21909444a7b1f4afb75479ca00aa7a05fc60cdf860dcb3ce4f0b75f01 Loading...

	mycasualhookups.com/sl/common/unsubscribe.html	1.9 kB	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/common/unsubscribe.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash b65ff9705865169981f3ac388816cc72 c79a72e04d9b766e27ea4fe8d2a0cc5d9c484c41 67da9ca751409ddfd1a8b1b7a1fdfe5b66b37e6d9b1d0c4e083fb357debca5de Loading...

	mycasualhookups.com/sl/common/js/common-langs.js	15 kB	2023-03-07	2023-07-02
Pretty URL mycasualhookups.com/sl/common/js/common-langs.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-07-02 18:22:18 Times Seen47 Hash 9dd6dd34babf310236383a7eb7d569e3 f396ed09424e282aa4e7b96d463541fc42556f46 7ae9fc07390e221821ced9edb8e092859afbc5653d7878c3d3074ed24be2c050 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949	97 kB	2023-03-07	2024-04-24
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-24 08:21:22 Times Seen118658 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-24
Pretty URL mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-24 10:54:09 Times Seen54784 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

HTTP Transactions (44)

URL IP Response Size

bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739479371&source=16295&sum=

18.193.146.82

302

0 B

URL HTTP/1.1
bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739479371&source=16295&sum=
IP
18.193.146.82:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739479371&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=kRkI7ouGDX8pqPO7GQfEtvtzG4y04QgE-UfaB2W0_9E; cep-v4=d--WKPKDZKKm-NOgYBsAzVfEGBQ-eo62edP9UR41LPBpi1F1wrSRvjdPX8no4AKqZ8f9pCpS-1kT555Yg_Ab6mNXwyJZOOX3EVV6uMd7lwF0M4UGzw32l5hvsus9NLUKLUV0wsDyblWtLtKXwPPn84uZ7NiINhk6EN76C4ZHIFtWFhOGcunsVT_aqPAq2qEgkeiJlJFr06P0V-9cz-ky20i88qAVxihc3S_UeKyPKvLBgWNW8SLJ5xQHQhbsWknRUzNxUh_1I_Mz1J0tlvLJZqoSnhhVIJd_wwlTFQqbW_Jn6HI2F9aAnWZAT9vrvUMH5hXDlVC8--2xjDuv7esChMe0xuLya-5G60iebYRIXPI_EhujwDx8JHhSVZFc9uZ7Pf-DTfrnUThOY-xuee3OjQ
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 
Server: nginx
Date: Sat, 10 Dec 2022 15:44:39 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://mycasualhookups.com/sl/html/032107/n.php?cep=Qf8RKzbtBUea9FETeq48MqstCn3glXMwPOJvpOS1o-JyWKbyITmw6ClTRUUtmaCCwKa1zjMKgj67Fcca7fXUuWOjk1mSUKc70N3NRPgZMBUJMlrQyytlk4_30AA-3ORUVbQkpKwpZ_TY5LB9FFJeRZ7efkiphX8XHLTasfNAjUHpJzFSlLvszQmU4cKJbqsyMJkvTNEAkTWc5PFXIR3mLALhpIxp8E66zVa5Av00kNXxtQHBQer9DIdLivfeTj7av8VO6CZ0D8ZV1burt3pknU5Y9Y3DLYMwmj20Scc-4YZmfR8Q9iLPNf_-ZmxxIUoCYxdqpBh7vDyjY9IbwIDo1nJlLjBNbCuwNXYl8mSxHFm8692upGi9L0ysEWIdM2lwA_q2PbjHQ9XN7_sWnGwi8w&lptoken=16887003684b880279ba&external_id=36197-739479371&source=16295&sum=
Pragma: no-cache
Set-Cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=-SKpj9lzYZcd5G2JSnxq6dRiQhwaakaiF0wLVZ6zBfU; Max-Age=86400; Expires=Sun, 11-Dec-2022 15:44:39 GMT; Domain=bl.trackham.com; Path=/; HttpOnly
cep-v4=QP39sUqWgFfnserJaXhvM3EVYxjNJZsjki5bL_LxonFu4TLd3fmVo0vCsZNTEkdLz_wFEuS2RjV7hmUoBZm46cOeiW7R_88EpYXpJvtxNQ5JP-mih6KrQSVyX19La-dJqy0nTQXG32oVUoZrxeFf7OkojGE1t2IZ3zHLq12U8iWnm7ZZT524C-JH4_vGHA_2ZYzHze7LO9E6iSL0ZanVoPnK_p5oBj-5Qhw7LULHExWmohDWei5Kx25SaMrBRovCMqTWBdtvTULcjFE--rmq41KSSl0Wc1ExHohpmHQx328atBiH9kmkuSKMAOYotgNjueP8Mnoakq06lQarRC-zdIci_Bh534PMD7Ht92lzCh7B8OegWfnP1JO61BJxQu360-BbKssGTzxfMqsTLuGVlA; Max-Age=86400; Expires=Sun, 11-Dec-2022 15:44:39 GMT; Domain=bl.trackham.com; Path=/; HttpOnly

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6780
Expires: Sat, 10 Dec 2022 17:37:39 GMT
Date: Sat, 10 Dec 2022 15:44:39 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16047
Expires: Sat, 10 Dec 2022 20:12:06 GMT
Date: Sat, 10 Dec 2022 15:44:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 10 Dec 2022 15:08:24 GMT
content-type: application/json
age: 2175
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3501
Expires: Sat, 10 Dec 2022 16:43:00 GMT
Date: Sat, 10 Dec 2022 15:44:39 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: QOmndlCd8hJB0K5wZSksAmpAfdwi3LNxW0UDI9oEcY/rdwvBkeeZoUwARqVKLDrFHt6YHG5NtLw=
x-amz-request-id: BAEQQA1PKMMJ015J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 10 Dec 2022 14:48:50 GMT
age: 3349
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7ec6f2cf92784bcd5f3eebe6c16950d9
6d55d5c25e0593f52728ab730a7261d9ddc91744
e1a293b5cfdcd165f6fc24803791340006035f2935d280a159c7c997393ca9bc

HTTP Headers

POST /s/gts1p5/Dt6OUty8wSY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:44:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 10 Dec 2022 15:44:39 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 10 Dec 2022 15:33:14 GMT
age: 686
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
44d4574b46375a2d215ae74bc5eae610
5257ed3edeb56231a9bee921671bb2e0c566000e
923454b28e4fa10085df809768a75c2d9f58f104afa016c06ccca7a26479073b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 735
Cache-Control: max-age=149665
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:44:40 GMT
Etag: "63944c2a-1d7"
Expires: Mon, 12 Dec 2022 09:19:05 GMT
Last-Modified: Sat, 10 Dec 2022 09:06:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

mycasualhookups.com/sl/html/032107/js/jquery.min.js

104.26.12.87

200 OK

38 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/jquery.min.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2447)
Size
38 kB (38379 bytes)
Hash
2205d73e8b21eadd419bf968da763b7c
f2a1cd7e4e029df3dddd5babfa54f2acce51de77
b249a867d47e9ca5b87b61494ccac9d2d1714479b6c183bdc501b2681a4acf10

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/jquery.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Sun, 11 Dec 2022 07:28:00 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 29800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LpyEBgbFFBJwgkZxeKQzfueQ0OhXw3TKME1x3YDnSACsUFmiQo5G2obLdUnF5t3WcQEEhbN%2Flgu%2BpPQzMb8eKOqNblKgK9JSiyBpGXdyqi8BZ%2BtYRyuQB9kcb1H7OYOF6VxPBg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d593fb529-OSL
content-encoding: br
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949

142.250.74.42

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js?1508931949
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js?1508931949 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 19:35:19 GMT
expires: Wed, 06 Dec 2023 19:35:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 331761
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8cb3e9d21df17ecdd16c24efd683bde9
32f7d2ac537748fcbfe94a4bb82cb6279b268d13
b9c8bf773209c17a79c62d2adb59cd0671d618d65f40befcc7c565851473e591

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4021
Cache-Control: max-age=113737
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:44:40 GMT
Etag: "6393b2fc-117"
Expires: Sun, 11 Dec 2022 23:20:17 GMT
Last-Modified: Fri, 09 Dec 2022 22:13:16 GMT
Server: ECS (amb/6B8F)
X-Cache: HIT
Content-Length: 279

mycasualhookups.com/sl/html/032107/css/css.css

104.26.12.87

200 OK

2.3 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/css/css.css
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6865), with no line terminators
Size
2.3 kB (2326 bytes)
Hash
95acb155ed973e482364ae93e3f85e2c
de33ce40f3452092b03582a03a882f3f5e3c6be5
8ee20bfab1938d95ae744d0cc01193279735780314e728b91352e89a2759fbbb

HTTP Headers

GET /sl/html/032107/css/css.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=9103
expires: Sun, 11 Dec 2022 02:09:43 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 48897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28kepzh7duDeCXDIPqTvMWTDmsY3UcGvWZFkYDoKcA9QtsHCOmXeogTSznWNcw40k%2FS9khdocp0aIKIRjvqaHlSRMDX0zjZcppYXQDphIq7PCJeGQsNMfafp0H1SlCIUqMUKi8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d593eb529-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
8cb3e9d21df17ecdd16c24efd683bde9
32f7d2ac537748fcbfe94a4bb82cb6279b268d13
b9c8bf773209c17a79c62d2adb59cd0671d618d65f40befcc7c565851473e591

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4021
Cache-Control: max-age=113737
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:44:40 GMT
Etag: "6393b2fc-117"
Expires: Sun, 11 Dec 2022 23:20:17 GMT
Last-Modified: Fri, 09 Dec 2022 22:13:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

12 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
12 kB (11532 bytes)
Hash
fb56bdb84e2a6d6d3c5282fd75f987dd
587b9ae7159401ba27936bb987475c68d2393268
1f6b9c5b8670c135af4b66c9e2fec4b338f81e725a66b6891ba2f70728bdc00b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5794
Cache-Control: max-age=151878
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:44:40 GMT
Etag: "6394410c-116"
Expires: Mon, 12 Dec 2022 09:55:58 GMT
Last-Modified: Sat, 10 Dec 2022 08:19:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278

push.services.mozilla.com/

35.164.186.39

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.186.39:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wyBWr0kmYC1zNh9EUw32ng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yRr8bQfMsuBMbOqnDj/REvDW8UQ=

mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js

104.26.12.87

200 OK

7.8 kB

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (23122)
Size
7.8 kB (7816 bytes)
Hash
acdc53f58bd1703e5761535528fec208
42b2cf70c61f8cfcbc929dd302ad5130b3f1e859
6d7a77671ea2f22cacd488483bc7a2c08fbc2d897f8b45b7412789f7a1e22cdc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 10 Dec 2022 18:19:31 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SuuywlkFiIcVrMNnzruoUzydWMOaUfccMSYfg2hUvPSwUp%2BacT29dVzLSdOXm5lsf5jPqoCkq%2Bp5HIindjMcosjrq5kvVxZbcogo5K2TRiCy4ZZIxTPZqlqe8rz%2BzZJtPcH7BVk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d6951b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 420720
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e4f546e102d986faf1029509d599b730
cc045a705fd6758b7b575fde5dfb79facc9c3546
ef492301b2b30e5076f7dffa07973e65e9a200ba9ef4d3568a527d3f973f3349

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 10 Dec 2022 15:44:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mycasualhookups.com/sl/common/js/common-langs.js

104.26.12.87

200 OK

9.1 kB

URL HTTP/2
mycasualhookups.com/sl/common/js/common-langs.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (12768)
Size
9.1 kB (9115 bytes)
Hash
809eb48b5896cb34c8e053459db34687
da2a3276e7ed807c0db506f4700cfb6dfa2b9f20
430f897270c504950bc3f0025a1a463bf366525f40d15a6088682092c7b8d002

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sat, 10 Dec 2022 18:19:31 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dFD1B1xp8QJPbCz51TcJVfAHWv7MqYgz1lIT1fMb6vt3UqOXfkZR7YI0ZBFVvq6jBVQrTetf%2Btd5wPXJNrbY7ifXUfRX4DEDm4Sc637zEH8MUPVpGaq3RxOejr7Fl9DVvwSKfRg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d6959b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/js/langs.js

104.26.12.87

200 OK

53 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/langs.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (5153), with no line terminators
Size
53 kB (53060 bytes)
Hash
ec249144c008c1dbbc1602f6d0b947e7
dac715f2a21671459744b374454acdbd60de8b8d
f93846ef15593e4f2505895b96a0fae4bb53ce56bd9c937433ce2528bedc5be1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=7419
expires: Sun, 11 Dec 2022 02:09:43 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 48897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzL8RMbAbiUe%2Fk%2FqtprdgyOoVesn0j8hsFWyCOqSkMPci4jNFHzv%2FWNAgcDTbAjrZJSB0EAckiJvmJ7jpK2lIuW%2F3Jorarnhx6s1%2FxzI37allsveITB3%2FafJOqJ4W6dlTfaZIlU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d6955b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/js/config.js

104.26.12.87

200 OK

1.4 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/config.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (332)
Size
1.4 kB (1419 bytes)
Hash
0010a95681c016252b5bf3fc42690d88
10b2dc2c7955348f621b0fdb89d1a9cd46d59c41
4cf7e43ed5a7d1fdda9e872c29476e50d36591f6fb86a15c2c7e249bae4c11e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Sun, 11 Dec 2022 02:09:43 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:19:29 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 48897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SlKNiTj6IRssMzczYSTJRgQjwQeasuYrnGqz8rMNsftQnnq4ezpARi2rDtPEpFUtshjzurlaIHSKi1pgeNelUeCFqXJTPQ7z6HvwyLexnmPjAWtaisEs%2BU8ImnQFLmAgsOnpDto%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d6956b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4199
Expires: Sat, 10 Dec 2022 16:54:40 GMT
Date: Sat, 10 Dec 2022 15:44:41 GMT
Connection: keep-alive

mycasualhookups.com/sl/html/032107/js/main.js

104.26.12.87

404 Not Found

3.2 kB

URL HTTP/2
mycasualhookups.com/sl/html/032107/js/main.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
3.2 kB (3245 bytes)
Hash
ab22df501c6f65b996254a72aa4d645f
9a7a3f78115cfaf5f06abe9a6067048672aef58b
4845048d065ca88d2786b02fcdba599ea51870959c3809f4f72aed11819f0154

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/js/main.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
date: Sat, 10 Dec 2022 15:44:41 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=7200
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQjs5erTQbB3s3O7hmbRkYgFFN%2BTU4SOWSnZ1YfqFPaMN77lZCUNO%2Fdh%2BvKytxllvPkNS%2FsqGsLQVV9Lx109lVAABNtnO%2B7V9XokYvbP5IiV7Y8GBzRBardv356x3dePjxjHqRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77771a6d5942b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4199
Expires: Sat, 10 Dec 2022 16:54:40 GMT
Date: Sat, 10 Dec 2022 15:44:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12743 bytes)
Hash
0df452512aae4c4c1f4a2cd263b16dfd
68bac75574641febc463bd0819392dae2da15811
e0a9301c5be849e116f1d98b819c2eb91f73e74d836f3e099f2cd266e8f0bb36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8732123d-ded0-4486-9019-0d87264f6c0e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6ed8a5f4-45cd-45bd-9820-df450f612c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4E_-IAMFf3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-31d928fc430577b463a68bd0;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nD0bWCjTU6LNSsNYCNqT4rt7okG1dmPPWiw4FXSi_uNWpcZnxhZgKw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:03:37 GMT
age: 63664
etag: "68bac75574641febc463bd0819392dae2da15811"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9084 bytes)
Hash
2e8e86712ca485e90f958dc16ec8dbff
78de6033ca9bca46953483801f19591c2ff47bbe
2984d8b533e095654d5e1c5fa826dc93cbd16ac8bdb5d974fd2d283a86f44874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1618f8bc-582d-4a89-9fdb-2bf8a448f429.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9084
x-amzn-requestid: 80dfc074-73f4-4b47-95fb-57169d32cf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eNbHhYoAMF2Kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa55-6f54d0bf6d9246cd48d44352;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O3gPppRKbJb__o2lo3RsvabqgptV-zvDLbm1AweL11hrZxfOev6kvA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:00:34 GMT
age: 63847
etag: "78de6033ca9bca46953483801f19591c2ff47bbe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/favicon.ico

104.26.12.87

200 OK

9.3 kB

URL HTTP/2
mycasualhookups.com/sl/common/favicon.ico
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel\012- data
Size
9.3 kB (9275 bytes)
Hash
c699e71e56f2f0f22b0adc84f192b3e1
9db063660560884d66808e14a1453ecfbc8ff221
3859338295c407d23ec43daa3743c15bda6a7b9247194b4bf7248e4f0bc7a288

HTTP Headers

GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:41 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 6332559
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jyT35Yfz8qcPcRNLnDFy%2FnbvkFJ71q03uHjgfblC2rtnPOeokETaSWwtMw%2FHiCKwRaueYMxTxFJFSkKbqTBo7P2p2DylVp6gwDoOKQhluLwJRUSFx8WiubWQSaRzMfMqAiqSSV8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77771a752919b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/css/style.css?1670687080

104.26.12.87

200 OK

13 kB

URL HTTP/2
mycasualhookups.com/sl/common/css/style.css?1670687080
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
13 kB (13344 bytes)
Hash
3bd5f4a96c3b291449f24db1a04a69e9
a31470a90c92c7795af052202ea26bf511365810
5281d8eee535e0de1b0fff28cdfa2de7cb601c8474822e0654619caf879a2e17

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/css/style.css?1670687080 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 11 Dec 2022 15:44:40 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F71sT%2FGzTpEpIzE6%2FKkeL6oMifc%2FjG768i9ZlCxFeA%2Fvqxq6XMXpoRUK55WHGUxGRIAO%2F47599CzIZM8jupf5H%2B%2FOuzzJGRYcxuEKQ3w279090u9%2B0wpzrusSJwat3%2FV8%2FWDh9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d694db529-OSL
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,600,800

142.250.74.74

200 OK

8.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,600,800
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
8.2 kB (8241 bytes)
Hash
b5c4eb6ce98a671d30b071c629cb2aed
308e5ff8b97370f985f4abeaf324e1f21a57e139
96c7ebb6a60c9435afb411d13d2e6a9cac856465366d69106d7a0263b37464c7

HTTP Headers

GET /css?family=Open+Sans:400,600,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 15:44:40 GMT
date: Sat, 10 Dec 2022 15:44:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7811 bytes)
Hash
052b61a3bd1c839e1f5ce37834cad817
1fbbf8fb328a1406904d6346004e2c89c6ba2419
96dcb266eaec98f6305071598df3b49ca93234e0e8b1c8c9801a1a99d7f5c817

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c3a6c54-dd12-46c8-8acb-7c425ab40af5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7811
x-amzn-requestid: dc97f86e-a29c-4139-887a-e775a0327280
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eK4EH_oAMFYqw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa45-3a38086160ac180b3f8cf5d8;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TM_0Q_GmJDuXth6JpRvm_JAZXwT-xFZEjzuMeIzfzBu1J5jQ_Tng9A==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 21:53:25 GMT
age: 64276
etag: "1fbbf8fb328a1406904d6346004e2c89c6ba2419"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/videos/video1.webm

104.26.12.87

206 Partial Content

1.8 MB

URL HTTP/2
mycasualhookups.com/sl/html/032107/videos/video1.webm
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
WebM\012- EBML file, creator webmB\20\012- data
Size
1.8 MB (1787154 bytes)
Hash
275783ec04582836653aefff2ea6644c
c33c6cc9494ea3789cdfc22b925916164aee4253
cd69ec1ee91bec9876983cd47b3381838aaee8be56ef467400d55bf1f5f758fd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/032107/videos/video1.webm HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Referer: https://mycasualhookups.com/
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
date: Sat, 10 Dec 2022 15:44:42 GMT
content-type: video/webm
content-length: 1787154
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
cache-control: max-age=86400
expires: Sun, 11 Dec 2022 15:44:41 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
content-range: bytes 0-1787153/1787154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJ8r0jpNTO8yROczGrGsIdVR%2FQxZapDMntG8r2M5dqbaIMqXT8vzvxzbGEek7umz0Z3brtp45Ei%2BN8wOqu1FMxJ6GJ%2FRcttEGGS5yLq%2BeOPScpGhRn3KHFgz%2BtzmQ7FypJQAeUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a713d0ab529-OSL
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3357 bytes)
Hash
a164807db41edd8da259af2cec18b328
99f89631065869ff2f25762feb2f39af108b5ed8
400c635040d3d141ec35237e64380b7cd1ba02016a90e36e8376afc41a14cb0f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc287dc2-d769-4627-972b-c4304963fead.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 3357
x-amzn-requestid: 860c993a-e391-474a-b306-064c0faabc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c5eLwFaSoAMFwfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393aa4b-30dcd029382c1d825f2a0791;Sampled=0
x-amzn-remapped-date: Fri, 09 Dec 2022 21:36:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -MI_dPaTXZPndQzYo2R9p-UiDQNyRh76-XU2fhwjXyKiTVRLjNc3fQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 22:04:04 GMT
etag: "99f89631065869ff2f25762feb2f39af108b5ed8"
content-type: image/jpeg
age: 63644
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:600

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:600
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 Dec 2022 15:44:40 GMT
date: Sat, 10 Dec 2022 15:44:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/additional-methods.min.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 10 Dec 2022 18:19:31 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3JNns9kw8Z3k3AbRVaZfjcCvhlghBIg8h0BHbwCAaSd898GPvgXIusvoQHGGvhQfK0leh5QHc7Jdxx%2BjtzaszBbAkjRFW5td%2FNPPUAnJjxoGdSSSoLMW85GztHnr%2BxnhnDd5%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d6954b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/main.js?1670687080

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/main.js?1670687080
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/main.js?1670687080 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:41 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 11 Dec 2022 15:44:40 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KI6lsh824Qe1IBK5Pb1jHn9Q3xY4YARKuh%2FEXtJxFnABsOMM1%2BiTQ9TZBTojTTu0WswlUbok4Xi32e6fmuKUAyQ841qRIaECs2kugFcezicEPR9GcKFiK6LGiYTeGv9BL9Y8MPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d695ab529-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sat, 10 Dec 2022 18:19:31 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77109
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SkY6%2FT60U8m%2FJVt27Iz9sKT6kIkypDvUr3FsskBi1gCPn192vifA1MNIRg6LSYHtkUokS%2B1xyCfo7l5SktYb%2ByUr3VRPGXxRLcQ1H%2BP2YEP08%2BYJoZdJrD%2Ba8n3qWEyXrBMdO7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d694fb529-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/n.php?cep=Qf8RKzbtBUea9FETeq48MqstCn3glXMwPOJvpOS1o-JyWKbyITmw6ClTRUUtmaCCwKa1zjMKgj67Fcca7fXUuWOjk1mSUKc70N3NRPgZMBUJMlrQyytlk4_30AA-3ORUVbQkpKwpZ_TY5LB9FFJeRZ7efkiphX8XHLTasfNAjUHpJzFSlLvszQmU4cKJbqsyMJkvTNEAkTWc5PFXIR3mLALhpIxp8E66zVa5Av00kNXxtQHBQer9DIdLivfeTj7av8VO6CZ0D8ZV1burt3pknU5Y9Y3DLYMwmj20Scc-4YZmfR8Q9iLPNf_-ZmxxIUoCYxdqpBh7vDyjY9IbwIDo1nJlLjBNbCuwNXYl8mSxHFm8692upGi9L0ysEWIdM2lwA_q2PbjHQ9XN7_sWnGwi8w&lptoken=16887003684b880279ba&external_id=36197-739479371&source=16295&sum=

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/n.php?cep=Qf8RKzbtBUea9FETeq48MqstCn3glXMwPOJvpOS1o-JyWKbyITmw6ClTRUUtmaCCwKa1zjMKgj67Fcca7fXUuWOjk1mSUKc70N3NRPgZMBUJMlrQyytlk4_30AA-3ORUVbQkpKwpZ_TY5LB9FFJeRZ7efkiphX8XHLTasfNAjUHpJzFSlLvszQmU4cKJbqsyMJkvTNEAkTWc5PFXIR3mLALhpIxp8E66zVa5Av00kNXxtQHBQer9DIdLivfeTj7av8VO6CZ0D8ZV1burt3pknU5Y9Y3DLYMwmj20Scc-4YZmfR8Q9iLPNf_-ZmxxIUoCYxdqpBh7vDyjY9IbwIDo1nJlLjBNbCuwNXYl8mSxHFm8692upGi9L0ysEWIdM2lwA_q2PbjHQ9XN7_sWnGwi8w&lptoken=16887003684b880279ba&external_id=36197-739479371&source=16295&sum=
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/n.php?cep=Qf8RKzbtBUea9FETeq48MqstCn3glXMwPOJvpOS1o-JyWKbyITmw6ClTRUUtmaCCwKa1zjMKgj67Fcca7fXUuWOjk1mSUKc70N3NRPgZMBUJMlrQyytlk4_30AA-3ORUVbQkpKwpZ_TY5LB9FFJeRZ7efkiphX8XHLTasfNAjUHpJzFSlLvszQmU4cKJbqsyMJkvTNEAkTWc5PFXIR3mLALhpIxp8E66zVa5Av00kNXxtQHBQer9DIdLivfeTj7av8VO6CZ0D8ZV1burt3pknU5Y9Y3DLYMwmj20Scc-4YZmfR8Q9iLPNf_-ZmxxIUoCYxdqpBh7vDyjY9IbwIDo1nJlLjBNbCuwNXYl8mSxHFm8692upGi9L0ysEWIdM2lwA_q2PbjHQ9XN7_sWnGwi8w&lptoken=16887003684b880279ba&external_id=36197-739479371&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Sat, 10 Dec 2022 15:49:40 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qcrxCfhTAQmMkfp7bZxFyGkxV%2FkKQBV%2BabvYPf0hEwmflcyQfaW%2Fp4lzSeVRKmObRXuTvlaRJv6en%2BasGBYuNIChPqoRg4ugO%2FOf7zErUhhvReivY2DN8EKaW5S5Ymw0uDrhyc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a692ce2b529-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/032107/css/style.css

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/032107/css/style.css
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/032107/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:40 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=4300
expires: Sun, 11 Dec 2022 02:09:43 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 48897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BOe7Y%2Fw01IW%2FK6Nc5S9dNXBjQ8l6HUH5tiMnxeyYXzaW3l16cOn4C8BGTCX5uy%2B1sjaUIWAWcQ7hqaqygKcG9CP%2Bsj0enNiyDtGrqLJgJfV2A2nMPMYMkk9SPHItI3yVXY%2FO2s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77771a6d593db529-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/cookies-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 10 Dec 2022 15:44:41 GMT
content-type: application/javascript
last-modified: Wed, 07 Dec 2022 18:45:45 GMT
etag: W/"6390df59-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fju6DF7krllbLDjE4YIFO04C3krkUzMvcnSj0QWPGXcLWX729XnWj7SYoJIhWJYNXTYFyJXeJEyhqk3awNevs7EKFS6ZkLINTVNh1e%2F6JGSj31NsPutBPySOpdPexYjVrN4XaKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77771a726e60b529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 12 Dec 2022 15:44:41 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations