| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashcfec3d7283a9b66d2be426ce54d210f3 808c1feb1ba918951d1928c1f6bfc0c253262774 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16990
Expires: Sun, 04 Dec 2022 19:35:12 GMT
Date: Sun, 04 Dec 2022 14:52:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash1ea206ac3c440825741687351f8c6e4e 2f38dafd8c43dcce2411a0590bc5c02cd6286735 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18022
Expires: Sun, 04 Dec 2022 19:52:24 GMT
Date: Sun, 04 Dec 2022 14:52:02 GMT
Connection: keep-alive
|
|
| kissmeslowly.com/LqdPDHT6?dir=cam | 172.67.192.4 | 302 Found | 0 B |
URL HTTP/1.1kissmeslowly.com/LqdPDHT6?dir=cam IP172.67.192.4:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /LqdPDHT6?dir=cam HTTP/1.1
Host: kissmeslowly.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 04 Dec 2022 14:52:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Sun, 04 Dec 2022 14:52:02 GMT
Location: https://makeyourwet.com/yrbPvQjh?s1=s8hnpa7a4ro4&tag=31659&s2=frd
Pragma: no-cache
Set-Cookie: _subid=s8hnpa7a4ro4;Expires=Wednesday, 04-Jan-2023 14:52:02 GMT;Max-Age=2678400;Path=/
9bf24=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMyMDE0OVwiOjE2NzAxNjU1MjIsXCIyMDcwNjhcIjoxNjcwMTY1NTIyfSxcImNhbXBhaWduc1wiOntcIjMxNjU5XCI6MTY3MDE2NTUyMixcIjMzNFwiOjE2NzAxNjU1MjJ9LFwidGltZVwiOjE2NzAxNjU1MjJ9In0.vFIxjAPqYzXx046lQR00u3LzJx19UbXBKu5HmUcT94s;Expires=Friday, 08-Nov-2075 05:44:04 GMT;Max-Age=1670251922;Path=/
_token=uuid_s8hnpa7a4ro4_s8hnpa7a4ro4638cb4128bb445.03378521;Expires=Wednesday, 04-Jan-2023 14:52:02 GMT;Max-Age=2678400;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgJB7EUh2C6eiRjJdAQeJGWkoP5BD521Rms2kBwBX2bVwKQ6lbBZ3B6agqxX0b8pEz%2FL6bfcCn%2BxLa5S8iWV3a694a2fOGHETmiGb8ajqQ7UYw%2BleNWi%2F%2FsHRJFmfiO05L8e"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77455d135ec4b506-OSL
alt-svc: h2=":443"; ma=60
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfb2c0697c6d9a96a5411dd2952947458 79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4 3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 651
Cache-Control: max-age=157806
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:52:02 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:42:08 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZAY5tl3OXiKdhdCSzU6VfXMfbyD5DKIUt2zd1OWt7tmoIQPidFJPOf9GlYMEnhLslFuWLVydXUaW4SlFVFvMGQ==
x-amz-request-id: XR53846W1CWHM1CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 14:47:01 GMT
age: 301
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 14:20:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1915
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 14:52:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashded9990a7a4f91c8eb5b2e958a4f99f3 f2debd5240183777c4b2d9deed633d13ec0a888f 5e7f8accd977a8e005a55d6e4a6538ed9e66e6430998f1ebec1a43ee89e325a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127997
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:52:02 GMT
Etag: "638c050f-118"
Expires: Tue, 06 Dec 2022 02:25:20 GMT
Last-Modified: Sun, 04 Dec 2022 02:25:19 GMT
Server: nginx
Content-Length: 280
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 14:08:58 GMT
cache-control: public,max-age=3600
age: 2585
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hashded9990a7a4f91c8eb5b2e958a4f99f3 f2debd5240183777c4b2d9deed633d13ec0a888f 5e7f8accd977a8e005a55d6e4a6538ed9e66e6430998f1ebec1a43ee89e325a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=127997
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:52:03 GMT
Etag: "638c050f-118"
Expires: Tue, 06 Dec 2022 02:25:21 GMT
Last-Modified: Sun, 04 Dec 2022 02:25:19 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash31b129c94a90b1e695b21395cb54e378 a3cae46b48d469cc61ab0581303bcd5f5b654db9 fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 596
Cache-Control: max-age=152683
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:52:03 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:16:46 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 54.202.70.174 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.202.70.174:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LAtGSrJhVuXvv1+syK9TcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2rYo/YkeciUJeiM7oFMo396Jcvk=
|
|
| m.luvmenow.com/click?offer_id=5246&pid=31423&ref_id=s8hnpa7a4ro9&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa7a4ro9&sub4=s8hnpa7a4ro4&sub5=frd&sub6=&sub7=&sub8=31659 | 104.21.11.83 | 302 Found | 0 B |
URL HTTP/2m.luvmenow.com/click?offer_id=5246&pid=31423&ref_id=s8hnpa7a4ro9&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa7a4ro9&sub4=s8hnpa7a4ro4&sub5=frd&sub6=&sub7=&sub8=31659 IP104.21.11.83:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?offer_id=5246&pid=31423&ref_id=s8hnpa7a4ro9&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa7a4ro9&sub4=s8hnpa7a4ro4&sub5=frd&sub6=&sub7=&sub8=31659 HTTP/1.1
Host: m.luvmenow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 04 Dec 2022 14:52:04 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=638cb4144676e700014cbf65; expires=Mon, 04 Dec 2023 14:52:04 GMT; secure; SameSite=None
afoffers={"5246":1670165524}; expires=Mon, 04 Dec 2023 14:52:04 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nB2dFqjwPHm25LZ4cSfsZsapjmnJATUEzPLByJzP3KyX4SL3hLFZDzlp2yxtABiAmCpU3h%2FeQPsgyTkUAzvlX5CLzosugImvACFLHgPjrV9Rk%2B0PLcgXnruHdW9OtHM6DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d18ad580b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6628
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 14:52:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6628
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 14:52:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6628
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 14:52:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.33.119.27 | 200 OK | 503 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6628
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 14:52:04 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash43309032a892c486f9985ef520df696e 36f4682ca6a33ff80ee02129c77e6f27e996ede0 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 61166
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg | 34.120.237.76 | 200 OK | 7.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc1a6f4805f59db44f9d3520d88701a58 6a0258e8c97ce09f1723382c8a16d9682b7dc50c ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:16:07 GMT
age: 27357
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2636f91bb8fa4d9bb7bef114c248a9ae 8637105f41058bc0d2b259d462b560881928adb6 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 61498
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdb1701b7b9d161a0c935bb6e10b17893 22a8c4bd58c729c1abcf794466e8f3231dfb034b b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 61157
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg | 34.120.237.76 | 200 OK | 4.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc01fe1cccdb3b672bbade6d98217ffe9 a9a529dc9894827f6243a1bf57f81caa4fe88fc2 c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 61683
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.20.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.20.226:0
Hashf5b695e3e21661b10ce6854be7368f84 83c2508b33f5f22871405dcd8e5b7870ce0a63a3 5a28633a29655d5f055d747c0eed937747396b0346aa9a30776eb368bfdaafd2
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 14:52:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Dec 2022 12:47:01 GMT
ETag: "83c2508b33f5f22871405dcd8e5b7870ce0a63a3"
Last-Modified: Sun, 04 Dec 2022 12:47:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77455d20bc6f1c12-OSL
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash14dcca2a9c4792d835ee709bcd947402 1d702df3a64258628f4124eafd580695f2d350af da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 26723
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423 | 54.154.42.150 | 302 Found | 269 B |
URL HTTP/1.1meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423 IP54.154.42.150:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash52b1d121489409f7372d6b361f8a9ee4 9339c4aeea80f08ce2f39900b508c38bb5e4d5aa 1a805cafa704e6c5fdbbedbd2a8fa751335763ac819b958477cbbdbee2405fb1
GET /?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423 HTTP/1.1
Host: meshho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 269
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 14:52:05 GMT
Location: https://fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423&ckmguid=a8b08455-002c-4897-ad52-0311ecf79289
Connection: close
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.20.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.20.226:0
Hasha8df74952cf5fe5a5d68209b75293df5 f3c85d00f51539949a737e6fdf081abd894c0429 2fe4040b513cd20d095a59db3a709a6a89bf1008750c4f58ef09a920fa45cc7b
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 14:52:05 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Dec 2022 12:47:03 GMT
ETag: "f3c85d00f51539949a737e6fdf081abd894c0429"
Last-Modified: Sun, 04 Dec 2022 12:47:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77455d2498141c12-OSL
|
|
| fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423&ckmguid=a8b08455-002c-4897-ad52-0311ecf79289 | 52.18.157.191 | 302 Found | 234 B |
URL HTTP/1.1fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423&ckmguid=a8b08455-002c-4897-ad52-0311ecf79289 IP52.18.157.191:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash9e5cd32e6b6a395ce58e30fdc3a915d2 cff070cade43efa495edf591befa54c3ddd833ba 3548e8fd097e9fa25d8e5d5d3d52869b33733228a71a879b986ecbc3822da176
GET /?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423&ckmguid=a8b08455-002c-4897-ad52-0311ecf79289 HTTP/1.1
Host: fordats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Found
Cache-Control: private
Content-Length: 234
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 14:52:05 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739010315&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=dYbDNf4RDndlQf0lAaaYSGH0sHnQVqZZErhIxgUrF2aHU5k8IUkCoQ==; domain=.fordats.com; path=/; HttpOnly
trk=cADglnMtAuuQjqE6+i2h5GH0sHnQVqZZErhIxgUrF2aHU5k8IUkCoQ==; domain=.fordats.com; expires=Wed, 04-Dec-2024 14:52:05 GMT; path=/; HttpOnly
c36197=dYbDNf4RDnfLC+2euPXRMfbAecbQcq9wUxWki/+BvdheCUghiDE1Zg==; domain=.fordats.com; expires=Tue, 03-Jan-2023 14:52:05 GMT; path=/; HttpOnly
Connection: close
|
|
| bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739010315&source=16295&sum= | 18.193.146.82 | 302 Found | 0 B |
URL HTTP/2bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739010315&source=16295&sum= IP18.193.146.82:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739010315&source=16295&sum= HTTP/1.1
Host: bl.trackham.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 04 Dec 2022 14:52:06 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=QHLU7uqwPL9FVCBvR9Rpm8B6sYBRmjPKuhQN8nBsPWQ; Max-Age=86400; Expires=Mon, 05-Dec-2022 14:52:06 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=cqX8VXti6s-0g3S7GgMcmMg_U5QaO251WbeYfS3-sPOU1CkOEBOQu2BRxXb_QjB4qRlUqVjPkUB9CnyTSgyZWG5uBbYizz6Sn6aDTGGAisfEf5i_9az8YhuksYzJe-b2xpeES29hpr85lRCi18RJZdgtLDG5IL2-J72w1jak9sYo9kDENuJ5qAmcK8mmSuLvxAsNijj_6pUmF7rGg7ikvD1EYkisSf9Q4HDclbNvxM35ec_yFLYMFs74gI08SO2_RKVaTMD1AjKvIWNkIxHNF5695PtQKCnHOSbq5c7GDjow8UodegEMWDZEERYbkPrTDK9a7dGP367ToIyC0tBpXJ31uayxkK9-a6j5Atyx9M1ufx6bTR4-6gK2kdZ9iASB0jTuHWQteyCa2BCxPIrlbw; Max-Age=86400; Expires=Mon, 05-Dec-2022 14:52:06 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY | 142.250.74.131 | 200 OK | 472 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/Dt6OUty8wSY IP142.250.74.131:0
Hash3c8438da05d216f73316d117af5081a4 f1cb85c22cfeadb10afc136ae95c4ae3b3dfbbb2 e755abff6cb64075930d0c73d465ab7ee6a7c34286aa65b3190a6ce5af788e87
POST /s/gts1p5/Dt6OUty8wSY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:52:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| mycasualhookups.com/sl/html/EN3/css/style.css | 104.26.12.87 | 200 OK | 2.9 kB |
URL HTTP/2mycasualhookups.com/sl/html/EN3/css/style.css IP104.26.12.87:0
File typeASCII text, with very long lines (9493), with no line terminators Hash20907cc59d1c49f85686438350b207d4 ae0d38c2450f0b44c214cbde556a4624f76b9175 38550ecb81761260bea348bb561b731f7ab02b9ae9650f911511b5cacfa65588
GET /sl/html/EN3/css/style.css HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: text/css
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=13343
expires: Mon, 05 Dec 2022 00:10:00 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 52926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCXOBCyrPiCr1Q9qUgXAE%2B88BsusBgSKi%2BVgv8yRpPi2HbHrZsWKATBvQzXAyxR59vIrcr5ZExMAUm2pejOIqvGAZe2Q%2FXCnI%2B9uDkeXTOGzyTMoqzTXnIZPogTVfqwJiGSQjII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ecfb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js | 104.26.12.87 | 200 OK | 8.1 kB |
URL HTTP/2mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js IP104.26.12.87:0
File typeUnicode text, UTF-8 text, with very long lines (23122) Hash28410807b96d2f629677d066fcb9b3b8 e90f690c90c4a66b8892bbd825ce0adc46932ffe a065ffa224ae045bf6948d46a1e85f0230f0a8e021c1a7dd9e76ff8182c40345
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLQxC2ooYNrE3fA20Cs5QKgljKlp4Y2c9vFhpFgkvMBeduIcCurK%2Bzfbi2WThXC2iW2AglEhWmCuAXyzqK5YHl2bf7kiw0k5wz2wzG3q1xClBtwRZgIUxxwCTYOMq%2BPVk7njCsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed4b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashd046c2b727b27f3a70cad73960cb5c5d 5404965fe26cd6c29d4150bebf6da5f37d4c5116 dbcfe264c2837f2b2fca656e315046e001b2de53be72454baee5605f657cdc0c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2586
Cache-Control: max-age=151823
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:52:07 GMT
Etag: "638c580c-117"
Expires: Tue, 06 Dec 2022 09:02:30 GMT
Last-Modified: Sun, 04 Dec 2022 08:19:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashd046c2b727b27f3a70cad73960cb5c5d 5404965fe26cd6c29d4150bebf6da5f37d4c5116 dbcfe264c2837f2b2fca656e315046e001b2de53be72454baee5605f657cdc0c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2586
Cache-Control: max-age=151823
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:52:07 GMT
Etag: "638c580c-117"
Expires: Tue, 06 Dec 2022 09:02:30 GMT
Last-Modified: Sun, 04 Dec 2022 08:19:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
|
|
| mycasualhookups.com/sl/html/EN3/js/config.js | 104.26.12.87 | 200 OK | 188 B |
URL HTTP/2mycasualhookups.com/sl/html/EN3/js/config.js IP104.26.12.87:0
File typeASCII text, with very long lines (332) Hash298c230a596f6b51b5f8a319f415a743 e1fd90391e96c07fc52deefba5d6543fffe15eb1 5477da8f788bb3f959391f7c8d31c23bbd82347c48730b5026d1cb8f2eeae27b
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/html/EN3/js/config.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Sun, 04 Dec 2022 22:12:50 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:26:18 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 59956
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wI2n3E%2FQeiT9EDj0VwDGCdSLU9cZ6UbXX6OI92bN5lRIKs%2Brf2tm%2Fu20tPKW9gZYkzMU4MOjOU3tDOEO4G6xDta1d%2FeoxQeiWA2KV77WPiWBugiPVTNTTc69jN7nPieGTNTWHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7edbb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashd046c2b727b27f3a70cad73960cb5c5d 5404965fe26cd6c29d4150bebf6da5f37d4c5116 dbcfe264c2837f2b2fca656e315046e001b2de53be72454baee5605f657cdc0c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2586
Cache-Control: max-age=151823
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:52:07 GMT
Etag: "638c580c-117"
Expires: Tue, 06 Dec 2022 09:02:30 GMT
Last-Modified: Sun, 04 Dec 2022 08:19:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
|
|
| mycasualhookups.com/sl/common/js/main.js?1670165526 | 104.26.12.87 | 200 OK | 210 kB |
URL HTTP/2mycasualhookups.com/sl/common/js/main.js?1670165526 IP104.26.12.87:0
Size210 kB (210387 bytes) Hash0a8bba4f4f94c6673eb05e277e98e94c 1f3a33e50df15b61f6df9f6f8d76e2b984c7144b 7da3edf657c879969dea32d438d7e7c0bbed08b8d40a077f6d1ef4ec18d45104
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/common/js/main.js?1670165526 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:07 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 14:52:07 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2DP5AvnzPjqmBPcXBts%2FmzfOlEfoB8lJ1x8YG9lq%2Fl3aLQdGQ%2BoY9NThEcIsibYT2Tpy2rfho%2FbT6VJrSWgTNgczOWS3CQNh4Cchw9wRwWTl0zSNv0in%2Fw7RkvCIOtBrDwo6Uw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ee0b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/EN3/images/m3.jpg | 104.26.12.87 | 200 OK | 21 kB |
URL HTTP/2mycasualhookups.com/sl/html/EN3/images/m3.jpg IP104.26.12.87:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x400, components 3\012- data Hashc698f5bab1daf1f3745ff2b31e4b5dc3 a175e04604ee3fd474d9818f52f193ff3e7784a0 672edb2ed70499efa3d65fc0eead7f24337897b874228c230c78c334c3ac0cb4
GET /sl/html/EN3/images/m3.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:07 GMT
content-type: image/jpeg
content-length: 20890
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:10:05 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 52922
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3BHarzS2LUB3EQDqTQZvQ5a8jl4ATNqvgjzPwdWBwdDbAyJYxOSg4cQDXYpBQ5YWldBEAXHuOLthwtWNKtjbCZjs2swZDVCTFaNx2X%2BR7XehOIRhL6m0kJ4MqEKk4iuM%2B04zEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77455d322c09b4f4-OSL
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/EN3/js/functions.js | 104.26.12.87 | 200 OK | 153 kB |
URL HTTP/2mycasualhookups.com/sl/html/EN3/js/functions.js IP104.26.12.87:0
File typeASCII text, with very long lines (11875) Size153 kB (153156 bytes) Hash5a9c49534cfb8362d8aa6590f01af9f7 603d57cd5316f01b389f9f2a3d177cf677542787 8bd41f1a7a990d8992885974a92adda4017df5208a462f1c6a4cbb16a3b3ca24
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/html/EN3/js/functions.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=52042
expires: Sun, 04 Dec 2022 22:12:51 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 59955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koNW3HAXVRLK7aXGCAx22FUncLKLcgPka0UMFOisfkLyATwckSt%2F6jXDYSbN5Gj1y5dT1je5jbNniAcfG1Sm%2B0iQYKKxXY1e04X0iGtqR%2FhQoYxV7oaPnRLFtN9%2BZq6wFn94tb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ee2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/EN3/images/m1.jpg | 104.26.12.87 | 200 OK | 199 kB |
URL HTTP/2mycasualhookups.com/sl/html/EN3/images/m1.jpg IP104.26.12.87:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x829, components 3\012- data Size199 kB (199421 bytes) Hash6e93b97d9d9f1ce77eda101b7e7cecb9 d05111c47a268204ce75b03bef4bb4e04ff9a8c8 e0eac4580020331eaa31dc1ff731b92baf5cbb76db453b3e54ff912cd5aba0b7
GET /sl/html/EN3/images/m1.jpg HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:07 GMT
content-type: image/jpeg
content-length: 199421
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:10:05 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 52922
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exXshx8jZSEe6zcRg4hUdPlNUka4ju%2BRIVXNlNqAU%2FSLcF9AblfZqhUAgfpp5Zjp28%2BIsXkZ0pP495ZtDMrZBrC5BzkFGaETlbG%2FicTLRL0jIq2%2F%2F%2BCgXYxjqHbreLDkmmRiTPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77455d322c03b4f4-OSL
X-Firefox-Spdy: h2
|
|
| subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b | 172.64.162.28 | 204 No Content | 0 B |
URL HTTP/2subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b IP172.64.162.28:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 14:52:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fxli5C2EqCUw%2B5aXn725uVcd0q%2B9L7q0nEnATAaCuCcmsIhuQOCwoiWR0RWUuWA5E4jKotMa8YPVAVgyHuGtxa4OMdVaVGBD%2FBDlTK0P3YyJqVSOn4LARFDdqXW5uIIP%2B2MtCyKur2Ue"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d335a580682-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b | 172.64.162.28 | 200 OK | 5 B |
URL HTTP/2subscribe.api-push.com/subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b IP172.64.162.28:0
File typeASCII text, with no line terminators Hash68934a3e9455fa72420237eb05902327 7cb6efb98ba5972a9b5090dc2e517fe14d12cb04 fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1
Host: subscribe.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:07 GMT
content-type: application/json; charset=utf-8
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzSS%2FooM90nKEStgNcBhLXA0Aezludn9gbyjQyDbBfrk10o6BYUNgaaN4vHhybwRlNVV49eWmmmhdUgFR4HxhDikAkfPO9RlVIqOXw%2FZPGPKHJVQ9GAY9PpCSl%2BTob6UDtAxZp6KNcpm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d343bc80682-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashadbe1ddce89059b54473bdfaa2544ac0 4ee6f50f8a8e1706b0c29151c5bd6abd267ad47f 77bf315dfca58e7b0004587fab89ac4cc9e574cf0ce5b87e1e02c4ef07a98621
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 14:52:08 GMT
Etag: "638b5250-117"
Last-Modified: Sun, 04 Dec 2022 13:32:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279
|
|
| cdnjam.com/cdn/sdialog.min.css?_=4 | 188.114.96.1 | 200 OK | 1.6 kB |
URL HTTP/2cdnjam.com/cdn/sdialog.min.css?_=4 IP188.114.96.1:0
File typeASCII text, with very long lines (6775) Hash2a0c146592842de336e7f1bfb7766117 f6c330aa79225167fa3193a3e6915cea0cbb7b30 399d0f65959a6e5e49c77d772a5aa93e5943e48470d3bf974f3a604e859c7a98
GET /cdn/sdialog.min.css?_=4 HTTP/1.1
Host: cdnjam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:08 GMT
content-type: text/css
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 6810
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FKDT4lRAWP2qwJfmP0RYsG0nAQTyhhziIAuiH%2BeIwCxJQtbEh4bhjp2RkkBGrOzknYyps%2BujU0uE5O5MCu%2BqdUhqLwxMEn19Zct0%2BX7Gd9CL13RLVPtZKufeANn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d3bac68b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha6e7b32ac999cf3c899a234c621fa91a fc5d4f3163ebb9faf85968cbb1d194e8e68418be f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 61330
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| app.api-push.com/get-keys | 172.64.162.28 | 200 OK | 0 B |
URL HTTP/2app.api-push.com/get-keys IP172.64.162.28:0
POST /get-keys HTTP/1.1
Host: app.api-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:07 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2%2F4VMI1RPORFXJkPUJ9g9i7WJHJok25t1N%2FN6V3lCEaCktE%2FQ3eXiKar816068TD8GPFqWUuo0tVQwamPXNUgyIZkLas4apeDp1%2F4gzeZMgQ3Bp7I1KNvO4DjodPForKLH4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d317fc60682-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/cookies-policy.html | 104.26.12.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/cookies-policy.html IP104.26.12.87:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/common/cookies-policy.html HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:07 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Sun, 04 Dec 2022 14:57:07 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nZDobIEqUFRg%2BTm%2FfLDLi5RqqP7eUV%2FO%2BjIyAaisUK0y%2FzkwKgzm0%2F69qrADeF75N%2B93Yy6i0vrFUQeD6FLGe12DdwomSnWW53gv0v%2FwMF3lYYzDAY0KZ72Gjo4Hs1nSrE0Gco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d321bf7b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js | 104.26.12.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js IP104.26.12.87:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnA%2Fkrmo3OWPL9DZJltFOzYR%2BnDIgY84PUUidzgnfliUNxd22SsDB8MBZ3BtwVfrPfw%2F2q2WpdSioHEzRkPPL6NRRGSYSQkiV4sD%2FXJzZyMWZn6WydpBQLWm%2BIvsPK8SfRdxE5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed3b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdn-dt.fcdn.info/swpush.min.js | 104.21.234.86 | 200 OK | 0 B |
URL HTTP/2cdn-dt.fcdn.info/swpush.min.js IP104.21.234.86:0
GET /swpush.min.js HTTP/1.1
Host: cdn-dt.fcdn.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: application/javascript
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 964583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2F3U8KlNbz5IGWcNGvszMTVdKtuOg7xd65U7%2Fy2WfmxX1n7oq0PXBVyKEwcu1zlrHitn6E37pl9jVzUlTWbCB4saVClJslwdx3Za0LG%2BVkc9Gh80%2BzoYOXa49UD%2F98dPVU5a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77455d2f7c6ce624-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/favicon.ico | 104.26.12.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/favicon.ico IP104.26.12.87:0
GET /sl/common/favicon.ico HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:07 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5811005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnnaUhT01IeZ9i616yzLW8Di%2BmLMZo8TdYe%2FqLbQo3ApLuVtrKE%2BTze49iAWiu3WQPcZULyRt0QwxSmzlCHNKnbXjZ5mHon13gSkyxaT%2B%2Fah2oXC6Laf%2FHucQi9CCatiJtyJr2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77455d328ca0b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| makeyourwet.com/yrbPvQjh?s1=s8hnpa7a4ro4&tag=31659&s2=frd | 104.21.17.109 | 302 Found | 0 B |
URL HTTP/2makeyourwet.com/yrbPvQjh?s1=s8hnpa7a4ro4&tag=31659&s2=frd IP104.21.17.109:0
GET /yrbPvQjh?s1=s8hnpa7a4ro4&tag=31659&s2=frd HTTP/1.1
Host: makeyourwet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 04 Dec 2022 14:52:03 GMT
content-type: text/html; charset=UTF-8
location: https://m.luvmenow.com/click?offer_id=5246&pid=31423&ref_id=s8hnpa7a4ro9&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa7a4ro9&sub4=s8hnpa7a4ro4&sub5=frd&sub6=&sub7=&sub8=31659
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Sun, 04 Dec 2022 14:52:03 GMT
pragma: no-cache
set-cookie: _subid=s8hnpa7a4ro9;Expires=Wednesday, 04-Jan-2023 14:52:03 GMT;Max-Age=2678400;Path=/
_token=uuid_s8hnpa7a4ro9_s8hnpa7a4ro9638cb4132bfbc0.13164435;Expires=Wednesday, 04-Jan-2023 14:52:03 GMT;Max-Age=2678400;Path=/
9bf24=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI5MDk1MFwiOjE2NzAxNjU1MjN9LFwiY2FtcGFpZ25zXCI6e1wiMjg1NzVcIjoxNjcwMTY1NTIzfSxcInRpbWVcIjoxNjcwMTY1NTIzfSJ9.V5gX4WqzBRBVU81c-cjUbrr6s9myCnfjRrYqovqVbWI;Expires=Friday, 08-Nov-2075 05:44:06 GMT;Max-Age=1670251923;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbBdutaM36ti5vSDZeGdRKxXHP3iCwvcwNzOPfTgn20z2TSWa9snqth8CL0eIlj0%2FPVlj8Q%2F%2BuDmSyJGRwaKMidjUtx%2FJyx5xKB89MLvVgT2LIWKr84e98bmYAcZChBcwyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d17293db509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum= | 104.26.12.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum= IP104.26.12.87:0
GET /sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum= HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=300
expires: Sun, 04 Dec 2022 14:57:06 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqBxDWlElYQhIvfa5uMRJ1QEqGMvkD2dUPKcd2kZfz3KOi%2BzLofaMfFIsFDRb%2FU84JuJKHpKBx8CXCfesS296czJuYZhnDzRMCHvHsJE5G1ixg1h9haEJoELndW2xacAh3%2BeUiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2a88b0b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/css/style.css?1670165526 | 104.26.12.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/css/style.css?1670165526 IP104.26.12.87:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/common/css/style.css?1670165526 HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:07 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 14:52:07 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaLBBZkwGgisnNokFc4o3hEtd0Cx3bfVzBPdc00BpnmFR%2Bfs%2BseFCVjtxtTOBx0T0r4T%2B5vnzbQE6IUsuxqlx%2FxoR18xgoBSHc%2BJc6iMs4H%2BLf7e59oWISpG9npUcVUXLBZy5cw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/js/lib/additional-methods.min.js | 104.26.12.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/js/lib/additional-methods.min.js IP104.26.12.87:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQPoVWI2IETT%2BzTOFlm2tQX2UoHXTGLzZej7LfzHGE7KSO6WoafdnF4KVJcwe9BynCH7ntHqxfMRJ%2FDOB1tGQFr0PNAVNFQTyP3CSQ1W0pF4XNwQQNXPS%2BmJV9XBFLSQtjUbVUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed7b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/html/EN3/js/langs.js | 104.26.12.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/html/EN3/js/langs.js IP104.26.12.87:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/html/EN3/js/langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=38889
expires: Sun, 04 Dec 2022 22:12:50 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 59956
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCY3ySN9GrZ4Ljdcg54dQjLMJtzBwfoRXu8OvhlPAhWyfM0fi2yNs3flTPbEuH2UMWjPEDpyQer8VPUbvMKtdnehkg5KZhIwlL%2BvftO5FycrajYZC1X33vyG1RuisN0iIRpxTiE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed8b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| mycasualhookups.com/sl/common/js/common-langs.js | 104.26.12.87 | 200 OK | 0 B |
URL HTTP/2mycasualhookups.com/sl/common/js/common-langs.js IP104.26.12.87:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sl/common/js/common-langs.js HTTP/1.1
Host: mycasualhookups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 14:52:06 GMT
content-type: application/javascript
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sun, 04 Dec 2022 17:27:27 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdZAa5FrRPx9vA42sS6JXuYkUSukiBHkvEG1tItr%2FJY3Xf5FtuFEuPUFuuOpv9uP5jHw1SYjeb8QF6Wr%2B2Qa%2FxQDBYPKiRCGr9aeD5xT4joezQ6So18tyLpo1c2lYBPDicxs%2B4k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7edfb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|