Report - citlali.prtylady.xyz/

Report Overview

Submitted URL
citlali.prtylady.xyz/
IP
192.64.119.254
ASN
#22612 NAMECHEAP-NET
Submitted
2022-11-23 09:15:47
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
mycasualhookups.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	1.7 MB	104.26.12.87
app.api-push.com	307671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.8 kB	172.64.139.29
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
judy-k.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	448 B	317 B	64.237.40.114
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.1 kB	142.250.74.3
bl.trackham.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	526 B	1.5 kB	18.193.146.82
cdn-dt.fcdn.info	230544	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	728 B	104.21.234.86
citlali.prtylady.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	352 B	291 B	192.64.119.254
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	492 B	16 kB	216.58.207.195
cdnjam.com	204001	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	2.5 kB	104.21.58.242
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.5 kB	23.36.76.226
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.82.48.240
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	60 kB	34.120.237.76
subscribe.api-push.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	858 B	172.64.139.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-23	medium	citlali.prtylady.xyz/	Malware
2022-11-23	medium	mycasualhookups.com/sl/html/ES12/js/config.js	Phishing
2022-11-23	medium	mycasualhookups.com/sl/html/ES12/images/logowhatsSex.svg	Phishing
2022-11-23	medium	mycasualhookups.com/sl/common/css/style.css?1669194936	Phishing
2022-11-23	medium	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	Phishing
2022-11-23	medium	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	Phishing
2022-11-23	medium	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	Phishing
2022-11-23	medium	mycasualhookups.com/sl/html/ES12/js/main.js	Phishing
2022-11-23	medium	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	Phishing
2022-11-23	medium	mycasualhookups.com/sl/html/ES12/js/langs.js	Phishing
2022-11-23	medium	mycasualhookups.com/sl/common/js/common-langs.js	Phishing
2022-11-23	medium	mycasualhookups.com/sl/common/js/main.js?1669194936	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (14)

	URL	Size	First Seen	Last Seen
	cdn-dt.fcdn.info/swpush.min.js	34 kB	2023-03-07	2023-08-07
Pretty URL cdn-dt.fcdn.info/swpush.min.js IP 104.21.234.86 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-08-07 07:25:23 Times Seen135 Hash af2540aefe6334edb036a720947abb72 f17f394267c73b004d0f2c6dfb8a790aa2d7bf7e 7af8787e4bc78270a5a72a75f86a45ae9d3bd803c3c57ec3efb84d2aabe102a2 Loading...

	mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3	90 B	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3 IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash 366614100df3a1aad7eaa097204bb879 462a34ed6013dced533568a3bafe7bb7da1b212d b52856d21909444a7b1f4afb75479ca00aa7a05fc60cdf860dcb3ce4f0b75f01 Loading...

	mycasualhookups.com/sl/html/ES12/js/main.js	987 B	2023-03-08	2023-08-07
Pretty URL mycasualhookups.com/sl/html/ES12/js/main.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:03 Last Seen2023-08-07 07:25:23 Times Seen13 Hash bfadccea06aaa3b8cb70b2fb323d9de3 d5195729838bad28e08959a2588dcdbab498b63b 359a9db62322686a6837629e463b02150871da4dfb3f84ed077701076ed55e56 Loading...

	mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js	23 kB	2023-03-07	2024-04-15
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2024-04-15 20:34:02 Times Seen984 Hash 93c1dd8416ac2af1850652d5b620a142 6a76e4c7db479053350580469aa010febfdcacd0 17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50 Loading...

	mycasualhookups.com/sl/common/js/main.js?1669194936	7.4 kB	2023-03-07	2023-08-07
Pretty URL mycasualhookups.com/sl/common/js/main.js?1669194936 IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-08-07 07:25:23 Times Seen115 Hash b87e1c868deb5fadb6c9661630d4f0db e893295cfb31b37a247c509c53b1eae346c528fc 44523924092ddcf715dae1c6c23059400dfb24781643ddb760b0f6b82724a0a8 Loading...

	mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3	487 B	2023-03-08	2023-05-21
Pretty URL mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3 IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-05-21 15:59:11 Times Seen18 Hash eb3361ce29dba68e5f6374b4129a7240 e9226d27e25cff9e8fd1026b4107d90919d59c14 8eb0cb2db6b9f3b562f0b58f4c9b1f6c48c31cce516872a20efbd90a5c6d33ff Loading...

	mycasualhookups.com/sl/html/ES12/js/config.js	395 B	2023-03-08	2023-08-07
Pretty URL mycasualhookups.com/sl/html/ES12/js/config.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:28:57 Last Seen2023-08-07 07:25:23 Times Seen53 Hash 628061c41e011910d93e2eb32b7e8a24 edaa1d1ca254452b8c77111a7d2dd928276b5971 33015ae6fe9c43a1d94f0b77b94a17e903ca8be952608b85f70ce0df0193161b Loading...

	mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3	640 B	2023-03-08	2023-04-05
Pretty URL mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3 IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:03 Last Seen2023-04-05 02:02:09 Times Seen6 Hash d751b7145b6e68b69f01565feb690350 3c7586b58d6534efa6e2863337263d85aaf943cb fda9aa7514f1b759a68d5904f5d7ca5d0116217fa2314e81acbd9d6241ed8ee4 Loading...

	mycasualhookups.com/sl/common/js/common-langs.js	15 kB	2023-03-07	2023-07-02
Pretty URL mycasualhookups.com/sl/common/js/common-langs.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:51 Last Seen2023-07-02 18:22:18 Times Seen47 Hash 9dd6dd34babf310236383a7eb7d569e3 f396ed09424e282aa4e7b96d463541fc42556f46 7ae9fc07390e221821ced9edb8e092859afbc5653d7878c3d3074ed24be2c050 Loading...

	mycasualhookups.com/sl/html/ES12/js/langs.js	38 kB	2023-03-08	2023-08-01
Pretty URL mycasualhookups.com/sl/html/ES12/js/langs.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:47:03 Last Seen2023-08-01 23:18:34 Times Seen4 Hash 816cf1808e0209d6a391485d45d0c51d 0229d6fdfa7e5f72202bc1b523bec3d029d4cf61 23cafe12cf41a3b0ba3e812c732ca92b4241186b42568f0bd309aec09f1b432d Loading...

	mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js	87 kB	2023-03-07	2024-04-18
Pretty URL mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-18 08:37:35 Times Seen105125 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	1.2 kB	2023-03-07	2024-04-18
Pretty URL mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-18 08:48:57 Times Seen54412 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	mycasualhookups.com/sl/common/unsubscribe.html	1.9 kB	2023-03-07	2023-04-05
Pretty URL mycasualhookups.com/sl/common/unsubscribe.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:52 Last Seen2023-04-05 02:02:09 Times Seen17 Hash b65ff9705865169981f3ac388816cc72 c79a72e04d9b766e27ea4fe8d2a0cc5d9c484c41 67da9ca751409ddfd1a8b1b7a1fdfe5b66b37e6d9b1d0c4e083fb357debca5de Loading...

	mycasualhookups.com/sl/common/js/lib/additional-methods.min.js	18 kB	2023-03-07	2024-04-10
Pretty URL mycasualhookups.com/sl/common/js/lib/additional-methods.min.js IP 104.26.12.87 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:43 Last Seen2024-04-10 02:04:24 Times Seen257 Hash 3a53c5eac97b98ed3833970d43bf7fc9 b8805460b5754be8b16a223df737d9577da4c182 8b1554032d2cfbf0e858518df6460b2b4336be2cfb1f188dfd1108a3ae50b2e8 Loading...

HTTP Transactions (53)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8511
Expires: Wed, 23 Nov 2022 11:37:26 GMT
Date: Wed, 23 Nov 2022 09:15:35 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
b59d95402dfb464c176610284ba13f65
1a6c62fb0d48654dd204b66161bb03fefe60f71a
40cfd59b890ec5a3570603d28d90bd7e5c506babd52c2ece93e09f1c7b2a6880

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5036
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 09:15:35 GMT
Last-Modified: Wed, 23 Nov 2022 07:51:39 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2591
Expires: Wed, 23 Nov 2022 09:58:46 GMT
Date: Wed, 23 Nov 2022 09:15:35 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 08:18:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3409
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: b4hQhE+Ik0qf3RwHkgGPIgQGNPZVb2iyak0Yzy21ejhYNA5rYXc8rc9zWyO6EOex705VtUxverM=
x-amz-request-id: STPA4E0KHHCRR962
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 08:39:56 GMT
age: 2139
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

citlali.prtylady.xyz/

192.64.119.254

302 Found

50 B

URL HTTP/1.1
citlali.prtylady.xyz/
IP
192.64.119.254:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text
Size
50 B (50 bytes)
Hash
c50799016e1db908ff2f24334bd7377c
c5cb1640aff8747538f92de013f4db726a8ff56f
bac019bd0a33a3334c4b08aba7a006bd86166ac2606bac405e3ba89db60cc53e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: citlali.prtylady.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Wed, 23 Nov 2022 09:15:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 50
Connection: keep-alive
Location: https://judy-k.com/pradga5/
X-Served-By: Namecheap URL Forward
Server: namecheap-nginx

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 09:15:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 09:11:11 GMT
cache-control: public,max-age=3600
age: 265
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

judy-k.com/pradga5/

64.237.40.114

302 Moved Temporarily

0 B

URL HTTP/1.1
judy-k.com/pradga5/
IP
64.237.40.114:0
ASN
#20473 AS-CHOOPA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pradga5/ HTTP/1.1
Host: judy-k.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 302 Moved Temporarily
Date: Wed, 23 Nov 2022 09:15:36 GMT
Server: Apache
Location: https://bl.trackham.com/0192bfd1-5e02-41b0-abc1-ecf3727b3300?external_id={external_id}&source=pragdalive3
Content-Length: 0
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8a181d95550cfdf3b1fc4deb71631e40
37866f7293c41fbfb817e321754cae5c5bf59f93
6aa3d2763181cc48d2ad0ce7d227f3cb3324045c3f7858ccdbae675768dcec55

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4803
Cache-Control: max-age=90682
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 09:15:36 GMT
Etag: "637c912f-1d7"
Expires: Thu, 24 Nov 2022 10:26:58 GMT
Last-Modified: Tue, 22 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

bl.trackham.com/0192bfd1-5e02-41b0-abc1-ecf3727b3300?external_id={external_id}&source=pragdalive3

18.193.146.82

302 Found

0 B

URL HTTP/2
bl.trackham.com/0192bfd1-5e02-41b0-abc1-ecf3727b3300?external_id={external_id}&source=pragdalive3
IP
18.193.146.82:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /0192bfd1-5e02-41b0-abc1-ecf3727b3300?external_id={external_id}&source=pragdalive3 HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Wed, 23 Nov 2022 09:15:36 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3
pragma: no-cache
set-cookie: 0192bfd1-5e02-41b0-abc1-ecf3727b3300-v4=L5rKzJ817drgXRGrPvfPU396wXxhlgyKivo2Nf2ecl4; Max-Age=86400; Expires=Thu, 24-Nov-2022 09:15:36 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=QhTHc2BSM6oiW-mVrX3sORg8y3EZL64E_zUiRejZw662bP7fgJ87IlxXSlb7V3onBBZap6BKeLK33EeaojX0oYiF6tcassHSz4qFBE-aRkbCrXgC01PDak77GXOocW87EvN6eEojC5iugjuOC04dmYeD-cabEOpyYQFwPUWyJ0gfsMGek6ZB8CIHM67t6AmkZiR2ktgB9Zh6j4ZlNGAnEDQ8CMBoJgSzyHhO0K0Z_o3twi2JBu2Q9gDexEt_svGHehQQcXL7Ll8MRJiPKYVuUPECfvt0G0o30J0VVmS7JSDqBEpnXImRSlM1qcLWcycYasyCCVcburketWqUGaspXYEd5KJBJOX4ZNNHWZlhCwTCgi56ODPpGshrQ0jgNtk4xKIeq-pb1k73NuJfAQ0luw; Max-Age=86400; Expires=Thu, 24-Nov-2022 09:15:36 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/Oos9GsXF1Co

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/Oos9GsXF1Co
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
700fcf566fe19947d6da2b5596821d6b
d8cb0325ef94fc37bfde500503057f701389eb18
9938f479f9faceeac8e6a8f82f83edee6383bd6405e1a1a4a908c93a79a896b3

HTTP Headers

POST /s/gts1p5/Oos9GsXF1Co HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 09:15:36 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.82.48.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.82.48.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /TzLRluGUh4S4PpWhSK/vw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dPU4pOloqT8Hzlfn5uHrLKzJSK4=

mycasualhookups.com/sl/html/ES12/images/3.png

104.26.12.87

200 OK

200 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/images/3.png
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 432 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
200 kB (200103 bytes)
Hash
97d6b76072d378ab7919c28506038405
48ccfb3f58883eaddd12f7cfe887465cc83bfe77
6ba593522a346d1b8f301d95da5463484f292ff411832503b85664b1040adc3f

HTTP Headers

GET /sl/html/ES12/images/3.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/png
content-length: 200103
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
cache-control: max-age=86400
expires: Thu, 24 Nov 2022 05:30:25 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 13512
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfzOjIfA8rg0lM4TXazq0vCS1EdjYLqudU4le%2Bq%2FnHNxPA%2BxGhWU5UtCWf7H08immNPX5BDyAdh6jDkvCeFXbGxj3bIKHbFnuC%2FeixQm4hPzkxkvm6oHomGkpcjlSfC0PQhxMQo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd24b94cb505-OSL
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/images/1.png

104.26.12.87

200 OK

236 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/images/1.png
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 432 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
236 kB (235602 bytes)
Hash
110a1f63b82922fe5c6ec14f8f2844b3
c7dfc259cf67aa6c9f9722b3bce3487350393d5a
fea6ba0778b6f76a2eee5a4c501f1e02284c36aa5b0d5d161d153a2150d0f2e0

HTTP Headers

GET /sl/html/ES12/images/1.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/png
content-length: 235602
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 23:29:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35142
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wXJcY0bVPue8VTJVpv3m1ocKQFxYb0Jyj4RZAUpARb2G1rN4764wYNyzzvGPCQZXsh131ipA4eNUCDG6QnCCi0TgxLdkuf1mnp6P3T%2F6Ewa1YU%2BwOhcexAp24pKbJOuJz4OxBp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd24b946b505-OSL
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/images/7.png

104.26.12.87

200 OK

153 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/images/7.png
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 432 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
153 kB (153311 bytes)
Hash
bf59d8f1b43bd73c63b7766e8772b8f6
8f6ae4a15bc620ccc9e6686149edfe0909bdfe0f
7454c3889dfa1deedabed959f525407287c3ae629e36b63b2338e1c2562b83e7

HTTP Headers

GET /sl/html/ES12/images/7.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/png
content-length: 153311
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 23:29:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35142
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVyiCZKsMbzeGb29o9adoI4boPOJGMR11sTG9So9QEqRV%2BVh2pCG3NdjNUohGLyiEahyBs%2Bh6ofiuVg7fRTq39aeGkXsf9uTyZqmNhgmLHK6cXPOokjUP%2B047AN%2FOoz%2Bo3iu8E8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd24c954b505-OSL
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/images/2.png

104.26.12.87

200 OK

254 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/images/2.png
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 432 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
254 kB (254011 bytes)
Hash
b9e170e7d966ab6909608dfb9ad856ff
e32033df7d52e8b71b369db37ba74212233d43df
175fb64d5f42163b6735d8e3df33fb46f571d2cb8e5714c0b6c301ef4853bdda

HTTP Headers

GET /sl/html/ES12/images/2.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/png
content-length: 254011
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 23:29:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35142
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vf5qwI7kUHNUdCIP3qEZTsVx%2BgOanDoRxgHhjf%2B7LqOciRRw0xHrcNqx9DZ1%2F55apglMB2dQViF2LkJWgjIWIjfkTUvazJZay%2FvWeD03eBqbK5R1G7Yb3pZ7rxWr%2FFaCovo7EQk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd24b949b505-OSL
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/images/4.png

104.26.12.87

200 OK

196 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/images/4.png
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 432 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
196 kB (196124 bytes)
Hash
15b9d5b82de7c411da6af46f2ef093df
afce034d47cbae83c3ceb1a8ffdce628fd12476d
18786b380565a66f42dfe9369208cd1e05422de1f72e2f3d6c1e8c9cd241d325

HTTP Headers

GET /sl/html/ES12/images/4.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/png
content-length: 196124
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 23:29:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35142
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3ryT0Vu6449eyK0%2FYNOLTNJExsTTu6rkmpDVi%2BigaLLT2WTwi2B5%2FfEvxjVlwDkb75J6%2FzQyFSm0i9z2i2v4rJL4sg%2FMCEka1tuohVjymgr7wZ%2FLaQDZ7ul4AjGT1VDLVeBv%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd24c94eb505-OSL
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/images/5.png

104.26.12.87

200 OK

212 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/images/5.png
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 432 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
212 kB (211551 bytes)
Hash
95894cc515c5292a505101e8c2338d00
fc6606e48324f5497a7df030bb48eff949d9dcdc
56c2b4fe5fb3ecfe75534bb2dd22edef6fa0811882b26d46b49c2fc177c0506e

HTTP Headers

GET /sl/html/ES12/images/5.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/png
content-length: 211551
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 23:29:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35143
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWD%2FXq%2BfHKUdTlVH8KLJliCC9zGlYE4Iu5EOeDKqkCI%2FJE%2BB658Z1UkfIGLcHLbCZwMQcCKMhqxwkB65Q4DOcRE2j1nId42v9YVkXRS2ij7VZ%2B5jyWwACriw78AUCnfD64GtEi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd24c950b505-OSL
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/images/6.png

104.26.12.87

200 OK

213 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/images/6.png
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 432 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
213 kB (212906 bytes)
Hash
9aa5b43b55579922ac9b888b654e3899
f250a8510b0e1fb10fffbbae4a669f5dfdaab36b
6f48107a5b0397734e3ec6793478c0b794efc94fb72587decabbdc4d63bec4bb

HTTP Headers

GET /sl/html/ES12/images/6.png HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/png
content-length: 212906
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 23:29:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35142
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k7HHYvlxbw9X3wx5nSxaacyZhitZKAbJsD50ouniikhJiBzqrWB1GQ4LbrvwdiiW2aGh5dZnzi%2F1UjAOp1J0NIdPEEU0NCQTplyDl1GRMvG1VtQ1qexY7VwXcSQve2UPGVKY6vk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd24c951b505-OSL
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/css/styles.css

104.26.12.87

200 OK

7.1 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/css/styles.css
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
assembler source, ASCII text, with very long lines (748)
Size
7.1 kB (7145 bytes)
Hash
370d5d818d2b1691aa67219beceb202b
1dc9192db915fb2b16b39482c8423957ea670480
076d93fe0e93e76e502dbdd5aaaf3fc469780ef7ed9bca404215fe62fb0d289e

HTTP Headers

GET /sl/html/ES12/css/styles.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: status=cannot_optimize
expires: Thu, 24 Nov 2022 05:30:24 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 13513
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNKNthdwqBGeGmb08PUtKzJd2MjgFHsmD95ob6QWuDS7PaNZi2%2FaJYpxKU%2Ba99emAtmeBwETMvaFZh9CcsH6LUy%2FgvahYVPNaP16gM8neD5WKGkylbYIIENCyv1jmerTGltpVBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b931b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/images/main-bg.jpg

104.26.12.87

200 OK

154 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/images/main-bg.jpg
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size
154 kB (153708 bytes)
Hash
eed524fcdeb983585afa43b3576e3a04
99a21f9bc3464e1c173111f58778bbf96faf2b36
09b0626944c96d79726bdb6aa04d3400b744f822b99547e231de360700f5d588

HTTP Headers

GET /sl/html/ES12/images/main-bg.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/html/ES12/css/styles.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/jpeg
content-length: 153708
cache-control: max-age=86400
cf-bgj: h2pri
expires: Thu, 24 Nov 2022 05:30:25 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 13512
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tw6dVhIObPYGBEjom6eyRcDUbIH8I%2Bg%2FHM%2B%2FrgbI4QfUSlnNnEyBBxqjCsmIHZNEGoi0Z%2BBsoOBYRhMGB27p%2FK%2BAL4DB%2Buwb31cJ3IRvoEoSojmg5u3vwFDKSCpizh8DM9d7FjU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd284d4bb505-OSL
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 09:15:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

app.api-push.com/get-keys

172.64.139.29

200 OK

917 B

URL HTTP/2
app.api-push.com/get-keys
IP
172.64.139.29:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (2116), with no line terminators
Size
917 B (917 bytes)
Hash
513e2d6f7c4afa7a467e568b61c21860
ac4f6c25cdb7c39831cb5fbb29145329a81abee4
a1d29eaf84ca426460dada1ebf6d4d2c709ad23201f8bc53d4f9dbdc65aa4d20

HTTP Headers

POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29FeJ%2Bc2VtlAIf2oxIS25XXvbX%2BUbiTNlF4K1gblb%2FSyqr9IKrLPKYjla4Xp6%2BFSEh81Y1GDTyN03YeDUIdZtRj472PQ112DP5lcOhO9MWkF558bSemHkkeZorq%2FJ0B2%2Fqsy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd26d8e77326-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/js/config.js

104.26.12.87

200 OK

15 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/js/config.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (332)
Size
15 kB (14568 bytes)
Hash
70fa47c0bfc83f62ca0ec062e33a2523
c93fbbf28a70fc9227d286c8b8e9eee223fefec9
1c2718c7379958ad3879214842e573f874863ea6ec7437ee441f69a9bfa2a8c4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/ES12/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Thu, 24 Nov 2022 05:30:24 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:28:35 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 13513
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cgnc0PChWcaH7bRZmFLw%2BCyCUJZmxkrv9WLua1csfkThCijcPdcx84gF%2FK%2BEmdp0lNH0bavhsPN119Vy3U7yyqizgI3VNKd%2F44cbKmfsM1b0KCO0suCH%2Bmp5ygL6hoHBamMZo7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b93fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 09:15:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

216.58.207.195

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15056, version 1.0\012- data
Size
15 kB (15056 bytes)
Hash
0edb76284a7a0f8db4665b560ee2b48f
02496387a5f7bf7b79df52c7b76ece4ebc7a0710
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

HTTP Headers

GET /s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 20 Nov 2022 00:51:08 GMT
expires: Mon, 20 Nov 2023 00:51:08 GMT
cache-control: public, max-age=31536000
age: 289469
last-modified: Tue, 23 Jul 2019 19:30:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12887
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 09:15:37 GMT
Connection: keep-alive

mycasualhookups.com/sl/html/ES12/images/logowhatsSex.svg

104.26.12.87

200 OK

6.7 kB

URL HTTP/2
mycasualhookups.com/sl/html/ES12/images/logowhatsSex.svg
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size
6.7 kB (6746 bytes)
Hash
252e5a8a98dbf8a7f6671b60cd280f3c
b3356ee4b858640c7ab786892edb84a25b6f456b
1516432950a79245b7957ed998f0ccd0285fc4dfc43c25c67c49eddb80dd24cc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/ES12/images/logowhatsSex.svg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 23:29:54 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=grgeVtkurm0Xlf4cBfozZEXNehAWyExK80dyPzGpyvz1rRwbwCnZyHi7qrGpT1l4cZIKaiJhVxCtoOoUNi0hDYSTFfEOHhGiGJIc%2BH%2FrwhDv9JqBIIiovdXSD1aVJY%2BGs6C7RKc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd24b944b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12887
Expires: Wed, 23 Nov 2022 12:50:24 GMT
Date: Wed, 23 Nov 2022 09:15:37 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg

34.120.237.76

200 OK

5.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.0 kB (4977 bytes)
Hash
0cc111ba6ae699fca7fbff3490640960
18084197b48ea3b4a143636250396e8791d0285f
34fbba92e665ad371ea2bd1a871251cf0c5b7832d6f4661b21b2cfbd7f786923

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45ca81c5-d11a-4d86-a922-dbdce0f6b46c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4977
x-amzn-requestid: 3e56de91-7ed1-4b1e-b230-5f19b2cc6601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bxQKBHzdIAMFpUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376c70c-41c572d27999534d3c198372;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 23:43:08 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 414rX74hOWUS2W1d9SVHs7McxZ4QDE249cjU-1EyIe0nMkZrQz2rrQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 40729
etag: "18084197b48ea3b4a143636250396e8791d0285f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9766 bytes)
Hash
3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RZqqB_Aaam7hYpdAB2fbx-i3iQth9M-OgA25IgCB5Uz0swqVi3-bVg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:48:19 GMT
age: 41238
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9138 bytes)
Hash
6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:09:16 GMT
age: 39981
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 06:36:36 GMT
age: 9541
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6180 bytes)
Hash
218956a7601433bcf0f6ff484dbd5b52
d005c3afc835a854efdfa9cceb54b81153bb9899
dcc6527a7705c8e870e6aaf6744319ba0541a9fdfef58ca897361309d11b2b2e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a31b1f7-5b4e-41c3-a823-4b79b831c0f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6180
x-amzn-requestid: 89cc3e96-f5da-4f57-8889-abe5d714ffe3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7nWIHWCoAMFQeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aec27-2a8ed06e64d9768a6878f9f2;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:10:31 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: CZsX5_0E818KOzub4p1lrcaUXtpNdeVr7AdKRfkExQ_JWFS7mVImgg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 05:02:07 GMT
age: 15210
etag: "d005c3afc835a854efdfa9cceb54b81153bb9899"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd647b7ae-6c81-4319-a790-7c588599e88d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8820 bytes)
Hash
3fd467778c7a69252efd26485c4443dc
bc4c851e17fefa49897e3b3cb66c5ce9cda718fb
6363b7ec5c10449836e9a0330871df17daf160b0fe509507d0422e0d4854b868

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd647b7ae-6c81-4319-a790-7c588599e88d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8820
x-amzn-requestid: f4826eb0-c486-4161-9889-ab71966f465e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7nE4FLWIAMFc3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aebb8-53f202ae48abf5c1212b1faa;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:08:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: pGXUB8MtXFMiCQEeE3VjP-h1EicN3p4xHP1g0kwJ523r6G1-L0hz3A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 03:32:56 GMT
age: 20561
etag: "bc4c851e17fefa49897e3b3cb66c5ce9cda718fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b

172.64.139.29

200 OK

5 B

URL HTTP/2
subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b
IP
172.64.139.29:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

HTTP Headers

GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuPVpXTOizTrLSVEeeeB3h0VgdKD5%2F1hOvuo4FZQU11RYFRwD7qRN5dfqRgzO7yFisFQzh%2B%2FfbMlZQGmkvYQ8VEuN%2FC6HHmOgGPBeoQsVJx5SfuXoIj%2FTOA0gKaEzYkQYatIHxWItUuX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd28cbbd7326-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
c467b5411e9f73ffd1f0943066fbc180
9aae948f01350e2234b5dd7db7c8195ed297aaa5
bb2f461d01b5ae99929f202a003021314aba67a6d04603eb7c75ce0e151fabaf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=102420
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 09:15:39 GMT
Etag: "637cd1cf-116"
Expires: Thu, 24 Nov 2022 13:42:39 GMT
Last-Modified: Tue, 22 Nov 2022 13:42:39 GMT
Server: nginx
Content-Length: 278

cdnjam.com/cdn/sdialog.min.css?_=4

104.21.58.242

200 OK

1.6 kB

URL HTTP/2
cdnjam.com/cdn/sdialog.min.css?_=4
IP
104.21.58.242:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (6775)
Size
1.6 kB (1575 bytes)
Hash
9ac5c5bd91965bb1ac83a7fd991a48fd
341dc6e25767359a7cb485ea5ed3af549b790b53
77a34816a5374d425b4580d4487b43140939953889470dfb40c8c4b97377a9eb

HTTP Headers

GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:39 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8nFLlSg40dw%2BZg3Nb9V5x8WUTdaiFWMZU5dVKzk1Rl9LvGVPghBw7xtSIXWS252w3%2B0LGLL0Qht7EwfYoecFJ17a%2BrwwyREag%2FQSzTRpCj13SJ4x6Y3TJ58EbGfz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd31bcfdb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f511ad5-51d1-4115-92e3-f9ab3e54b37d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9748 bytes)
Hash
fa20882d7dc00765a2a196dd6a477c39
5cefba54fd9950f867063642b6791d805b429337
6dcfd316c6f91cf6b4a190ab30d529b093bf773950e6d8e796f0e8e91dd6b7d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f511ad5-51d1-4115-92e3-f9ab3e54b37d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9748
x-amzn-requestid: 0eb0f9e1-b028-4ec3-9025-2cead2debfce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBb_iEqYoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4063-5f709cbf08b34c2700d2ddce;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eUy7rrEHVX-vazNbPIMcnuXyPSW50R3eFOw0WoQEUoNiSmwe2Hjczw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:56:48 GMT
age: 40736
etag: "5cefba54fd9950f867063642b6791d805b429337"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/css/fonts.css

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/ES12/css/fonts.css
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/ES12/css/fonts.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=7188
expires: Wed, 23 Nov 2022 23:29:53 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK7RSB0s9%2ByC4ohA08XxZV%2Blof9e6H7haZFvRfA0M8g1I9M4mOS7447lc4zWQOZ7Ff12jviYMSVwUSgflZ5O3HIoyYhqxSE9AhOE%2FGgtwNyUft4X0oHby2eKEmY7xt%2Fhupi2DvI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b92fb505-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn-dt.fcdn.info/swpush.min.js

104.21.234.86

200 OK

0 B

URL HTTP/2
cdn-dt.fcdn.info/swpush.min.js
IP
104.21.234.86:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1772342
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeLg4IxcKppcjF9JNMuIrxCFkjiG4EZPNtNe7OKo%2Bd5C8tUxe5jHWMY7P%2BDov5oDjd%2FKHpzE6qkowbSciUpTbZ%2BPVkUPOwDkW%2BtTF5mXyZSOMxs3a2Www9JKKaRIZF%2BF529d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd256d9add13-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/css/style.css?1669194936

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/css/style.css?1669194936
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/css/style.css?1669194936 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Thu, 24 Nov 2022 09:15:37 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eD1iXpDCH9rX5K%2BqLNlXJ2OChWUItaSnemA6Qdd%2B5c1c4B88ndn%2BUgtlRWiw6oktTbMmrdDPC7BtXjkM%2BiQ2EZ9SLQzV3%2BKnmgoWoXsDGTdiL5FFPP1tQWPt7yD6PCYgt%2BcZvBE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b932b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/sl/common/privacy-policy.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
last-modified: Mon, 21 Nov 2022 12:02:18 GMT
etag: W/"637b68ca-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2FsUgDOElAuW83EtG1AgK4ITfqDuFXvRJmGFlhyKKCvmaB0Esv5q6%2BTn1IyK8NzCbMKwoiUNHVEGA8IWDUrPnR3GMrhQ%2B9%2Fi72%2F0C5eP06YqG5p5%2Fkz52keoDSKXGXjy2pjzZuQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd297ebeb505-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 25 Nov 2022 09:15:37 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/html/ES12/n.php?cep=RX3H_17IxHifsQpMFarbXiX-kp8IMi2QjZH7iQLQuP0qEXKgFUE2VwPljCZJLTyF2Hk1vsh_s50FMcHWH8_Kv7QcBG8niiA3kKpnSKkv3sXnC2h4yKj4F5wCULlab6fQ4joKK2x5U4ZmgYiAHJ0sk2RRytueAal9NqVREygN5FL1s77AvdCSNHiKSXZu5O1UOz9RAKr6d94ySIS1ntB76NQNouuWpiC9cg_RxLQLA456k7fgkQ8hP_fJQeswM_JP8k3whgvLTUvOSvoBRul38GH1aVmsd9fw4Z_NYCe7jzw24XkTgbVoli4AlT_M-dz5pypjsgs20Uk1cHx2egVQa-nB-Nx_H1tUO5_iyFgRKca5T83Z8HFqdZ6ES9LVIitAjxqTiUQFDBol6FsEBOcXaA&lptoken=16df6998194d67d43641&external_id=%7Bexternal_id%7D&source=pragdalive3 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Wed, 23 Nov 2022 09:20:36 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vu%2Fm6VER2SqRD7knIs7AhISGG0MN2NFZmnyRIuRCcqyNRw%2FXEVzeEYvA0mO%2FwNiNG%2FKDjBIwpbHaGsmHk9pDGUScD8LkO4tHouRYHIUmXnDyndo3dD3NbVOYNC3Ry%2FWi0IHrRak%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd20ebdab505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/additional-methods.min.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/additional-methods.min.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 16:21:57 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 60820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vvEKiWfBOnuIvQHZW%2BrEp4WhyfhHuftS5hZb3XhG4%2BDsGS%2F1Ss2kJHuA8SrZHsU1lfw1Q1zx05QZTlc5uyqxFeJRmY7wGq1pCfls5RwrIR1VFOfVWhCcjs7u7zt46Prot7nSYls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b937b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 16:21:57 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 60820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BRIurPaxPNGzcmJCz07xr%2FyrVfbZfAW%2FBjck8c1NmKynD3P79kuDSO2X7ShCxMl4vDCDyiwqp53wHihbEejdLFpg0fx428L4T2sdXppVpde8OGPXVxQo6V6OLaVsRqEj4gG3v9U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b933b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/js/main.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/ES12/js/main.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/ES12/js/main.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=1466
expires: Wed, 23 Nov 2022 23:29:53 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQdmPB95DoxPilZnpHm81fxlsn0b7isz9VYqM5EH66fxw8yUnxGhiiWKyD6dirREyWKuN6E21xFbQcAVRzEM62mb%2BN%2FuKUVWktCJZkRZREDTtee%2Fw3qOmVLwecYkOKOj5w1s2Kg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b942b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Wed, 23 Nov 2022 16:21:57 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 60820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rIAbSyJPKBCxP3phTVq2XAyR8no0TVKWsAF3vfVtmuGGpM9i%2Fw%2FF7ZZWNMivc2zvlMCzC7F%2F0h0mIrBmOXr5JoMvmDvrhtK%2FTwrfVQh7xpi41sGNfpcGV0NJEhuamqiSoQObae0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b935b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/html/ES12/js/langs.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/html/ES12/js/langs.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/html/ES12/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=41184
expires: Wed, 23 Nov 2022 23:29:53 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:07 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 35144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGGKGPRXUkWda0Xgz5uxb3tWgu9mwg3iqg66v6C22DLeOwUXEDmjvd2elPsglWdv9twukB8L9XlDanblKUZDfyjMnTS22K2f9yDTLdFECQB75kXQsD0%2FWSd7JOmU7RMt909XBWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b93db505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/common-langs.js

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/common-langs.js
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Wed, 23 Nov 2022 16:21:57 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 60820
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8I%2FShJn87t6XUJ6Vcv9zHRPwzCuTNLf1RsMZZQuV0iYSKps7DeF2jxxRmCEvexFFvXZ1MplxCHU6RXp1H8cnfB2KFFuvqsDTNrFEdyVZef2NWhUWFXJYiRta%2FVUeQqtWSxquqxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b940b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/favicon.ico

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/favicon.ico
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 4840415
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QL0yQeZO2NJwy2SwpFvz7odmnbjmIeK87fsaLDO%2FyNiEaWzKfU0oP%2F%2FrVTf6S5SYVyqcFqheA5CcHIbqfxhOXYpnl%2BFKYy0Mxd%2FF0rhXbDiypNsDuj96DnxqAkM%2FPmDcARbZdbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76e8cd296eb9b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

mycasualhookups.com/sl/common/js/main.js?1669194936

104.26.12.87

200 OK

0 B

URL HTTP/2
mycasualhookups.com/sl/common/js/main.js?1669194936
IP
104.26.12.87:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sl/common/js/main.js?1669194936 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 23 Nov 2022 09:15:37 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Thu, 24 Nov 2022 09:15:37 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsgD%2Bd5joYMJOi%2FVkoAlW2fPIX863PURiCY%2Bg2WRRpLb74d%2BMeOuvFzuJfhsXNBvo3jSAFp3%2B2g03Y32wJbKIZGKDuQOv7fr8n5C5Z4HAfW468HXUSMdXpy%2FaTGoZHNml9yHPLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76e8cd24b941b505-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations