Overview

URLkissmeslowly.com/LqdPDHT6?dir=cam
IP 104.21.20.87 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 14:52:14 UTC
StatusLoading report..
IDS alerts0
Blocklist alert11
urlquery alerts No alerts detected
Tags None

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 kissmeslowly.com/LqdPDHT6?dir=cam Phishing
2022-12-04 2 mycasualhookups.com/sl/common/js/lib/jquery.validate.min.js Phishing
2022-12-04 2 mycasualhookups.com/sl/html/EN3/js/config.js Phishing
2022-12-04 2 mycasualhookups.com/sl/common/js/main.js?1670165526 Phishing
2022-12-04 2 mycasualhookups.com/sl/html/EN3/js/functions.js Phishing
2022-12-04 2 mycasualhookups.com/sl/common/cookies-policy.html Phishing
2022-12-04 2 mycasualhookups.com/sl/common/js/lib/jquery-3.3.1.min.js Phishing
2022-12-04 2 mycasualhookups.com/sl/common/css/style.css?1670165526 Phishing
2022-12-04 2 mycasualhookups.com/sl/common/js/lib/additional-methods.min.js Phishing
2022-12-04 2 mycasualhookups.com/sl/html/EN3/js/langs.js Phishing
2022-12-04 2 mycasualhookups.com/sl/common/js/common-langs.js Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 104.21.20.87
Date UQ / IDS / BL URL IP
2023-01-08 18:55:06 +0000 0 - 0 - 14 kissmeslowly.com/g7v2dHmL 104.21.20.87
2022-12-04 14:52:14 +0000 0 - 0 - 11 kissmeslowly.com/LqdPDHT6?dir=cam 104.21.20.87
2022-11-30 04:14:00 +0000 0 - 0 - 4 kissmeslowly.com/BjrdmNc8?dir=main&s1=w2keerl (...) 104.21.20.87
2022-09-30 21:30:55 +0000 0 - 0 - 2 visapropagate.cn/usps/tb.php?uz=xg1664573224904 104.21.20.87


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-01 15:43:10 +0000 0 - 2 - 1 insideslot.top/ 104.21.46.54
2023-02-01 15:42:14 +0000 0 - 7 - 0 ouo.io/hiJG4P 172.67.6.151
2023-02-01 15:41:36 +0000 0 - 0 - 7 auth.mein-verfahrensdokumentation.shop/H0Eg95fL/ 172.67.141.9
2023-02-01 15:41:23 +0000 0 - 4 - 0 congtachidideapr.tk/ 104.21.7.233
2023-02-01 15:40:50 +0000 0 - 6 - 0 taxbandits.com/?utm_campaign=0fdb01645d-TBS_1 (...) 104.18.28.59


Last 5 reports on domain: kissmeslowly.com
Date UQ / IDS / BL URL IP
2023-01-30 05:21:25 +0000 0 - 0 - 10 kissmeslowly.com/sWxQwTdZ 172.67.192.4
2023-01-08 18:55:06 +0000 0 - 0 - 14 kissmeslowly.com/g7v2dHmL 104.21.20.87
2023-01-01 00:21:22 +0000 0 - 0 - 11 kissmeslowly.com/ 172.67.192.4
2022-12-09 19:53:46 +0000 0 - 0 - 13 kissmeslowly.com/?_lp=1&_token=uuid_a2ehg47b7 (...) 172.67.192.4
2022-12-04 14:52:14 +0000 0 - 0 - 11 kissmeslowly.com/LqdPDHT6?dir=cam 104.21.20.87


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-30 05:21:25 +0000 0 - 0 - 10 kissmeslowly.com/sWxQwTdZ 172.67.192.4
2023-01-29 14:33:35 +0000 0 - 0 - 9 apexhosting.us/ 212.32.237.91
2023-01-29 08:33:48 +0000 0 - 0 - 10 m.luvmenow.com/click?pid=34496&offer_id=5246& (...) 172.67.165.172
2023-01-29 05:56:07 +0000 0 - 0 - 13 reservation.travelaffiliatepro.com/hotel/deta (...) 69.16.231.56
2023-01-29 03:01:12 +0000 0 - 0 - 11 toomoffr.com/?a=16295&c=43694&p=r&s1=&s2=a_63 (...) 52.51.210.211

JavaScript

Executed Scripts (13)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (55)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16990
Expires: Sun, 04 Dec 2022 19:35:12 GMT
Date: Sun, 04 Dec 2022 14:52:02 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18022
Expires: Sun, 04 Dec 2022 19:52:24 GMT
Date: Sun, 04 Dec 2022 14:52:02 GMT
Connection: keep-alive

                                        
                                            GET /LqdPDHT6?dir=cam HTTP/1.1 
Host: kissmeslowly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.192.4
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 14:52:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Sun, 04 Dec 2022 14:52:02 GMT
Location: https://makeyourwet.com/yrbPvQjh?s1=s8hnpa7a4ro4&tag=31659&s2=frd
Pragma: no-cache
Set-Cookie: _subid=s8hnpa7a4ro4;Expires=Wednesday, 04-Jan-2023 14:52:02 GMT;Max-Age=2678400;Path=/ 9bf24=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMyMDE0OVwiOjE2NzAxNjU1MjIsXCIyMDcwNjhcIjoxNjcwMTY1NTIyfSxcImNhbXBhaWduc1wiOntcIjMxNjU5XCI6MTY3MDE2NTUyMixcIjMzNFwiOjE2NzAxNjU1MjJ9LFwidGltZVwiOjE2NzAxNjU1MjJ9In0.vFIxjAPqYzXx046lQR00u3LzJx19UbXBKu5HmUcT94s;Expires=Friday, 08-Nov-2075 05:44:04 GMT;Max-Age=1670251922;Path=/ _token=uuid_s8hnpa7a4ro4_s8hnpa7a4ro4638cb4128bb445.03378521;Expires=Wednesday, 04-Jan-2023 14:52:02 GMT;Max-Age=2678400;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hgJB7EUh2C6eiRjJdAQeJGWkoP5BD521Rms2kBwBX2bVwKQ6lbBZ3B6agqxX0b8pEz%2FL6bfcCn%2BxLa5S8iWV3a694a2fOGHETmiGb8ajqQ7UYw%2BleNWi%2F%2FsHRJFmfiO05L8e"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77455d135ec4b506-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 651
Cache-Control: max-age=157806
Date: Sun, 04 Dec 2022 14:52:02 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:42:08 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ZAY5tl3OXiKdhdCSzU6VfXMfbyD5DKIUt2zd1OWt7tmoIQPidFJPOf9GlYMEnhLslFuWLVydXUaW4SlFVFvMGQ==
x-amz-request-id: XR53846W1CWHM1CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 14:47:01 GMT
age: 301
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 14:20:07 GMT
cache-control: public,max-age=3600
age: 1915
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 14:52:02 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=127997
Date: Sun, 04 Dec 2022 14:52:02 GMT
Etag: "638c050f-118"
Expires: Tue, 06 Dec 2022 02:25:20 GMT
Last-Modified: Sun, 04 Dec 2022 02:25:19 GMT
Server: nginx
Content-Length: 280

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 14:08:58 GMT
cache-control: public,max-age=3600
age: 2585
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=127997
Date: Sun, 04 Dec 2022 14:52:03 GMT
Etag: "638c050f-118"
Expires: Tue, 06 Dec 2022 02:25:21 GMT
Last-Modified: Sun, 04 Dec 2022 02:25:19 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 596
Cache-Control: max-age=152683
Date: Sun, 04 Dec 2022 14:52:03 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:16:46 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LAtGSrJhVuXvv1+syK9TcQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.202.70.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2rYo/YkeciUJeiM7oFMo396Jcvk=

                                        
                                            GET /click?offer_id=5246&pid=31423&ref_id=s8hnpa7a4ro9&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa7a4ro9&sub4=s8hnpa7a4ro4&sub5=frd&sub6=&sub7=&sub8=31659 HTTP/1.1 
Host: m.luvmenow.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.11.83
HTTP/2 302 Found
                                        
date: Sun, 04 Dec 2022 14:52:04 GMT
content-length: 0
location: https://meshho.com/?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=638cb4144676e700014cbf65; expires=Mon, 04 Dec 2023 14:52:04 GMT; secure; SameSite=None afoffers={"5246":1670165524}; expires=Mon, 04 Dec 2023 14:52:04 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nB2dFqjwPHm25LZ4cSfsZsapjmnJATUEzPLByJzP3KyX4SL3hLFZDzlp2yxtABiAmCpU3h%2FeQPsgyTkUAzvlX5CLzosugImvACFLHgPjrV9Rk%2B0PLcgXnruHdW9OtHM6DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d18ad580b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6628
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 14:52:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6628
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 14:52:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6628
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 14:52:04 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6628
Expires: Sun, 04 Dec 2022 16:42:32 GMT
Date: Sun, 04 Dec 2022 14:52:04 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 61166
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F826f887d-ca78-40db-9b7d-6c693667c155.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7503
x-amzn-requestid: a4120308-c51e-4cff-99c2-90e86018b05d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgZjCGkVIAMFpsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a2e0-6fdf362a6d32449239476155;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:01:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dy619jlSTwCjwDhGuLmwTMcmuYj1Kg2oLA7xORyAYX8IHWimhNo6pw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:16:07 GMT
age: 27357
etag: "6a0258e8c97ce09f1723382c8a16d9682b7dc50c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7503
Md5:    c1a6f4805f59db44f9d3520d88701a58
Sha1:   6a0258e8c97ce09f1723382c8a16d9682b7dc50c
Sha256: ae120df5e96352c6998c24c69c709dfd2b01a7ff8a7b935d496757fd7661f2f5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 61498
etag: "8637105f41058bc0d2b259d462b560881928adb6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10431
Md5:    2636f91bb8fa4d9bb7bef114c248a9ae
Sha1:   8637105f41058bc0d2b259d462b560881928adb6
Sha256: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 61157
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8315
Md5:    db1701b7b9d161a0c935bb6e10b17893
Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b
Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 61683
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 14:52:04 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Dec 2022 12:47:01 GMT
ETag: "83c2508b33f5f22871405dcd8e5b7870ce0a63a3"
Last-Modified: Sun, 04 Dec 2022 12:47:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77455d20bc6f1c12-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    f5b695e3e21661b10ce6854be7368f84
Sha1:   83c2508b33f5f22871405dcd8e5b7870ce0a63a3
Sha256: 5a28633a29655d5f055d747c0eed937747396b0346aa9a30776eb368bfdaafd2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 26723
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            GET /?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423 HTTP/1.1 
Host: meshho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         54.154.42.150
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Content-Length: 269
Date: Sun, 04 Dec 2022 14:52:05 GMT
Location: https://fordats.com/?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423&ckmguid=a8b08455-002c-4897-ad52-0311ecf79289
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   269
Md5:    52b1d121489409f7372d6b361f8a9ee4
Sha1:   9339c4aeea80f08ce2f39900b508c38bb5e4d5aa
Sha256: 1a805cafa704e6c5fdbbedbd2a8fa751335763ac819b958477cbbdbee2405fb1
                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 14:52:05 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 08 Dec 2022 12:47:03 GMT
ETag: "f3c85d00f51539949a737e6fdf081abd894c0429"
Last-Modified: Sun, 04 Dec 2022 12:47:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77455d2498141c12-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    a8df74952cf5fe5a5d68209b75293df5
Sha1:   f3c85d00f51539949a737e6fdf081abd894c0429
Sha256: 2fe4040b513cd20d095a59db3a709a6a89bf1008750c4f58ef09a920fa45cc7b
                                        
                                            GET /?a=16295&c=43694&p=r&s1=&s2=a_638cb4144676e700014cbf65&s4=31423&ckmguid=a8b08455-002c-4897-ad52-0311ecf79289 HTTP/1.1 
Host: fordats.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         52.18.157.191
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Cache-Control: private
Content-Length: 234
Date: Sun, 04 Dec 2022 14:52:05 GMT
Location: https://bl.trackham.com/f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739010315&source=16295&sum=#p#
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sid=dYbDNf4RDndlQf0lAaaYSGH0sHnQVqZZErhIxgUrF2aHU5k8IUkCoQ==; domain=.fordats.com; path=/; HttpOnly trk=cADglnMtAuuQjqE6+i2h5GH0sHnQVqZZErhIxgUrF2aHU5k8IUkCoQ==; domain=.fordats.com; expires=Wed, 04-Dec-2024 14:52:05 GMT; path=/; HttpOnly c36197=dYbDNf4RDnfLC+2euPXRMfbAecbQcq9wUxWki/+BvdheCUghiDE1Zg==; domain=.fordats.com; expires=Tue, 03-Jan-2023 14:52:05 GMT; path=/; HttpOnly
Connection: close


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   234
Md5:    9e5cd32e6b6a395ce58e30fdc3a915d2
Sha1:   cff070cade43efa495edf591befa54c3ddd833ba
Sha256: 3548e8fd097e9fa25d8e5d5d3d52869b33733228a71a879b986ecbc3822da176
                                        
                                            GET /f9908105-7257-45be-97c0-9990466cb2a4?external_id=36197-739010315&source=16295&sum= HTTP/1.1 
Host: bl.trackham.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         18.193.146.82
HTTP/2 302 Found
                                        
server: nginx
date: Sun, 04 Dec 2022 14:52:06 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://mycasualhookups.com/sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum=
pragma: no-cache
set-cookie: f9908105-7257-45be-97c0-9990466cb2a4-v4=QHLU7uqwPL9FVCBvR9Rpm8B6sYBRmjPKuhQN8nBsPWQ; Max-Age=86400; Expires=Mon, 05-Dec-2022 14:52:06 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None cep-v4=cqX8VXti6s-0g3S7GgMcmMg_U5QaO251WbeYfS3-sPOU1CkOEBOQu2BRxXb_QjB4qRlUqVjPkUB9CnyTSgyZWG5uBbYizz6Sn6aDTGGAisfEf5i_9az8YhuksYzJe-b2xpeES29hpr85lRCi18RJZdgtLDG5IL2-J72w1jak9sYo9kDENuJ5qAmcK8mmSuLvxAsNijj_6pUmF7rGg7ikvD1EYkisSf9Q4HDclbNvxM35ec_yFLYMFs74gI08SO2_RKVaTMD1AjKvIWNkIxHNF5695PtQKCnHOSbq5c7GDjow8UodegEMWDZEERYbkPrTDK9a7dGP367ToIyC0tBpXJ31uayxkK9-a6j5Atyx9M1ufx6bTR4-6gK2kdZ9iASB0jTuHWQteyCa2BCxPIrlbw; Max-Age=86400; Expires=Mon, 05-Dec-2022 14:52:06 GMT; Domain=bl.trackham.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

                                        
                                            POST /s/gts1p5/Dt6OUty8wSY HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 14:52:06 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sl/html/EN3/css/style.css HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=13343
expires: Mon, 05 Dec 2022 00:10:00 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 52926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LCXOBCyrPiCr1Q9qUgXAE%2B88BsusBgSKi%2BVgv8yRpPi2HbHrZsWKATBvQzXAyxR59vIrcr5ZExMAUm2pejOIqvGAZe2Q%2FXCnI%2B9uDkeXTOGzyTMoqzTXnIZPogTVfqwJiGSQjII%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ecfb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9493), with no line terminators
Size:   2914
Md5:    20907cc59d1c49f85686438350b207d4
Sha1:   ae0d38c2450f0b44c214cbde556a4624f76b9175
Sha256: 38550ecb81761260bea348bb561b731f7ab02b9ae9650f911511b5cacfa65588
                                        
                                            GET /sl/common/js/lib/jquery.validate.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLQxC2ooYNrE3fA20Cs5QKgljKlp4Y2c9vFhpFgkvMBeduIcCurK%2Bzfbi2WThXC2iW2AglEhWmCuAXyzqK5YHl2bf7kiw0k5wz2wzG3q1xClBtwRZgIUxxwCTYOMq%2BPVk7njCsA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed4b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (23122)
Size:   8095
Md5:    28410807b96d2f629677d066fcb9b3b8
Sha1:   e90f690c90c4a66b8892bbd825ce0adc46932ffe
Sha256: a065ffa224ae045bf6948d46a1e85f0230f0a8e021c1a7dd9e76ff8182c40345

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2586
Cache-Control: max-age=151823
Date: Sun, 04 Dec 2022 14:52:07 GMT
Etag: "638c580c-117"
Expires: Tue, 06 Dec 2022 09:02:30 GMT
Last-Modified: Sun, 04 Dec 2022 08:19:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2586
Cache-Control: max-age=151823
Date: Sun, 04 Dec 2022 14:52:07 GMT
Etag: "638c580c-117"
Expires: Tue, 06 Dec 2022 09:02:30 GMT
Last-Modified: Sun, 04 Dec 2022 08:19:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /sl/html/EN3/js/config.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=701
expires: Sun, 04 Dec 2022 22:12:50 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Tue, 27 Sep 2022 14:26:18 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 59956
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wI2n3E%2FQeiT9EDj0VwDGCdSLU9cZ6UbXX6OI92bN5lRIKs%2Brf2tm%2Fu20tPKW9gZYkzMU4MOjOU3tDOEO4G6xDta1d%2FeoxQeiWA2KV77WPiWBugiPVTNTTc69jN7nPieGTNTWHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7edbb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (332)
Size:   188
Md5:    298c230a596f6b51b5f8a319f415a743
Sha1:   e1fd90391e96c07fc52deefba5d6543fffe15eb1
Sha256: 5477da8f788bb3f959391f7c8d31c23bbd82347c48730b5026d1cb8f2eeae27b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2586
Cache-Control: max-age=151823
Date: Sun, 04 Dec 2022 14:52:07 GMT
Etag: "638c580c-117"
Expires: Tue, 06 Dec 2022 09:02:30 GMT
Last-Modified: Sun, 04 Dec 2022 08:19:24 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /sl/common/js/main.js?1670165526 HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 14:52:07 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 14:52:07 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2DP5AvnzPjqmBPcXBts%2FmzfOlEfoB8lJ1x8YG9lq%2Fl3aLQdGQ%2BoY9NThEcIsibYT2Tpy2rfho%2FbT6VJrSWgTNgczOWS3CQNh4Cchw9wRwWTl0zSNv0in%2Fw7RkvCIOtBrDwo6Uw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ee0b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   210387
Md5:    0a8bba4f4f94c6673eb05e277e98e94c
Sha1:   1f3a33e50df15b61f6df9f6f8d76e2b984c7144b
Sha256: 7da3edf657c879969dea32d438d7e7c0bbed08b8d40a077f6d1ef4ec18d45104

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/EN3/images/m3.jpg HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 04 Dec 2022 14:52:07 GMT
content-length: 20890
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:10:05 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 52922
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3BHarzS2LUB3EQDqTQZvQ5a8jl4ATNqvgjzPwdWBwdDbAyJYxOSg4cQDXYpBQ5YWldBEAXHuOLthwtWNKtjbCZjs2swZDVCTFaNx2X%2BR7XehOIRhL6m0kJ4MqEKk4iuM%2B04zEk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77455d322c09b4f4-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x400, components 3\012- data
Size:   20890
Md5:    c698f5bab1daf1f3745ff2b31e4b5dc3
Sha1:   a175e04604ee3fd474d9818f52f193ff3e7784a0
Sha256: 672edb2ed70499efa3d65fc0eead7f24337897b874228c230c78c334c3ac0cb4
                                        
                                            GET /sl/html/EN3/js/functions.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=52042
expires: Sun, 04 Dec 2022 22:12:51 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 59955
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koNW3HAXVRLK7aXGCAx22FUncLKLcgPka0UMFOisfkLyATwckSt%2F6jXDYSbN5Gj1y5dT1je5jbNniAcfG1Sm%2B0iQYKKxXY1e04X0iGtqR%2FhQoYxV7oaPnRLFtN9%2BZq6wFn94tb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ee2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11875)
Size:   153156
Md5:    5a9c49534cfb8362d8aa6590f01af9f7
Sha1:   603d57cd5316f01b389f9f2a3d177cf677542787
Sha256: 8bd41f1a7a990d8992885974a92adda4017df5208a462f1c6a4cbb16a3b3ca24

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/EN3/images/m1.jpg HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Sun, 04 Dec 2022 14:52:07 GMT
content-length: 199421
cache-control: max-age=86400
cf-bgj: h2pri
expires: Mon, 05 Dec 2022 00:10:05 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 52922
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=exXshx8jZSEe6zcRg4hUdPlNUka4ju%2BRIVXNlNqAU%2FSLcF9AblfZqhUAgfpp5Zjp28%2BIsXkZ0pP495ZtDMrZBrC5BzkFGaETlbG%2FicTLRL0jIq2%2F%2F%2BCgXYxjqHbreLDkmmRiTPs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77455d322c03b4f4-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 620x829, components 3\012- data
Size:   199421
Md5:    6e93b97d9d9f1ce77eda101b7e7cecb9
Sha1:   d05111c47a268204ce75b03bef4bb4e04ff9a8c8
Sha256: e0eac4580020331eaa31dc1ff731b92baf5cbb76db453b3e54ff912cd5aba0b7
                                        
                                            OPTIONS /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1 
Host: subscribe.api-push.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-referer
Referer: https://mycasualhookups.com/
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.162.28
HTTP/2 204 No Content
                                        
date: Sun, 04 Dec 2022 14:52:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: content-type,x-referer
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fxli5C2EqCUw%2B5aXn725uVcd0q%2B9L7q0nEnATAaCuCcmsIhuQOCwoiWR0RWUuWA5E4jKotMa8YPVAVgyHuGtxa4OMdVaVGBD%2FBDlTK0P3YyJqVSOn4LARFDdqXW5uIIP%2B2MtCyKur2Ue"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d335a580682-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /subscriber/null/4e027e5d-4862-46c4-9cb6-ae024d88181b HTTP/1.1 
Host: subscribe.api-push.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum=#p#
Origin: https://mycasualhookups.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.162.28
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 04 Dec 2022 14:52:07 GMT
content-length: 5
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzSS%2FooM90nKEStgNcBhLXA0Aezludn9gbyjQyDbBfrk10o6BYUNgaaN4vHhybwRlNVV49eWmmmhdUgFR4HxhDikAkfPO9RlVIqOXw%2FZPGPKHJVQ9GAY9PpCSl%2BTob6UDtAxZp6KNcpm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d343bc80682-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   5
Md5:    68934a3e9455fa72420237eb05902327
Sha1:   7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
Sha256: fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4751
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 14:52:08 GMT
Etag: "638b5250-117"
Last-Modified: Sun, 04 Dec 2022 13:32:57 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /cdn/sdialog.min.css?_=4 HTTP/1.1 
Host: cdnjam.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         188.114.96.1
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 04 Dec 2022 14:52:08 GMT
content-security-policy: block-all-mixed-content
etag: W/"1d16caacad4ad6c40a99319a5d183947"
last-modified: Mon, 22 Nov 2021 08:00:52 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-request-id: 16F5E342988C7B8C
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 6810
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2FKDT4lRAWP2qwJfmP0RYsG0nAQTyhhziIAuiH%2BeIwCxJQtbEh4bhjp2RkkBGrOzknYyps%2BujU0uE5O5MCu%2BqdUhqLwxMEn19Zct0%2BX7Gd9CL13RLVPtZKufeANn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d3bac68b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6775)
Size:   1576
Md5:    2a0c146592842de336e7f1bfb7766117
Sha1:   f6c330aa79225167fa3193a3e6915cea0cbb7b30
Sha256: 399d0f65959a6e5e49c77d772a5aa93e5943e48470d3bf974f3a604e859c7a98
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 61330
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8989
Md5:    a6e7b32ac999cf3c899a234c621fa91a
Sha1:   fc5d4f3163ebb9faf85968cbb1d194e8e68418be
Sha256: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
                                        
                                            POST /get-keys HTTP/1.1 
Host: app.api-push.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-referer: https://mycasualhookups.com/sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum=#p#
Content-Length: 89
Origin: https://mycasualhookups.com
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.64.162.28
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Sun, 04 Dec 2022 14:52:07 GMT
vary: Origin
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2%2F4VMI1RPORFXJkPUJ9g9i7WJHJok25t1N%2FN6V3lCEaCktE%2FQ3eXiKar816068TD8GPFqWUuo0tVQwamPXNUgyIZkLas4apeDp1%2F4gzeZMgQ3Bp7I1KNvO4DjodPForKLH4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d317fc60682-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sl/common/cookies-policy.html HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: text/html
                                        
date: Sun, 04 Dec 2022 14:52:07 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=300
expires: Sun, 04 Dec 2022 14:57:07 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5nZDobIEqUFRg%2BTm%2FfLDLi5RqqP7eUV%2FO%2BjIyAaisUK0y%2FzkwKgzm0%2F69qrADeF75N%2B93Yy6i0vrFUQeD6FLGe12DdwomSnWW53gv0v%2FwMF3lYYzDAY0KZ72Gjo4Hs1nSrE0Gco%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d321bf7b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/common/js/lib/jquery-3.3.1.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnA%2Fkrmo3OWPL9DZJltFOzYR%2BnDIgY84PUUidzgnfliUNxd22SsDB8MBZ3BtwVfrPfw%2F2q2WpdSioHEzRkPPL6NRRGSYSQkiV4sD%2FXJzZyMWZn6WydpBQLWm%2BIvsPK8SfRdxE5g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed3b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /swpush.min.js HTTP/1.1 
Host: cdn-dt.fcdn.info
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mycasualhookups.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.234.86
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
last-modified: Sat, 07 May 2022 08:23:17 GMT
etag: W/"62762c75-8692"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 964583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2F3U8KlNbz5IGWcNGvszMTVdKtuOg7xd65U7%2Fy2WfmxX1n7oq0PXBVyKEwcu1zlrHitn6E37pl9jVzUlTWbCB4saVClJslwdx3Za0LG%2BVkc9Gh80%2BzoYOXa49UD%2F98dPVU5a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77455d2f7c6ce624-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sl/common/favicon.ico HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: image/x-icon
                                        
date: Sun, 04 Dec 2022 14:52:07 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 08:42:02 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 5811005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NnnaUhT01IeZ9i616yzLW8Di%2BmLMZo8TdYe%2FqLbQo3ApLuVtrKE%2BTze49iAWiu3WQPcZULyRt0QwxSmzlCHNKnbXjZ5mHon13gSkyxaT%2B%2Fah2oXC6Laf%2FHucQi9CCatiJtyJr2U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77455d328ca0b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /yrbPvQjh?s1=s8hnpa7a4ro4&tag=31659&s2=frd HTTP/1.1 
Host: makeyourwet.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.21.17.109
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Sun, 04 Dec 2022 14:52:03 GMT
location: https://m.luvmenow.com/click?offer_id=5246&pid=31423&ref_id=s8hnpa7a4ro9&sub1=28575&sub2=91.90.42.154&sub3=s8hnpa7a4ro9&sub4=s8hnpa7a4ro4&sub5=frd&sub6=&sub7=&sub8=31659
cache-control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
expires: 0
last-modified: Sun, 04 Dec 2022 14:52:03 GMT
pragma: no-cache
set-cookie: _subid=s8hnpa7a4ro9;Expires=Wednesday, 04-Jan-2023 14:52:03 GMT;Max-Age=2678400;Path=/ _token=uuid_s8hnpa7a4ro9_s8hnpa7a4ro9638cb4132bfbc0.13164435;Expires=Wednesday, 04-Jan-2023 14:52:03 GMT;Max-Age=2678400;Path=/ 9bf24=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI5MDk1MFwiOjE2NzAxNjU1MjN9LFwiY2FtcGFpZ25zXCI6e1wiMjg1NzVcIjoxNjcwMTY1NTIzfSxcInRpbWVcIjoxNjcwMTY1NTIzfSJ9.V5gX4WqzBRBVU81c-cjUbrr6s9myCnfjRrYqovqVbWI;Expires=Friday, 08-Nov-2075 05:44:06 GMT;Max-Age=1670251923;Path=/
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbBdutaM36ti5vSDZeGdRKxXHP3iCwvcwNzOPfTgn20z2TSWa9snqth8CL0eIlj0%2FPVlj8Q%2F%2BuDmSyJGRwaKMidjUtx%2FJyx5xKB89MLvVgT2LIWKr84e98bmYAcZChBcwyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d17293db509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sl/html/EN3/n.php?cep=PMQKauFzVePLv9G7kZmQjQGeT51okIgu2rMBmTBhob7j9HD3IFKro31LHrx_hp-nx8tvQ9hxzOum4vxb2z5XTKFXBQHw7zXiCUdMZUDn8ZFsF_v54Nnsw9Z263F0_XnHZkjv_zUSUV48vNGYNAdUopKB73GwC8U08zFP6qCebnpnY5L_jdfTggzhX_kowXvYFsKvuT6cPAFkN05l90QVfcZ3ppd8jsST1DYCefxWeEnK_RE9uq3pdpPb1r4yyyA3Q2_eDfhvM99RjaGvBuv2Yj2n3vq__OCHDHK2S-g78U9vu44zbbapZeLplc_p-6E6MYBs5Qsnqj8w6bGwVaYbUtJN1gaoYEXm65oU8pj-y7xwUksk5ZSJ94ttMMaZUUy1lMtNDPjbimcUz2DnvbEaBA&lptoken=16fe703c1680739d2636&external_id=36197-739010315&source=16295&sum= HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
cache-control: max-age=300
expires: Sun, 04 Dec 2022 14:57:06 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqBxDWlElYQhIvfa5uMRJ1QEqGMvkD2dUPKcd2kZfz3KOi%2BzLofaMfFIsFDRb%2FU84JuJKHpKBx8CXCfesS296czJuYZhnDzRMCHvHsJE5G1ixg1h9haEJoELndW2xacAh3%2BeUiM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2a88b0b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sl/common/css/style.css?1670165526 HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 04 Dec 2022 14:52:07 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Mon, 05 Dec 2022 14:52:07 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MaLBBZkwGgisnNokFc4o3hEtd0Cx3bfVzBPdc00BpnmFR%2Bfs%2BseFCVjtxtTOBx0T0r4T%2B5vnzbQE6IUsuxqlx%2FxoR18xgoBSHc%2BJc6iMs4H%2BLf7e59oWISpG9npUcVUXLBZy5cw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed2b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/common/js/lib/additional-methods.min.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
cache-control: max-age=86400
expires: Sun, 04 Dec 2022 17:27:27 GMT
vary: Accept-Encoding
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQPoVWI2IETT%2BzTOFlm2tQX2UoHXTGLzZej7LfzHGE7KSO6WoafdnF4KVJcwe9BynCH7ntHqxfMRJ%2FDOB1tGQFr0PNAVNFQTyP3CSQ1W0pF4XNwQQNXPS%2BmJV9XBFLSQtjUbVUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed7b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/html/EN3/js/langs.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=38889
expires: Sun, 04 Dec 2022 22:12:50 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:08 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 59956
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCY3ySN9GrZ4Ljdcg54dQjLMJtzBwfoRXu8OvhlPAhWyfM0fi2yNs3flTPbEuH2UMWjPEDpyQer8VPUbvMKtdnehkg5KZhIwlL%2BvftO5FycrajYZC1X33vyG1RuisN0iIRpxTiE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7ed8b4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sl/common/js/common-langs.js HTTP/1.1 
Host: mycasualhookups.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mycasualhookups.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.26.12.87
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Sun, 04 Dec 2022 14:52:06 GMT
cache-control: max-age=86400
cf-bgj: minify
cf-polished: origSize=19528
expires: Sun, 04 Dec 2022 17:27:27 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Mon, 26 Sep 2022 15:53:06 GMT
vary: Accept-Encoding
x-endurance-cache-level: 2
cf-cache-status: HIT
age: 77079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WdZAa5FrRPx9vA42sS6JXuYkUSukiBHkvEG1tItr%2FJY3Xf5FtuFEuPUFuuOpv9uP5jHw1SYjeb8QF6Wr%2B2Qa%2FxQDBYPKiRCGr9aeD5xT4joezQ6So18tyLpo1c2lYBPDicxs%2B4k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77455d2e7edfb4f4-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing