| trck.pecuniatrck.com/6SDHDKDZ/2HBBQWMP | 35.190.3.146 | 302 Found | 146 B |
URL User Request GET HTTP/2trck.pecuniatrck.com/6SDHDKDZ/2HBBQWMP IP35.190.3.146:443
CertificateIssuerGoogle Trust Services LLC Subjecttrck.numustrck.com Fingerprint51:33:8D:9A:70:0F:B6:A0:E0:15:5F:91:4E:F0:CB:31:CF:DC:D0:6B ValidityTue, 12 Mar 2024 18:11:27 GMT - Mon, 10 Jun 2024 19:03:40 GMT
File typeHTML document, ASCII text Hash76c49ddaae772d3b6bf424e28238507b f018ed5ad59064474568ddffb30f5e726759f534 ec684d8224ba70ef7035640130f6cc29c70a93534851528941057cffacdb9b47
GET /6SDHDKDZ/2HBBQWMP HTTP/1.1
Host: trck.pecuniatrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 06:25:26 GMT
content-type: text/html; charset=utf-8
content-length: 146
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://track.smart-tds.com/c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=100783&t2=&tag=f71808cc50d4437fb6ff0ed750376f96
set-cookie: uniqueClick_2HBBQWMP=1b08baae-b855-4400-a88a-1d353cfbb51d:1713939926; Path=/; Expires=Thu, 25 Apr 2024 06:25:26 GMT; Secure; SameSite=None
transaction_id=f71808cc50d4437fb6ff0ed750376f96; Path=/; Expires=Tue, 23 Jul 2024 06:25:26 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 30161ed9-c813-4d50-9e66-311245688e30
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| track.smart-tds.com/c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=100783&t2=&tag=f71808cc50d4437fb6ff0ed750376f96 | 35.156.152.207 | 302 Found | 0 B |
URL User Request GET HTTP/2track.smart-tds.com/c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=100783&t2=&tag=f71808cc50d4437fb6ff0ed750376f96 IP35.156.152.207:443
CertificateIssuerLet's Encrypt Subjecttrack.smart-tds.com Fingerprint6D:A4:16:9B:9C:BD:51:73:F2:75:7D:1F:BF:80:89:F2:B9:F9:DF:57 ValidityFri, 15 Mar 2024 06:47:09 GMT - Thu, 13 Jun 2024 06:47:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=100783&t2=&tag=f71808cc50d4437fb6ff0ed750376f96 HTTP/1.1
Host: track.smart-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 06:25:26 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
pragma: no-cache
set-cookie: c9a9eca1-de73-466d-aa60-f2d1325e89a7-v4=71-sG8j-QfM2nt2RnvELffLyx7ewKXN0q_hueJK0enI; Max-Age=86400; Expires=Thu, 25-Apr-2024 06:25:26 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=FtueR794Riy35O1FWX6vr3wFCBCXA2bsDnKEamjmhFZRjSeDn0otzWm3PfvEyp7xex4yNn7%2Bn4nakD7Q%2F9kWx0GFmoQX0nJL87tX5GhmWldUvPqoYBt1FSx7lmdCLtNZzLdZvSp8y7%2FEOrkh2j3cBQ%3D%3D; Max-Age=31536000; Expires=Thu, 24-Apr-2025 06:25:26 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo | 3.120.62.154 | 302 Found | 0 B |
URL User Request GET HTTP/2nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo IP3.120.62.154:443
CertificateIssuerLet's Encrypt Subjectnicking-unding.com FingerprintA5:CF:AA:AB:0F:1F:99:7E:6E:A6:E3:89:2E:FE:D4:A5:59:43:15:30 ValidityFri, 08 Mar 2024 07:04:05 GMT - Thu, 06 Jun 2024 07:04:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo HTTP/1.1
Host: nicking-unding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 06:25:26 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
pragma: no-cache
set-cookie: c4b5ad04-8822-42c1-9db5-e9a49f15358b-v4=D2yhAlKxV0a_J0DiLaMWvGUiiNoNX_YtyPhPQAWWr60; Max-Age=86400; Expires=Thu, 25-Apr-2024 06:25:26 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=BWH3Q3avSzTvOQTzvsrtQk0aJ99Sk9wOn23_K291RffrfIKoiED_ACwStrOuCFnstDfZSuosJNUlR2Tzi12TKpOLZ_LIxgKCF3arTzKR4tijhHBSXmA7IaXI6sY4KrBKIuX4m3U-9ltSnME5xop0WTOGqG-tBb64KM_iA0l_3lYIn5cfKYzE4gCfVParCjRcxZpPy18Xk5DpQQWmmcPJ1YYDisq5ydLCUbssKY1gK76adaIoO4c_8FLdCgwSyausrJaq7OP2BPQaDVKBv0-jCOGYi_TXhEA_bnFOkP_8o-UvP7G1AQmnWZB6m3qhce62I-aA3t6npJvcsUhkpOxqv_hK3i95I39d8l3BQo3GneyuGNKWauN_6FHWWqCuaqTkW2Vas7jOEYaRkfbLZ2QS0_4RVV1Q4j-l78Aiav8bG-QU2gkzb12A2FKUhlS6n7aLAiNmIJNeosVFt8ErQ14-YZyiwyBs1a2-kxhg_1p6f7FECjl0eIJCeLXE67H6xMyR1qbqQLVBH0QLqZDVuhEiDe6xGiZZAN5JbB1lrPcdb5g; Max-Age=86400; Expires=Thu, 25-Apr-2024 06:25:26 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/Tlogo.png | 188.114.97.1 | 200 OK | 21 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/Tlogo.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 334 x 172, 8-bit/color RGBA, non-interlaced Hashcf052695dcfea41b32891c6fe0db704a 04666c7589d5f76d4d83b25180be153c74fa12c4 b0323f64bf0cf04da9f58a4b09142954f6d7843dfb037826aca05125c1590e45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/Tlogo.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 20691
last-modified: Tue, 28 Dec 2021 16:22:49 GMT
etag: "50d3-5d4373b7c4c11"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZAnVfZY5O%2FfW4Wu4QocY2smJUBBSZtWMt8WTcvzxvJ%2FqWJMwS%2BpmjO%2Bjc0fLKXMbNYL5XP8ZR%2F%2F3cUfWgv4y2HBasgrNm%2FTqaDTQ95PmTAn2EmqcxTuvuomLjTFNJhfaCX1pciiSFw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404221ce57128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/04.gif | 188.114.97.1 | 200 OK | 388 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/04.gif IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeGIF image data, version 89a, 312 x 312 Size388 kB (388375 bytes) Hashf8db03d9bf7a637a23362df0914aabfc 5828fb6a2ca814a2aa7db0f0c6f8ff61561a5ac3 8618a596b8ff121219334e7680e60691712f054bec2c7d3ed28c1381e28c01b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/04.gif HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/gif
content-length: 388375
last-modified: Tue, 28 Dec 2021 16:22:59 GMT
etag: "5ed17-5d4373c0d22df"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNK6hA51vXOSC%2BsyXIFzwLBc6g6%2BUYHRnTpb%2F2na%2BLZ2jqVYfvQfCz6yycwWjSAf1%2B9jnXKZsCtZpLZhC8rtsn%2FGYOVWWL0vYlC0przReUrU%2FUyJcAHwZBQq8kEUMIMupIb7YJ5O1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404221ce67128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_1.png | 188.114.97.1 | 200 OK | 48 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_1.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hashc37b1d71b49a4c8f8bf645d045f16985 548f445b73a87ed311986b78ad30ae585eb94d32 0940f506ad7a63a87d4094ed8982c9ced20a40f80968a8d60c413d9b5ecab79e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 47972
last-modified: Tue, 28 Dec 2021 16:22:50 GMT
etag: "bb64-5d4373b8b8e63"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=43pDeJMpu0Xmy1LzwpgZxyeJPqDVvqbNMWJl9IkTvBhu7v%2FpYdx40l5QIFXH76mcOG9tAHN7DasV5Rqf%2FNamt0sKQOFlqZcrkv%2B7rU40%2F%2BNjdiVZ%2F0ipOU0u0DCrFi8N%2FGphI61PdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404221ce87128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_2.png | 188.114.97.1 | 200 OK | 56 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_2.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash0d8f82b8f9aa4d840b186f45c58be648 b756e6fa8803f25ac91ed0091be37bfcabd70a78 7c62140581382ceef8fdc3fef780f94d132d2758a22393aec252d65373d74d86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 55991
last-modified: Tue, 28 Dec 2021 16:22:52 GMT
etag: "dab7-5d4373ba99607"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FE7rLsaWicwe54QXxYlVBjaHHabSitTTT0urRzQ6zbBkJdIg1d1Bajtuk%2B6%2FB4PXNCGZRYdSX2Jfo%2BKNPkSQuYLr4lgbr1SThL1w9cV%2FpyCYfugr2OoLJ1lUt5abAZVP%2BLmNgcxCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404221ce97128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_3.png | 188.114.97.1 | 200 OK | 40 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_3.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hashb4c70525d55d14c65478b0f8b9c9954e 31e2063dc95f3d6a9995b76d382880f567246803 6f3f1d4003323a7f9135232b8cdca5f2cfde0e6b9b2988255c41a97c7b6fd163
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 40337
last-modified: Tue, 28 Dec 2021 16:22:51 GMT
etag: "9d91-5d4373b9830d2"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ypPjRqm33SCk71EGEUOrsYF7VE%2FHTu60Hhxigj9%2BRShGDtjSnHJaZ4%2Br0wZogpAQwLvt8x%2F1nV8LE2LRxAl8HGagcNc3As3Yynz7vdIYBCB8q4eqV47kyYj3SLwVwh9Oiv9LhBFCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404221cec7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_4.png | 188.114.97.1 | 200 OK | 60 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_4.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash746ac82d1374f51b4ceae516f69ab6ad e3a378690b02af5732f3569ea71e00e666c46f1b a44f12838759e2055800c0642603be1085c5120d6f5df276c2e0e87210e0b8ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 59759
last-modified: Tue, 28 Dec 2021 16:22:56 GMT
etag: "e96f-5d4373bddf486"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUJzSYGQmN4Lh%2FIRA1zr%2B4TIfldme5n%2FbZhWo1zwMW8y5GdEZHrg8dDzKoFqB%2BMcb6wov%2Fv%2BLy%2B54HcePbct95c34ljKZWzQN%2BfAuiV2OFJWb%2BTbix3Y4HPYRLqkDEpn3fqXr5%2F7fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404221ced7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_5.png | 188.114.97.1 | 200 OK | 51 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_5.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash9407b587b816571fef24ea488fb29138 f7cc0874ccb7c8199fc2a078b507cb7497369c91 db27f7041801043061be15117bf82104786d53d8c3fcdd3165270efb87110f01
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 50867
last-modified: Tue, 28 Dec 2021 16:22:54 GMT
etag: "c6b3-5d4373bc338a6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FLDANmoPuM5Hm5TMI99lWIPO2ewD%2B9PpRDE82wcQiRioAXE6spqHwPWm5LY4PeYXrMdrDBdVQ989LZGSto69C3IFZNDE%2F%2BZIQ2Dh8g1C%2BTwQaU98%2F127tbmfrcsNzmDr95bsbKf4ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404221cf17128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_1.png | 188.114.97.1 | 200 OK | 58 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_1.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash63f74d7c97a74239d43d4418803b345a 2855449c3a816dfa892b75ce3b6a1415da740fec a988dba1586aa8826577d9320678d3855d0d9d2e981d1073dd56b91a3859e3fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 57903
last-modified: Tue, 28 Dec 2021 16:22:46 GMT
etag: "e22f-5d4373b4201eb"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x0Cl5IBE7RFkUwsHCasrWeIs83DkfMyvcHwlQqQax4SxaZWmDrSIRsbNd7x1lfaNUWIjkK0MkCbqHdbz%2BMQdfROrwuHeL%2FCUB0L1GqqY%2B5YTzygZLMAfAylmT%2BL0pyEfxQNwkggFcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222cf37128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_2.png | 188.114.97.1 | 200 OK | 50 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_2.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash431679c0fdd060aeef69f2b8beec4169 0c7f0ef489e5e752c814420165bbd3941cb3fd70 ecee803291f0a56f17cbefc5c561f32d277226d4a25f331371109bdc0e1e27df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 49466
last-modified: Tue, 28 Dec 2021 16:22:45 GMT
etag: "c13a-5d4373b36d67e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wRzHJCVJPIBI26e7UjdGV35TX9r7PcXqAHAO%2FtdazMrmDqupgF3FIOS3YlJpjwiFRWXWi1JtD2mXilIw4KnAeRVCYUSYRsnP5uUm1hnzMHVnUhKfcXGCh0gZy94HlFATJUK3HgEpIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222cf67128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_3.png | 188.114.97.1 | 200 OK | 51 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_3.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hashb44d52f1628ccbe49dea725a18667d74 80aacb07a91269756340ccfed0480ead57c6d54f 0057b6d4f57ea0dabd771f6358f10a231ae805436ee6fc6850a02135e8f13532
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 51413
last-modified: Tue, 28 Dec 2021 16:22:44 GMT
etag: "c8d5-5d4373b2d8f72"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=idHiNs1mOfYA2Y63VetlkPEa4iS6wAaY1HOrTIm%2FJJzlQZR4rQIwGOtTNLhDjHfWB4qBNrR%2FoRERqYKUCBJxcvgD0L7YSM7scPfHpgBuKejhJx8ufLCxKMdpJc1oSLL2cxHNEF5Buw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222cf87128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_4.png | 188.114.97.1 | 200 OK | 55 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_4.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash4dfe1a0253a15cd22e57b3eaab9116d2 8aa46e3d35632187a70e396c688293f6d7e688f4 62cc8f8b8dedacb8754b1ce93bc479ca3f6ae6246257928a4a0e1e0a281cf4a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 55219
last-modified: Tue, 28 Dec 2021 16:22:43 GMT
etag: "d7b3-5d4373b1dd01f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hC1V9RWpBVt9A4ZO7BNFT1nauRzrKBbbMeEPprhNX9g4Lp8EABVXnZ0vaDU7NQMofhXuau9gQ6bF6Qb8RXE1pR4DDR0kG85r2p9PGcUWrPoHV1hxTNxW8ipzYtdUsBg07OWmsExd%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222cfa7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_5.png | 188.114.97.1 | 200 OK | 54 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_5.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash621fa434f53e05bdff2819eaf6e5c9ed 1aa94b820cd55a353a569e8cb4b5302c784a6ae7 10309b3258647bc6866587d6bca464cc6619b5c54187c27116ff6f74b9edcf61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 54413
last-modified: Tue, 28 Dec 2021 16:22:43 GMT
etag: "d48d-5d4373b18fdba"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3DUnkmJJ0B6CfQdYeYqzIvJP9qg6DuQmyCSvFcgh3LdUsQtYHLNbr%2FPCls8XYOjcV7kiSkBk3giepnic5bpiAFGVH3kKYvhHJozU1AtGwfh5AHFlZv448gUxd455x%2FkulXBM2hVkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222cfd7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_1.png | 188.114.97.1 | 200 OK | 54 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_1.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash37059e26c56db6eca0b25465101d4855 6540eb900095769de1a2e71516a48e54cd8173e1 cfc4151b42a93abddb3885a5d907ad7cf486149ec615e1c107759629c12cd49e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 54337
last-modified: Tue, 28 Dec 2021 16:22:48 GMT
etag: "d441-5d4373b620d31"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G868mM3ZCL7MC8PWDUtkIyd1xDYPIF885AJxJ0ptCSIOtb18E3KBRZ0BV%2B1f1XgmcSETInKd6XJ4msQRGrSjMqjXJ%2F67CTbzA7xZQIRYjTqbpowVH7%2FRLY0DXzIKGi2mmGYtEHbHOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222cff7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_2.png | 188.114.97.1 | 200 OK | 54 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_2.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash01769e8254253553da95a9280b5a6527 7e586cd317b68b14984106d1f17089302b97d6ec 8d20fec6e5cd6640741ebcc46609813b2e10e0fdba6757f6b2c0e56d7fea3e43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 53970
last-modified: Tue, 28 Dec 2021 16:22:50 GMT
etag: "d2d2-5d4373b7f0b34"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZWjfPKOfo%2F5WZ3x47lVJdVczWgXPhtXqcsKcxUle8IvcBviiXVreuYUZS07Sk2yshDu3b9hoygfWullF48dCGEcEKJ%2FQEROU4z8Mu8hEg9RIDMmjAYPdWCjR5v4lnk%2Fn5it1ME9PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222d017128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_3.png | 188.114.97.1 | 200 OK | 53 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_3.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash1c3a2dc3681b3e447263e8790608e334 74e77a8638a881d11f88af4b8733cb00dbb9d8bd 6c2bba41d4aea31e90741e2fa84107439011bd56963033734159d8c7f46d895b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 53318
last-modified: Tue, 28 Dec 2021 16:22:48 GMT
etag: "d046-5d4373b6d28ff"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3AoR%2BaBBI4Rl4EjpT8A6yB9jXs45oPWcoud27HsKTLsGwBDde2THOqFhSZ%2F%2BifEl0553amqsxRDaCdjY1ddjKQ8bs2GKi%2FYSGlSHvee1Gf55ZOr6erVMqk5qAmQ%2F%2FdQJY5GTCDjIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222d047128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_4.png | 188.114.97.1 | 200 OK | 60 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_4.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash475389ca94897a28dafcc0f92631094f d94dcab07cfdec16972a14c61d534a15ca8cb556 956dd0bba9897c9997c3f22604a603594342775cdd1aac6d1aea790f43f96b33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 59693
last-modified: Tue, 28 Dec 2021 16:22:47 GMT
etag: "e92d-5d4373b536720"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aqImEYDTtcp2MdmiJQNA3YMBSeuv3MF7t%2BLLyl9APkhoDO6iZM%2BU%2FpMZCsdL%2BXIHKNKks5OUO0ygLKOYmIgg43GoVQtR1BGPtjOBHy%2BiO7flqPUZWZaeMdJvbfRIzuenQhztD2R5QA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222d057128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/blob.png | 188.114.97.1 | 200 OK | 23 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/blob.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 583 x 428, 8-bit/color RGBA, non-interlaced Hash5571d30924ae123918e9a192bdab268d 8456f8812e7f2a74b82c849a954c682e92dd8631 31cf63bfb1030bb5d36c6a84a8c5df57081e23481bde6f9fcb1ad78ccfea045b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/blob.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 23169
last-modified: Tue, 28 Dec 2021 16:22:52 GMT
etag: "5a81-5d4373b9f455b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ce88p%2BI6sRLaQyMPRFF3Lli74i0ESg4nz3vkrFm3PA4YhWTWoAFCkpHf0bjKKiacLR9CqngcCeDEwT0c2vjrOPlhQ63MgsHHFTHjUIRs4zwf2xRKjWrb7PDNCMahdrdaLapHQmmDYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404235df57128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_5.png | 188.114.97.1 | 200 OK | 45 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_5.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash8c046ad61659ad83f18fb2d5349f274e 53526b692ba5ea4f318cae71cacdf7c7efb4712a ac10817ac054c59733bd84b6c232b47e463b8557c479f534f3fbc609fdfd6314
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/png
content-length: 45353
last-modified: Tue, 28 Dec 2021 16:22:47 GMT
etag: "b129-5d4373b57ace5"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ApJ7gyDrj%2FH87km3wZXBwN4mxPDDH%2F07Ju0P%2BqHah%2Bqg67MbjSV8i979CqRaV%2F1iS36prCxyDUs8tbzKQl54nfo07oi6JYo5TMzN2nOKBUQkH0AJg87v4T2ylvi41d5XBwnCGFZqYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879404222d067128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg1.jpg | 188.114.97.1 | 200 OK | 64 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg1.jpg IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3 Hasha6c153fab3849ec0e3ba73f645433aec f3747bf682252fef7befdf2870f19e16c6d4f77f 33215a1515c319a23598b30fea546e10dcb8cca455b42e20d8aa5e2eebd73bde
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/bg1.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/jpeg
content-length: 64359
last-modified: Tue, 28 Dec 2021 16:22:54 GMT
etag: "fb67-5d4373bbc147e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oHWr4xWcc%2FF7bS1YHUuFofq7ciq3KxGbHzsDNcue0EKey0q3Kq5hr%2BQaU2un%2FuTQHlHc%2BD7jGArZUs%2B6DZ7OTMWHVtiRGvuU5Esekm8KlEisQlqzjZCh0PoP%2F576yfGIS5inbd%2Bi3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87940422eda77128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg2.jpg | 188.114.97.1 | 200 OK | 51 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg2.jpg IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3 Hash37832c21ce4b202719cd33b6db45028b a363710e7567d46202dd73b0761c46993bf68dca 431f71eb5f7842de8711739f0833a4c30e46ba8831dc8b209634ad48544b595d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/bg2.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/jpeg
content-length: 50733
last-modified: Tue, 28 Dec 2021 16:22:55 GMT
etag: "c62d-5d4373bd47e9b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTiQrFngw9PLrpGauWGYZq7fI7xMEioDOTBhJxHYv%2Bh2zitCjyoN2CZQMYJcSjeddqezJFwLN%2F%2B4s9J2oU19KwzTRCLACRC16PyRO53sxknVK3GzvnjpHA0Pv8Dj5P3y2KwB6D2GuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87940422eda97128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg3.jpg | 188.114.97.1 | 200 OK | 56 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg3.jpg IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3 Hash4e2d83c4bf79c1e4c84aefc33a382f31 ffab591ef8385e851d2c17feeba2b2a22eeb6d12 e05a0702af3ef4e8d37e6c491e1478e0416cbdfc404fa5da52d135b4b8e04234
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/bg3.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/jpeg
content-length: 56408
last-modified: Tue, 28 Dec 2021 16:22:55 GMT
etag: "dc58-5d4373bcc6071"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iuMCSzPxLZ6rUEwcdwgW9mOLwyMlL5ATKZsbILgRCJg6YHfB6XeWMQE1DdcKHjLEO6idNA3hnoxSV0tmM5JsrBkaqEVj3%2F9imr3J7zrmsT9Xa%2F5FXzOKS6wA683j4NIxaX5hQraklg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87940422edaa7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-W62P37M | 142.250.74.136 | 200 OK | 83 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-W62P37M IP142.250.74.136:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (39202) Hash5af698763a243d312722ea2652db9c48 d4b77f95afd2683a89d63b5f290fbef5f82bda7d a9bab7c33f565c55575c49bdfee44da847d9e896b0c5822bd7cd6d369bb8a89d
GET /gtm.js?id=GTM-W62P37M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 06:25:27 GMT
expires: Wed, 24 Apr 2024 06:25:27 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83083
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 | 188.114.97.1 | 404 Not Found | 5.3 kB |
URL GET HTTP/3casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
Hashecbd5338f955a1f2ba4c113150afa536 8b9b6b93dcbc3fe4440773938cdb0f4f6abe86ed d21cbcaf21957e36c4a1afa183395c9e1427278123e8cb685b7fdccb7cdc8a73
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IwVGAW9LsitmA6DV8dh%2BcHvYhBsLbpRgi%2FQB6QmeTULLmb3lfNlAQiJZGQG0g6TFM5FRAZ7W943unOtt4PdgqUgF7b%2FOnqPH77kh0zynfS%2F4Ko068vFYcRDqD5kg9tlnRv4tg5vEsA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879404235df77128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.onesignal.com/sdks/OneSignalSDK.js | 104.16.160.145 | 200 OK | 9.2 kB |
URL GET HTTP/2cdn.onesignal.com/sdks/OneSignalSDK.js IP104.16.160.145:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectonesignal.com Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70 ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT
File typeJavaScript source, ASCII text, with very long lines (9410), with no line terminators Hash5eb2adfca36be15c8d4a206576132abd f507beb2560693723f4b360af70bfe9bd8bed534 6ad1aa44625325d8e975bccee776e9a60ae134d2de1cb8d98852de9f3109aa4a
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: application/javascript
etag: W/"a87c48d211877c49b878679b2e3cdab8"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 3050
expires: Sat, 27 Apr 2024 06:25:27 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=bg3.s1QNeHjmh7wFwVihwLEEm6856e8Zp_N0HbNgkYk-1713939927-1.0.1.1-f8berEcouIHdRYQFzpwhFTycgtIe8Bedl0l_6FrTEfmgBk0QEVg2kjwLGoqwBHAsuDJVr.E9jI8CPalMWTRY1Q; path=/; expires=Wed, 24-Apr-24 06:55:27 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 87940425acc51c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo | 188.114.97.1 | 200 OK | 21 kB |
URL User Request GET HTTP/2casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: text/html
cf-ray: 879404202f42b509-OSL
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Dec 2021 16:22:36 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwqeqOIX9SleJ7Pls1PCa8RgSunC4W5YIHQ4kO33ER%2BSvIu0v6yWKMLpL5ZSaVN99ddhjy2lFDbK8O1VuJU%2FYHnClmPTR8CY1zT5eCRI3klpfWDPLfP32aZlgSxDPhvTHBLHcjf2cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css | 188.114.97.1 | 200 OK | 9.2 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeASCII text, with very long lines (9233), with no line terminators Hash26a4c2ca32b70017b7203fde81bed3a9 3c1d00c858ab49a30013c747b9faafbcdf84a063 cd3123418fc2ff36cbfa763593f84385bc0592d22a8eb9a9f5356519f00ef717
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/css/style.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=14510
etag: W/"38ae-5d4373ae27c58"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQ2bKlZ3IZN9vR855rqrK5k9iBaNEj58rcYY%2B1pkSTItXdCTd4f6somubCXgxBePBvvqpETq0bCi8uq6yXOMckan69GpFQ6J2hxQXLHNx0lgkwCN2IYv%2Bk4DWWceHqlqxil7ZzQ4Zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879404220cdb7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 | 188.114.97.1 | 404 Not Found | 371 B |
URL GET HTTP/3casual-flirt-hub.com/0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, ASCII text, with very long lines (386), with no line terminators Hashee38251b54e4a0a06ddf5b91e8338c17 7ac6a8c5c99acc67beb6ba6a44b8f004736b7c6f f177fb69c123c5d7ab569cf61efe23fcdf9c4149018640699fd87821ea751b74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VB0yfKoCTjDVmFZxelrYhkXaT14BL9qy0ZuZsHGU1WEM21T8MRx06aCzDLn%2FUFthAwW1zwXrr60ZPKitF1QQvocTNcp9RGw%2B1%2F91H5m5V4k0f0OMg8nDL59Wjk6Mk9XKxw4T0YiUTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87940422edab7128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/favicon.ico | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/favicon.ico IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash38722a803b73dd1871a3d8a19db44d2f 3379960a2c6611bfefcb39e662198d6df322e12d 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/favicon.ico HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: image/x-icon
last-modified: Tue, 28 Dec 2021 16:22:44 GMT
etag: W/"47e-5d4373b23ac27"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5252
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2FxxID16TWMb1Hhvk5q2gXnhWkH4VBSF%2B9KdjKnAzsSB%2B7RIvySa9y1La0GevWnT1I3YTSRlW6reA%2Fg6F5PyJ1ymesjJ9K0QqqKxCSN7Iuiniy%2B8SVxIlwS2zHVgRR36SpT1sguYpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87940424df707128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js | 188.114.97.1 | 200 OK | 90 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Dec 2021 16:23:02 GMT
etag: W/"15d84-5d4373c3684d1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z4WTfAyVohdApY4DTfCkqa8Rk2P2jvG8EUCg7t%2FIxIelMaC2536CM6HMjb8EVifbExwVgVhRpiPUzcWbfYQ5HhZZuwl6sGrOL6vklVAATfQ9n1TbgNjFIJO5j%2FIRN5eGpaxyqfPtpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879404221cdf7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 | 188.114.97.1 | 404 Not Found | 371 B |
URL GET HTTP/3casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, ASCII text, with very long lines (386), with no line terminators Hashee38251b54e4a0a06ddf5b91e8338c17 7ac6a8c5c99acc67beb6ba6a44b8f004736b7c6f f177fb69c123c5d7ab569cf61efe23fcdf9c4149018640699fd87821ea751b74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZkezIrWJQujBYO2R6yFRXWh9kKwmYtBbqUwm%2Bjr3SwftLjsYCZbjmIIrlKmgspngrlvzi5r0NuPFkd5S3qB4TL0K%2B3xr%2F%2FkxBjnK9DmnhQTfe3BtIFPUlI6zoYWWdQ4FX9reOE2pfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879404235df97128-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjUwNzcxMjg3NDc1OTQ0NDYlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc3VhbC1mbGlydC1odWIuY29tJTJGMCUyRm5vJTJGTk9fZnVsbHBhZ2UtdGlrXzI4MTIyMDIxJTJGJTNGbGFuZGVyJTNEYjEwMTY4MTktMTJmMS00NTgxLTkzMjUtYmMyYjY0NTRjNDY1JTI2Y2xpY2tpZCUzRHdmb28wa3UwcnQ0NjhlcTAzZTM4bDlmbyUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzA0MSUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEQndoN19FZjBZbk5QMjNBTVYxZURaMTNudF9mcTctY25lbi1ONnJhVklyRkpzb3FocTl3aUV2VXp2MW1uTlgwU2NlOG14eVRqS3pEUXAzX3QxSzNaUzhnaXB0b3pXNnZyRlVlVGxKZ2xYZXpDVGw0dXhVdVZOckRuQXFST0YtMzVrb2FFMU1QLV9MeUJzZUN5RnlWbnZSVzFJc2F1R1pRV0gzWnFKXy0zVG1zQVcxVTdoNXBiMGVyTFpEa3pNb0lKMGRvS3ppQU5hNWZvWi1xSi1LZUVlUjVUMjg0WnAxa3RDbTc5RWdOcFNsTS1nQklaQUphMjRNY3RCM3lNNE9HdTNBV2U2Q0tOTWRZNU5DQnpjU1oxRmhCY21TR2Z1LXhINjZsNS1sSVVqZTlQN044ZXROQU5DYmZtZjBrX1VnU29vbE9wUXlhRkRPdC1ZTWhrcmsyN3kydDMzdENTWGppUnRVczJoYnFEWktzWHh3LTluSExUaG9yRk5qcW1mTzhwWU9hV0pZcUNPaXVleHJSRDBudEp4MW5QbGVyN3FPTV9KWGk2MmJvOWRvTk03RngtS3VQejV1T2swUVBsczd4RDB1clVTMzVvMGJSM0wwVHJ5QnlqZ1FRUE5Qa3VmckJhOVF3VWJYQS1GR2dOWUlfN1NEN19mWHVMSm5VQWExdWxBdHRJNjVsdXcwb0VUQm1CNHFsMWRvY1hYVG9uVVh4X0pDaDB1YTRYdUZ3JTI2bHB0b2tlbiUzRDE3NjUxMzg3OTRmYjE3ZGYyNjFiJTI2czElM0QxMDA3ODMlMjZzMiUzRCUyNnMzJTNEJTI2czQlM0QlMjZzNSUzRCUyNnM2JTNEJTI2czclM0QlMjZrcyUzRDMwNDElMjZjb3N0JTNEJTI2dGFnJTNEd2ZvbzBrdTBydDQ2OGVxMDNlMzhsOWZvJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== | 188.114.97.1 | 200 OK | 4.9 kB |
URL GET HTTP/3casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjUwNzcxMjg3NDc1OTQ0NDYlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc3VhbC1mbGlydC1odWIuY29tJTJGMCUyRm5vJTJGTk9fZnVsbHBhZ2UtdGlrXzI4MTIyMDIxJTJGJTNGbGFuZGVyJTNEYjEwMTY4MTktMTJmMS00NTgxLTkzMjUtYmMyYjY0NTRjNDY1JTI2Y2xpY2tpZCUzRHdmb28wa3UwcnQ0NjhlcTAzZTM4bDlmbyUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzA0MSUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEQndoN19FZjBZbk5QMjNBTVYxZURaMTNudF9mcTctY25lbi1ONnJhVklyRkpzb3FocTl3aUV2VXp2MW1uTlgwU2NlOG14eVRqS3pEUXAzX3QxSzNaUzhnaXB0b3pXNnZyRlVlVGxKZ2xYZXpDVGw0dXhVdVZOckRuQXFST0YtMzVrb2FFMU1QLV9MeUJzZUN5RnlWbnZSVzFJc2F1R1pRV0gzWnFKXy0zVG1zQVcxVTdoNXBiMGVyTFpEa3pNb0lKMGRvS3ppQU5hNWZvWi1xSi1LZUVlUjVUMjg0WnAxa3RDbTc5RWdOcFNsTS1nQklaQUphMjRNY3RCM3lNNE9HdTNBV2U2Q0tOTWRZNU5DQnpjU1oxRmhCY21TR2Z1LXhINjZsNS1sSVVqZTlQN044ZXROQU5DYmZtZjBrX1VnU29vbE9wUXlhRkRPdC1ZTWhrcmsyN3kydDMzdENTWGppUnRVczJoYnFEWktzWHh3LTluSExUaG9yRk5qcW1mTzhwWU9hV0pZcUNPaXVleHJSRDBudEp4MW5QbGVyN3FPTV9KWGk2MmJvOWRvTk03RngtS3VQejV1T2swUVBsczd4RDB1clVTMzVvMGJSM0wwVHJ5QnlqZ1FRUE5Qa3VmckJhOVF3VWJYQS1GR2dOWUlfN1NEN19mWHVMSm5VQWExdWxBdHRJNjVsdXcwb0VUQm1CNHFsMWRvY1hYVG9uVVh4X0pDaDB1YTRYdUZ3JTI2bHB0b2tlbiUzRDE3NjUxMzg3OTRmYjE3ZGYyNjFiJTI2czElM0QxMDA3ODMlMjZzMiUzRCUyNnMzJTNEJTI2czQlM0QlMjZzNSUzRCUyNnM2JTNEJTI2czclM0QlMjZrcyUzRDMwNDElMjZjb3N0JTNEJTI2dGFnJTNEd2ZvbzBrdTBydDQ2OGVxMDNlMzhsOWZvJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJavaScript source, ASCII text, with very long lines (5044), with no line terminators Hash4f8e7bece0e33eebe4e125006a962faa 02df4701a7a073a8ecdf239a4bf72cef2479c5b6 8e51ff96ef81e6ed83a5e9eac293c4e3817601e91050a7b350daeb4ec3359356
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjUwNzcxMjg3NDc1OTQ0NDYlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc3VhbC1mbGlydC1odWIuY29tJTJGMCUyRm5vJTJGTk9fZnVsbHBhZ2UtdGlrXzI4MTIyMDIxJTJGJTNGbGFuZGVyJTNEYjEwMTY4MTktMTJmMS00NTgxLTkzMjUtYmMyYjY0NTRjNDY1JTI2Y2xpY2tpZCUzRHdmb28wa3UwcnQ0NjhlcTAzZTM4bDlmbyUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzA0MSUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEQndoN19FZjBZbk5QMjNBTVYxZURaMTNudF9mcTctY25lbi1ONnJhVklyRkpzb3FocTl3aUV2VXp2MW1uTlgwU2NlOG14eVRqS3pEUXAzX3QxSzNaUzhnaXB0b3pXNnZyRlVlVGxKZ2xYZXpDVGw0dXhVdVZOckRuQXFST0YtMzVrb2FFMU1QLV9MeUJzZUN5RnlWbnZSVzFJc2F1R1pRV0gzWnFKXy0zVG1zQVcxVTdoNXBiMGVyTFpEa3pNb0lKMGRvS3ppQU5hNWZvWi1xSi1LZUVlUjVUMjg0WnAxa3RDbTc5RWdOcFNsTS1nQklaQUphMjRNY3RCM3lNNE9HdTNBV2U2Q0tOTWRZNU5DQnpjU1oxRmhCY21TR2Z1LXhINjZsNS1sSVVqZTlQN044ZXROQU5DYmZtZjBrX1VnU29vbE9wUXlhRkRPdC1ZTWhrcmsyN3kydDMzdENTWGppUnRVczJoYnFEWktzWHh3LTluSExUaG9yRk5qcW1mTzhwWU9hV0pZcUNPaXVleHJSRDBudEp4MW5QbGVyN3FPTV9KWGk2MmJvOWRvTk03RngtS3VQejV1T2swUVBsczd4RDB1clVTMzVvMGJSM0wwVHJ5QnlqZ1FRUE5Qa3VmckJhOVF3VWJYQS1GR2dOWUlfN1NEN19mWHVMSm5VQWExdWxBdHRJNjVsdXcwb0VUQm1CNHFsMWRvY1hYVG9uVVh4X0pDaDB1YTRYdUZ3JTI2bHB0b2tlbiUzRDE3NjUxMzg3OTRmYjE3ZGYyNjFiJTI2czElM0QxMDA3ODMlMjZzMiUzRCUyNnMzJTNEJTI2czQlM0QlMjZzNSUzRCUyNnM2JTNEJTI2czclM0QlMjZrcyUzRDMwNDElMjZjb3N0JTNEJTI2dGFnJTNEd2ZvbzBrdTBydDQ2OGVxMDNlMzhsOWZvJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casual-flirt-hub.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://casual-flirt-hub.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-max-age: 600
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRvSP8oRSW1d%2F40Wbk3k4gkdvmSWnpJRjLCnM%2BEC%2BqCALiSH25PpCFhd4sgN8%2B3f4NQ1hccdbJHbmgG4U94zT0TTe34mAQIzuLhM8maQNtxymzBI7NzmkqQ5xrusjgxog0WUVX5SQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879404235dfb7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css | 188.114.97.1 | 200 OK | 8.1 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeASCII text, with very long lines (8122), with no line terminators Hash123176116c749f7de8c66d3d54365989 c885d077360d7029e39eac8c340a4e7cc4e3012c 6d86148ecc48ad67e1a750e5f367009b7f6da2c18596092662b4b4413aad57f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/css/css.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wfoo0ku0rt468eq03e38l9fo&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=Bwh7_Ef0YnNP23AMV1eDZ13nt_fq7-cnen-N6raVIrFJsoqhq9wiEvUzv1mnNX0Sce8mxyTjKzDQp3_t1K3ZS8giptozW6vrFUeTlJglXezCTl4uxUuVNrDnAqROF-35koaE1MP-_LyBseCyFyVnvRW1IsauGZQWH3ZqJ_-3TmsAW1U7h5pb0erLZDkzMoIJ0doKziANa5foZ-qJ-KeEeR5T284Zp1ktCm79EgNpSlM-gBIZAJa24MctB3yM4OGu3AWe6CKNMdY5NCBzcSZ1FhBcmSGfu-xH66l5-lIUje9P7N8etNANCbfmf0k_UgSoolOpQyaFDOt-YMhkrk27y2t33tCSXjiRtUs2hbqDZKsXxw-9nHLThorFNjqmfO8pYOaWJYqCOiuexrRD0ntJx1nPler7qOM_JXi62bo9doNM7Fx-KuPz5uOk0QPls7xD0urUS35o0bR3L0TryByjgQQPNPkufrBa9QwUbXA-FGgNYI_7SD7_fXuLJnUAa1ulAttI65luw0oETBmB4ql1docXXTonUXx_JCh0ua4XuFw&lptoken=1765138794fb17df261b&s1=100783&s2=&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=wfoo0ku0rt468eq03e38l9fo
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:25:27 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9762
etag: W/"2622-5d4373ae366b9"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vM55vIU9E4YsscZb%2B4aroky34k3wd7e%2FFWn8%2Bifj9r%2FbI3N8ykfuzQe9BL4I1B4PcBH6FnuH6VTeKIb3hKuSrHIk4b78aB1%2Fb6JudU9gbGnsgomirEawozo69%2BOTz2Wu6%2BE6y3a1IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879404221cdd7128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|