| track.forcerevenue.com/click?pid=21306&offer_id=8585&sub1=we4m9sp07cind2m0jc6t5h7g&sub2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&sub3=&sub4=&sub5=10154 | 34.91.234.242 | 302 Found | 0 B |
URL User Request GET HTTP/2track.forcerevenue.com/click?pid=21306&offer_id=8585&sub1=we4m9sp07cind2m0jc6t5h7g&sub2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&sub3=&sub4=&sub5=10154 IP34.91.234.242:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerSectigo Limited Subjecttrack.forcerevenue.com Fingerprint0C:B6:BA:3A:A3:2F:03:09:B8:52:4E:38:D2:6D:05:8A:FC:4C:7E:55 ValidityFri, 22 Dec 2023 00:00:00 GMT - Sat, 21 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=21306&offer_id=8585&sub1=we4m9sp07cind2m0jc6t5h7g&sub2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&sub3=&sub4=&sub5=10154 HTTP/1.1
Host: track.forcerevenue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 10:38:49 GMT
content-length: 0
location: https://track.smart-tds.com/091b4fc4-a5ea-40c5-8784-0b8c533285a1?t1=21306&t2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&tag=6620f83960a7570001e8c65d
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6620f83960a7570001e8c65d; expires=Fri, 18 Apr 2025 10:38:49 GMT; secure; SameSite=None
afoffers={"8585":1713436729}; expires=Fri, 18 Apr 2025 10:38:49 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| track.smart-tds.com/091b4fc4-a5ea-40c5-8784-0b8c533285a1?t1=21306&t2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&tag=6620f83960a7570001e8c65d | 35.156.152.207 | 302 Found | 0 B |
URL User Request GET HTTP/2track.smart-tds.com/091b4fc4-a5ea-40c5-8784-0b8c533285a1?t1=21306&t2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&tag=6620f83960a7570001e8c65d IP35.156.152.207:443
CertificateIssuerLet's Encrypt Subjecttrack.smart-tds.com Fingerprint6D:A4:16:9B:9C:BD:51:73:F2:75:7D:1F:BF:80:89:F2:B9:F9:DF:57 ValidityFri, 15 Mar 2024 06:47:09 GMT - Thu, 13 Jun 2024 06:47:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /091b4fc4-a5ea-40c5-8784-0b8c533285a1?t1=21306&t2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&tag=6620f83960a7570001e8c65d HTTP/1.1
Host: track.smart-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 10:38:49 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
pragma: no-cache
set-cookie: 091b4fc4-a5ea-40c5-8784-0b8c533285a1-v4=m_XdeKKm5Wq6lOkPNNT-P4sIpfrLyAlueHrIcO5NDd4; Max-Age=86400; Expires=Fri, 19-Apr-2024 10:38:49 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=qg5yy%2BE%2Bt4TQqwlSbyT5hoES%2Fra2t5TfKPqVFgIA23YTu0XGRtquCBA0oFJZxj9VLRZxVrKhrpVHPSW0%2FqvJRBvFA8jUFDu6eA8289ChmO9RsmxTda5bj3yHj1lZvPjsgsap73zC03mUryqB7%2FIefQ%3D%3D; Max-Age=31536000; Expires=Fri, 18-Apr-2025 10:38:49 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce | 3.120.62.154 | 302 Found | 0 B |
URL User Request GET HTTP/2nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce IP3.120.62.154:443
CertificateIssuerLet's Encrypt Subjectnicking-unding.com FingerprintA5:CF:AA:AB:0F:1F:99:7E:6E:A6:E3:89:2E:FE:D4:A5:59:43:15:30 ValidityFri, 08 Mar 2024 07:04:05 GMT - Thu, 06 Jun 2024 07:04:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce HTTP/1.1
Host: nicking-unding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Thu, 18 Apr 2024 10:38:49 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
pragma: no-cache
set-cookie: c4b5ad04-8822-42c1-9db5-e9a49f15358b-v4=B5-BXbz6Pm9C6YQfTdqTlaN2MAAojzGcQQ1L-KeC3vI; Max-Age=86400; Expires=Fri, 19-Apr-2024 10:38:49 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=A-s86-UOeI7IAQF4QJAY7VBWk0StbrEoOPt2ax7ilXUO49rxU4el8dGonGQlC-CgmKsjOWB-lZZ221N__RGGMT0NBoUOUoLz4GV0aaBplBYi75gYPF-M--wgNZaYPpfEZT6LHEKDfRF6_WFp6WjBhAgbqEpIpEU3pFWS48PPlVC2HDi_41GQLlDEuNUGh3ap-lbt1kTDoqsXp3ALWBI1KDrdgMgVrfa9z33hKXW4tnRyR5tl-jGNzsPeXQ8seUDVEgvfNzRh7bEzrV_vxAzo_ECp8VreJizTI-7BnQ_FqYP2A1R37X6tIIenKv8drk2StQVHjmVxfcDVI8PzCABmMO9qn8X8XcEL8JQwG22vWA_ZQKqKaG2kn8iK_ly7KqMTosb668TrC60jEI8kQzY-1-YJVpYpSE0Qn9a_PRR7cIvBnCIXHsPVv3jmqgIxfR7lsUM7py7TJV0suMGKGGo3kQ8pPv-nXdEKogv4wHnSXTFeouYPS5KeZq6CcJEHwHsTSOUSaFix3DLu0muUGYtwqombqu0mPnz-monSRT_B5LFSs5hkJ65k9D0cbThy9XEU_kk24A7PefhMlJI0SYJMzs3UN8Dfpb7BrswWc8xq4pg; Max-Age=86400; Expires=Fri, 19-Apr-2024 10:38:49 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/Tlogo.png | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/Tlogo.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 334 x 172, 8-bit/color RGBA, non-interlaced Hashcf052695dcfea41b32891c6fe0db704a 04666c7589d5f76d4d83b25180be153c74fa12c4 b0323f64bf0cf04da9f58a4b09142954f6d7843dfb037826aca05125c1590e45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/Tlogo.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 20691
last-modified: Tue, 28 Dec 2021 16:22:49 GMT
etag: "50d3-5d4373b7c4c11"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SN6A4VjLqr%2Fiii%2FRDMdzlxsqdtxIO9EgNRrUCZul9vms6D5E5x8H%2BzrDpYxTYa6zjT%2FQLae32C3FoBhkEuKt7W5xsY%2FEsn3m7z8uQepjtSIroK9o46t27nq0njEahlv%2BngeMjXzEJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070cdcac1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/04.gif | 188.114.96.1 | 200 OK | 388 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/04.gif IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeGIF image data, version 89a, 312 x 312 Size388 kB (388375 bytes) Hashf8db03d9bf7a637a23362df0914aabfc 5828fb6a2ca814a2aa7db0f0c6f8ff61561a5ac3 8618a596b8ff121219334e7680e60691712f054bec2c7d3ed28c1381e28c01b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/04.gif HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/gif
content-length: 388375
last-modified: Tue, 28 Dec 2021 16:22:59 GMT
etag: "5ed17-5d4373c0d22df"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2h%2BYFZS3pbel6hjpVeTiq8UtOGfKegepDoBkzp4G52S%2B1l5%2BEEO1r%2BJDvkzmuluGV7d7BwR%2Fzcjuvk6B6DS8770aZtdV4uyEN2CI36Yp2MVWq7xTCOqYwFFmz6q1gqkNs1zV%2BgC4SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070cdcae1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_1.png | 188.114.96.1 | 200 OK | 48 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_1.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hashc37b1d71b49a4c8f8bf645d045f16985 548f445b73a87ed311986b78ad30ae585eb94d32 0940f506ad7a63a87d4094ed8982c9ced20a40f80968a8d60c413d9b5ecab79e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 47972
last-modified: Tue, 28 Dec 2021 16:22:50 GMT
etag: "bb64-5d4373b8b8e63"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9AFWGYnYUrhj9PC32wFoYoBLTZDFTl6MBdz7VU%2FoECeILgmAgRO2peS4yWgPo07rSnIf%2BndnNe4q0veOIEe9WCmcrNMiErGk5AcVrIQ%2BTOtfErtvr%2FK%2FQEEbWLTOYDHxRuU2p3oFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070cdcb11c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_2.png | 188.114.96.1 | 200 OK | 56 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_2.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash0d8f82b8f9aa4d840b186f45c58be648 b756e6fa8803f25ac91ed0091be37bfcabd70a78 7c62140581382ceef8fdc3fef780f94d132d2758a22393aec252d65373d74d86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 55991
last-modified: Tue, 28 Dec 2021 16:22:52 GMT
etag: "dab7-5d4373ba99607"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4G4NC1UBa1MCTYMzDfWxmc2L%2B9ZMC2PunqUH%2BEb7zkRkWCxKa1bj%2FHYYy8%2FLMrhXoa4ELU9st05j1Y2dNxqQyT1MBaAoe8eFvE5L6NWbtGib%2F1p5j3517DMq%2FDtTVf1yqGu9JU0GSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070cdcb41c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_3.png | 188.114.96.1 | 200 OK | 40 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_3.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hashb4c70525d55d14c65478b0f8b9c9954e 31e2063dc95f3d6a9995b76d382880f567246803 6f3f1d4003323a7f9135232b8cdca5f2cfde0e6b9b2988255c41a97c7b6fd163
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 40337
last-modified: Tue, 28 Dec 2021 16:22:51 GMT
etag: "9d91-5d4373b9830d2"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iCaYcUIJGNt1AGL5JEmoX5Fd2c7buJGgDI3Kp7Ivd6RsCPgUcGxO3RhDnybk3O4dubdZJv%2FgtP%2B1sdJ%2FQ69h3E7asTyDnnXe4H2lAmc6qemUce1bhzWIiM8tLrYziD2YmzN%2F4dYu5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d1cf01c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_4.png | 188.114.96.1 | 200 OK | 60 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_4.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash746ac82d1374f51b4ceae516f69ab6ad e3a378690b02af5732f3569ea71e00e666c46f1b a44f12838759e2055800c0642603be1085c5120d6f5df276c2e0e87210e0b8ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 59759
last-modified: Tue, 28 Dec 2021 16:22:56 GMT
etag: "e96f-5d4373bddf486"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CsWU2Tu%2BEmFh07QIrOF%2BsfwFMgzEYpbSimoP4IDrFP1FWlZ2xS%2B9BvUQ3kfT%2BOflqvYv0G5EjAELPSypQr2%2BSQcmeRDd4yHNf6SGVi6ixgh5CRV3lkMGIzRHOQbDasek%2F3FXpABTvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d1cf41c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_5.png | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_5.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash621fa434f53e05bdff2819eaf6e5c9ed 1aa94b820cd55a353a569e8cb4b5302c784a6ae7 10309b3258647bc6866587d6bca464cc6619b5c54187c27116ff6f74b9edcf61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 54413
last-modified: Tue, 28 Dec 2021 16:22:43 GMT
etag: "d48d-5d4373b18fdba"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mGhpfFv3A1PuTQKU69zUg1KwFkBvuJtkDZK7%2BNTqR%2BPbWIfBAdsO5vOxlhzTKffv9TaZyCvhnUI11mocKv5VmYohKsRQvJ3xlSjVCt1s8Ef4LNtZmY7Fdc%2BwPLQuWp0K0qyXVEBcxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2d031c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_5.png | 188.114.96.1 | 200 OK | 51 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_5.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash9407b587b816571fef24ea488fb29138 f7cc0874ccb7c8199fc2a078b507cb7497369c91 db27f7041801043061be15117bf82104786d53d8c3fcdd3165270efb87110f01
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 50867
last-modified: Tue, 28 Dec 2021 16:22:54 GMT
etag: "c6b3-5d4373bc338a6"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j5XLERsSCpLMKMOKmjMGUtSbT46sFuaAnXy3tsMWea2ANkhvlOBPjhkGUrfVJ8YDFK%2BERxviy3rH33NogVG3lP2JXP179EmcYCwq85aq5Cp40%2B0v%2B%2BBudJO3Hs8Q7G6IOk4Qc2rwKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d1cf61c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_1.png | 188.114.96.1 | 200 OK | 58 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_1.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash63f74d7c97a74239d43d4418803b345a 2855449c3a816dfa892b75ce3b6a1415da740fec a988dba1586aa8826577d9320678d3855d0d9d2e981d1073dd56b91a3859e3fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 57903
last-modified: Tue, 28 Dec 2021 16:22:46 GMT
etag: "e22f-5d4373b4201eb"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dm%2FIyTg5iPxPxXaOR1uajZ9UwTsJO4wXcCXBCNQ8AM0scjf1%2B9fUmqE1ueW1k0YJimNkJXCLdrHbu8qhMnZ%2BMNorMFCk4ouW%2B15dw2RmnePu2qG8RoMTEiY7Rq0DwMv66G2uiDes2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2cf71c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_2.png | 188.114.96.1 | 200 OK | 50 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_2.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash431679c0fdd060aeef69f2b8beec4169 0c7f0ef489e5e752c814420165bbd3941cb3fd70 ecee803291f0a56f17cbefc5c561f32d277226d4a25f331371109bdc0e1e27df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 49466
last-modified: Tue, 28 Dec 2021 16:22:45 GMT
etag: "c13a-5d4373b36d67e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FmZl7CVvhyod5DbZFJUY8Aj4%2B6zxwkc0rH79hK3uwnxoO%2BbG3QVjovsDHi8FBs67EFoly4qMevSkYjivGvLRbldx5b8kBGkx%2Fd5P7ho1%2B%2BWG8g61z9Bd34dBLFimrQ6zs9BQRzJtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2cfa1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_3.png | 188.114.96.1 | 200 OK | 51 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_3.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hashb44d52f1628ccbe49dea725a18667d74 80aacb07a91269756340ccfed0480ead57c6d54f 0057b6d4f57ea0dabd771f6358f10a231ae805436ee6fc6850a02135e8f13532
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 51413
last-modified: Tue, 28 Dec 2021 16:22:44 GMT
etag: "c8d5-5d4373b2d8f72"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tXZ9pRN6o%2BrjnzKAx4ggdUEQpPmKSkhkufwVQ9TZf%2FabMZ4qYmBXKgiaOAjQ43kPE6tHJh%2ByCb13cURVdIBU2ly7aiD3MTY96TWXDDjlu0BAJO1uSf5irgr%2Ff4GwBUx0Cmj7ZOwPDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2cfd1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_4.png | 188.114.96.1 | 200 OK | 55 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_4.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash4dfe1a0253a15cd22e57b3eaab9116d2 8aa46e3d35632187a70e396c688293f6d7e688f4 62cc8f8b8dedacb8754b1ce93bc479ca3f6ae6246257928a4a0e1e0a281cf4a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 55219
last-modified: Tue, 28 Dec 2021 16:22:43 GMT
etag: "d7b3-5d4373b1dd01f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJr1NqvkFP3zWMdOPCAygqkNAuplrWj5zQZwwlGFpX9XlH0xHwD6kx%2Bqpwo36voaljPek6t5MrlSm%2BeherX3uREzu8bBoVv8cCd2OMLA%2FYeU9J4eGUVWh%2BIeSTjDsa%2Bdq%2BG0GlwdRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2d011c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_1.png | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_1.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash37059e26c56db6eca0b25465101d4855 6540eb900095769de1a2e71516a48e54cd8173e1 cfc4151b42a93abddb3885a5d907ad7cf486149ec615e1c107759629c12cd49e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 54337
last-modified: Tue, 28 Dec 2021 16:22:48 GMT
etag: "d441-5d4373b620d31"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CoKNRetlYbWdszZjmFGDBroqAxWG3%2Bq4U3dNhAZtU5uTQteQaZVMHAL2e6fLGQJpaVfx8V4wr8NnteudTxP2fbFfBKdkbd9%2FgmZRhbqAw9ZAEGSRgnGZ%2BER4QGRJmlGbf%2BfOyBjojA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2d051c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_2.png | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_2.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash01769e8254253553da95a9280b5a6527 7e586cd317b68b14984106d1f17089302b97d6ec 8d20fec6e5cd6640741ebcc46609813b2e10e0fdba6757f6b2c0e56d7fea3e43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 53970
last-modified: Tue, 28 Dec 2021 16:22:50 GMT
etag: "d2d2-5d4373b7f0b34"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZGgx9kwZOlxdOajN6QVmA8CEraDfqXAfNjU3rtG089h0Fkj1RuuMxMUSAl2y1NOWAeCtv0mS8WTqmdEurbsVKN94Pj7pNQ8AagDNLuqoQkN5QbvyY7JrpeApySS%2FhqITEga7P7ktEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2d071c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_3.png | 188.114.96.1 | 200 OK | 53 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_3.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash1c3a2dc3681b3e447263e8790608e334 74e77a8638a881d11f88af4b8733cb00dbb9d8bd 6c2bba41d4aea31e90741e2fa84107439011bd56963033734159d8c7f46d895b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 53318
last-modified: Tue, 28 Dec 2021 16:22:48 GMT
etag: "d046-5d4373b6d28ff"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7fR29r5jXVQAVw33nSo5GoCIukdy6kjk%2Fjud9DvZro331nlSlthCcKbiKtdto%2F3KJVq0KqlpPZHv09MTtJL%2F%2BQ3iaz5FPCJHq%2FqSyQT6vKwdscNtU18zSCjdP%2FDFR3DEGh6moKMexQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2d091c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_4.png | 188.114.96.1 | 200 OK | 60 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_4.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash475389ca94897a28dafcc0f92631094f d94dcab07cfdec16972a14c61d534a15ca8cb556 956dd0bba9897c9997c3f22604a603594342775cdd1aac6d1aea790f43f96b33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 59693
last-modified: Tue, 28 Dec 2021 16:22:47 GMT
etag: "e92d-5d4373b536720"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hl6lZ6%2FqOuSz8eNAE8EScuWu3RQIR1hK6wg9GtOVHPiYC4qYHN6kgqc6Neb55Ra9bTrmPBwhYltOMgRZr5MESWyWqCGT6S34Cqql1V1tF6mTGmLWyoFMBrkXB1oAyBwV1Zc%2FoOnruA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2d0a1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_5.png | 188.114.96.1 | 200 OK | 45 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_5.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash8c046ad61659ad83f18fb2d5349f274e 53526b692ba5ea4f318cae71cacdf7c7efb4712a ac10817ac054c59733bd84b6c232b47e463b8557c479f534f3fbc609fdfd6314
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 45353
last-modified: Tue, 28 Dec 2021 16:22:47 GMT
etag: "b129-5d4373b57ace5"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxbDammb4URPmjvcP%2BE%2BVzWo5jjCEm%2FL2Nv3C6R5aLpWBx1CuwBh2nVlJynm0iSm4wSSH4I4f1GYpWe4b9BZv671Yv%2BtFDMtiARmZSFIFEPbPRsNdxsfm9B2gQoziIPkXFOGrUof6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070d2d0b1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg1.jpg | 188.114.96.1 | 200 OK | 64 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg1.jpg IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3 Hasha6c153fab3849ec0e3ba73f645433aec f3747bf682252fef7befdf2870f19e16c6d4f77f 33215a1515c319a23598b30fea546e10dcb8cca455b42e20d8aa5e2eebd73bde
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/bg1.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/jpeg
content-length: 64359
last-modified: Tue, 28 Dec 2021 16:22:54 GMT
etag: "fb67-5d4373bbc147e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ArzPU%2FPPc7UzQ%2Bh0mFHTIJKFB%2BF5MYDgIv3NAXQ1YyqjVflXS%2BEgoDN6zXPJ3SV%2FEwoapWGET00yTzvWep%2B%2FEJpEMkeOO1foX6vS6WrgqL%2BPaZbG3Gs4%2BwwDG6Aw%2FJBMPMXfDHoCWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070dfdcd1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg2.jpg | 188.114.96.1 | 200 OK | 51 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg2.jpg IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3 Hash37832c21ce4b202719cd33b6db45028b a363710e7567d46202dd73b0761c46993bf68dca 431f71eb5f7842de8711739f0833a4c30e46ba8831dc8b209634ad48544b595d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/bg2.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/jpeg
content-length: 50733
last-modified: Tue, 28 Dec 2021 16:22:55 GMT
etag: "c62d-5d4373bd47e9b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YzaY%2B5Hwa63n6BSQWGaqhFQ9MAKDHYJgx9tuSFMud9U%2Fr2n37CIiTIIdx96OZmau3Oc03%2FbWWvZngFTcWISza2WcFubx8ogXHqhbZ9caQ5KJRhYayX7ErQRPuljUCUPxVbghJqov0w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070dfdcf1c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg3.jpg | 188.114.96.1 | 200 OK | 56 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg3.jpg IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3 Hash4e2d83c4bf79c1e4c84aefc33a382f31 ffab591ef8385e851d2c17feeba2b2a22eeb6d12 e05a0702af3ef4e8d37e6c491e1478e0416cbdfc404fa5da52d135b4b8e04234
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/bg3.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/jpeg
content-length: 56408
last-modified: Tue, 28 Dec 2021 16:22:55 GMT
etag: "dc58-5d4373bcc6071"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CwTt166yez9bQrfWGPc%2BEwbrJuB90oBcmLEi1C6Bcgee9MdtTX3YjfklWz9UtHriWl%2FzJSQMGWN4jQZHZVKfmkj8iTdLbXSwkDtB%2FZLdKSYpei34FPYMGCgeXdbYQ8dzD5s8oRdqBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070dfdd21c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/blob.png | 188.114.96.1 | 200 OK | 23 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/blob.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 583 x 428, 8-bit/color RGBA, non-interlaced Hash5571d30924ae123918e9a192bdab268d 8456f8812e7f2a74b82c849a954c682e92dd8631 31cf63bfb1030bb5d36c6a84a8c5df57081e23481bde6f9fcb1ad78ccfea045b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/blob.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/png
content-length: 23169
last-modified: Tue, 28 Dec 2021 16:22:52 GMT
etag: "5a81-5d4373b9f455b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bRWnPoh4tzOFV1Kc36eBhybTeC0FR3FGdW%2BkP4PeRJurtaMxGR%2FHswKxeIrLExb2rhNMPaCkHfOKPigf8o3h2gwU24eIPHyOrrnKTOAv%2F%2F1xpwFlOXmi%2BYUuhD50mAdT%2Bl%2FqGs53cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070e4e111c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-W62P37M | 142.250.74.40 | 200 OK | 82 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-W62P37M IP142.250.74.40:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com FingerprintBF:40:8C:8B:CB:69:1E:3F:E2:3B:B7:8A:8E:C0:D6:98:5F:81:FA:2D ValidityMon, 04 Mar 2024 06:35:45 GMT - Mon, 27 May 2024 06:35:44 GMT
File typeJavaScript source, ASCII text, with very long lines (39202) Hash6ed06da68d02bfdb8e7e0db3b7815556 c4e685dc23591d4f6b5144e3b81815664dbb7930 6858899ca0bdd44759c7d0b68e9e6f6fdedc9149115266a69720ab310dbed937
GET /gtm.js?id=GTM-W62P37M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 18 Apr 2024 10:38:50 GMT
expires: Thu, 18 Apr 2024 10:38:50 GMT
cache-control: private, max-age=900
last-modified: Thu, 18 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 82536
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.onesignal.com/sdks/OneSignalSDK.js | 104.17.111.223 | 200 OK | 12 kB |
URL GET HTTP/2cdn.onesignal.com/sdks/OneSignalSDK.js IP104.17.111.223:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectonesignal.com Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70 ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT
File typeJavaScript source, ASCII text, with very long lines (9163) Hasha87c48d211877c49b878679b2e3cdab8 e75653dd0156806682e39abe8b1323ed40d840ca 4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: application/javascript
etag: W/"a87c48d211877c49b878679b2e3cdab8"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1884
expires: Sun, 21 Apr 2024 10:38:50 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
set-cookie: __cf_bm=bzNPWFoSYDftuV.bUBNSeGCnSVb3Ja8AH2AP7dRonAM-1713436730-1.0.1.1-pw7LdBVfoliYeG3g1.qr3uG3MAaZSXfuH6cQOXtRNH2wn8jL0.9khDrcC3rxbeTxT8kf2kWuQ15c3w.gtn_HJg; path=/; expires=Thu, 18-Apr-24 11:08:50 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
_cfuvid=MY4i7xy9znr8MtwSANRTV3PW50TKYRRm0WrYqv2heXo-1713436730934-0.0.1.1-604800000; path=/; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 876407104d4256bf-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/favicon.ico | 188.114.96.1 | 200 OK | 8.4 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/favicon.ico IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash38722a803b73dd1871a3d8a19db44d2f 3379960a2c6611bfefcb39e662198d6df322e12d 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/favicon.ico HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: image/x-icon
last-modified: Tue, 28 Dec 2021 16:22:44 GMT
etag: W/"47e-5d4373b23ac27"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NdcJr5dr6rMIiOkG6cEbcXrvt7PqCzFqDAsupzt1Rl135isflIriKFHgqFdRlViwgC0O6htl4v%2FiIwwg5nzecu4te%2B2ABxloHFRIZ6pPEvu1jnQrx%2Bst6FAbHbBhJXaRuHhdVE2VxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8764070f6f381c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjQwMDY5MzQ0MzYzMDAxMzclMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc3VhbC1mbGlydC1odWIuY29tJTJGMCUyRm5vJTJGTk9fZnVsbHBhZ2UtdGlrXzI4MTIyMDIxJTJGJTNGbGFuZGVyJTNEYjEwMTY4MTktMTJmMS00NTgxLTkzMjUtYmMyYjY0NTRjNDY1JTI2Y2xpY2tpZCUzRHczc2oyMTY4aHExMWYybTBqNW9lcHVjZSUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzAzOCUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEYmZzMTVlY21iVkx4ZmpJTW1acFBVRGtTR3NsTHdqMGdDLXJOR0piQzBsSDdwVncwMjJyZnVEbjQ1RnJja3FpZE1sWEZyRkZzc2J2M1N2WHhjUktBYWswUUpObEJuOVJDd3ZSa1g0OEhaVkZyN3hwcEQyYUltd3lNeUtKQzZQRXZHY0diWU9xNU8yelV1OUxOUHN2TGxIRDRBYTMwaFczalBMdjdlbW1HUUF2WGw2aGRKRkhjMlJ4dXNDN0l6SGFGQU9ZLWFEVmtLZzRhOWNBLW43UjZ3OGVacVF1R3EwbFFRalpXT2IxQjBJOVlmaXl0WXg2cGJpT1JHSEc2VXU5RFBFU2dXX184Y3RZWHV2dE53T0x4S195OVVRVjJPaUx4R0duYmoxQ0taUmJHNnM1WlBxY2paX3JsT1p5SWl6U1RSSnVVX1Atd3lpUXJwOVlZQjVELV9ZLUxNcTB0YlhuRk5jVDZIVl9FemJHRURGZUd0Mlc3TlJFNEFMMlF0bkEtb2c4ekF0Q3J1TlAyV2FhSzNBaVU1RWRFWDJTZmRXV1RjbEhlZmpkbENUU2t3Vk5EaU01ZkVNeEVDX0drM0NvRW5PUnFRNTV1dlVkLW14NDBpNDcwdWRIcjViV0pDQ2ROYjctaG13bmV1M3p6eVNyLWZKVmNZYm41NTBiX09RbU1wUGl3VHdqdjZqNi1IQ3M1SFlkbFBmdzBYMnRjZUU1SVpXdDVoMmRZc0x0LWw2a1FRNW9QVk1DWFlMbFExU0VjN0V4WlUyS0IyS09sMUFYU2xzUFNCdHVvNWtRcXMzczRwbE13OHItZUV1SSUyNmxwdG9rZW4lM0QxNzFkMTM5YzQzNWY4NThjMjk0ZCUyNnMxJTNEMjEzMDYlMjZzMiUzRDQyZWEwY2I0LTFmZjYtNDIyZS05OTQzLTlhODcyMzhmZDZhMiUyNnMzJTNEJTI2czQlM0QlMjZzNSUzRCUyNnM2JTNEJTI2czclM0QlMjZrcyUzRDMwMzglMjZjb3N0JTNEJTI2dGFnJTNEdzNzajIxNjhocTExZjJtMGo1b2VwdWNlJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== | 188.114.96.1 | 200 OK | 4.9 kB |
URL GET HTTP/3casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjQwMDY5MzQ0MzYzMDAxMzclMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc3VhbC1mbGlydC1odWIuY29tJTJGMCUyRm5vJTJGTk9fZnVsbHBhZ2UtdGlrXzI4MTIyMDIxJTJGJTNGbGFuZGVyJTNEYjEwMTY4MTktMTJmMS00NTgxLTkzMjUtYmMyYjY0NTRjNDY1JTI2Y2xpY2tpZCUzRHczc2oyMTY4aHExMWYybTBqNW9lcHVjZSUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzAzOCUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEYmZzMTVlY21iVkx4ZmpJTW1acFBVRGtTR3NsTHdqMGdDLXJOR0piQzBsSDdwVncwMjJyZnVEbjQ1RnJja3FpZE1sWEZyRkZzc2J2M1N2WHhjUktBYWswUUpObEJuOVJDd3ZSa1g0OEhaVkZyN3hwcEQyYUltd3lNeUtKQzZQRXZHY0diWU9xNU8yelV1OUxOUHN2TGxIRDRBYTMwaFczalBMdjdlbW1HUUF2WGw2aGRKRkhjMlJ4dXNDN0l6SGFGQU9ZLWFEVmtLZzRhOWNBLW43UjZ3OGVacVF1R3EwbFFRalpXT2IxQjBJOVlmaXl0WXg2cGJpT1JHSEc2VXU5RFBFU2dXX184Y3RZWHV2dE53T0x4S195OVVRVjJPaUx4R0duYmoxQ0taUmJHNnM1WlBxY2paX3JsT1p5SWl6U1RSSnVVX1Atd3lpUXJwOVlZQjVELV9ZLUxNcTB0YlhuRk5jVDZIVl9FemJHRURGZUd0Mlc3TlJFNEFMMlF0bkEtb2c4ekF0Q3J1TlAyV2FhSzNBaVU1RWRFWDJTZmRXV1RjbEhlZmpkbENUU2t3Vk5EaU01ZkVNeEVDX0drM0NvRW5PUnFRNTV1dlVkLW14NDBpNDcwdWRIcjViV0pDQ2ROYjctaG13bmV1M3p6eVNyLWZKVmNZYm41NTBiX09RbU1wUGl3VHdqdjZqNi1IQ3M1SFlkbFBmdzBYMnRjZUU1SVpXdDVoMmRZc0x0LWw2a1FRNW9QVk1DWFlMbFExU0VjN0V4WlUyS0IyS09sMUFYU2xzUFNCdHVvNWtRcXMzczRwbE13OHItZUV1SSUyNmxwdG9rZW4lM0QxNzFkMTM5YzQzNWY4NThjMjk0ZCUyNnMxJTNEMjEzMDYlMjZzMiUzRDQyZWEwY2I0LTFmZjYtNDIyZS05OTQzLTlhODcyMzhmZDZhMiUyNnMzJTNEJTI2czQlM0QlMjZzNSUzRCUyNnM2JTNEJTI2czclM0QlMjZrcyUzRDMwMzglMjZjb3N0JTNEJTI2dGFnJTNEdzNzajIxNjhocTExZjJtMGo1b2VwdWNlJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJavaScript source, ASCII text, with very long lines (5029), with no line terminators Hash307d0c7668cfeabd5959ad01d0961ff0 7c3b0c7d33ecf016f12e669ea45f6ac4b40da14b 2d94e9c0d32dfc37a2c54a02d575d8f1c2861b09d734589257d19efcfa8c1eb0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjQwMDY5MzQ0MzYzMDAxMzclMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc3VhbC1mbGlydC1odWIuY29tJTJGMCUyRm5vJTJGTk9fZnVsbHBhZ2UtdGlrXzI4MTIyMDIxJTJGJTNGbGFuZGVyJTNEYjEwMTY4MTktMTJmMS00NTgxLTkzMjUtYmMyYjY0NTRjNDY1JTI2Y2xpY2tpZCUzRHczc2oyMTY4aHExMWYybTBqNW9lcHVjZSUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzAzOCUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEYmZzMTVlY21iVkx4ZmpJTW1acFBVRGtTR3NsTHdqMGdDLXJOR0piQzBsSDdwVncwMjJyZnVEbjQ1RnJja3FpZE1sWEZyRkZzc2J2M1N2WHhjUktBYWswUUpObEJuOVJDd3ZSa1g0OEhaVkZyN3hwcEQyYUltd3lNeUtKQzZQRXZHY0diWU9xNU8yelV1OUxOUHN2TGxIRDRBYTMwaFczalBMdjdlbW1HUUF2WGw2aGRKRkhjMlJ4dXNDN0l6SGFGQU9ZLWFEVmtLZzRhOWNBLW43UjZ3OGVacVF1R3EwbFFRalpXT2IxQjBJOVlmaXl0WXg2cGJpT1JHSEc2VXU5RFBFU2dXX184Y3RZWHV2dE53T0x4S195OVVRVjJPaUx4R0duYmoxQ0taUmJHNnM1WlBxY2paX3JsT1p5SWl6U1RSSnVVX1Atd3lpUXJwOVlZQjVELV9ZLUxNcTB0YlhuRk5jVDZIVl9FemJHRURGZUd0Mlc3TlJFNEFMMlF0bkEtb2c4ekF0Q3J1TlAyV2FhSzNBaVU1RWRFWDJTZmRXV1RjbEhlZmpkbENUU2t3Vk5EaU01ZkVNeEVDX0drM0NvRW5PUnFRNTV1dlVkLW14NDBpNDcwdWRIcjViV0pDQ2ROYjctaG13bmV1M3p6eVNyLWZKVmNZYm41NTBiX09RbU1wUGl3VHdqdjZqNi1IQ3M1SFlkbFBmdzBYMnRjZUU1SVpXdDVoMmRZc0x0LWw2a1FRNW9QVk1DWFlMbFExU0VjN0V4WlUyS0IyS09sMUFYU2xzUFNCdHVvNWtRcXMzczRwbE13OHItZUV1SSUyNmxwdG9rZW4lM0QxNzFkMTM5YzQzNWY4NThjMjk0ZCUyNnMxJTNEMjEzMDYlMjZzMiUzRDQyZWEwY2I0LTFmZjYtNDIyZS05OTQzLTlhODcyMzhmZDZhMiUyNnMzJTNEJTI2czQlM0QlMjZzNSUzRCUyNnM2JTNEJTI2czclM0QlMjZrcyUzRDMwMzglMjZjb3N0JTNEJTI2dGFnJTNEdzNzajIxNjhocTExZjJtMGo1b2VwdWNlJTIyJTJDJTIyciUyMiUzQSUyMiUyMiUyQyUyMmslMjIlM0EyNCUyQyUyMm4lMjIlM0ElMjJVVEYtOCUyMiUyQyUyMm8lMjIlM0EwJTJDJTIycSUyMiUzQSU1QiU1RCU3RA== HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casual-flirt-hub.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://casual-flirt-hub.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-max-age: 600
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ux9sDjEjCeq6SGaFR%2BQ%2Bjk%2B6OOUgNmeo0u96uqOiAIgG9IpZ2gfZ4nvGNujaVwguil9zLmzZ5%2BMpl0nadZd39BYtGz5kj2a36FevIiM38aIuumj1a6hZ8Hs0nbgOyQxl5NpsiYObzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764070e9e661c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 | 188.114.96.1 | 404 Not Found | 371 B |
URL GET HTTP/3casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, ASCII text, with very long lines (386), with no line terminators Hashee38251b54e4a0a06ddf5b91e8338c17 7ac6a8c5c99acc67beb6ba6a44b8f004736b7c6f f177fb69c123c5d7ab569cf61efe23fcdf9c4149018640699fd87821ea751b74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NxmEWxuTAtNrEG6As6fxXbm6nbRgaVw%2BU80hsj2tQJpl4%2Fgso9%2BzGcHg8%2FrIDpjTVBX3h016Ih1ME6e2voR9PjzlPOqP7seAKbYK78ZrGSyKSBxLSrJHX0MqLuivMvEfc6Yiwaz59A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764070e4e141c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 | 188.114.96.1 | 404 Not Found | 371 B |
URL GET HTTP/3casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, ASCII text, with very long lines (386), with no line terminators Hashee38251b54e4a0a06ddf5b91e8338c17 7ac6a8c5c99acc67beb6ba6a44b8f004736b7c6f f177fb69c123c5d7ab569cf61efe23fcdf9c4149018640699fd87821ea751b74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4jHG3sVvPY%2BfTse%2BI8e635ZbupsEI20Oq1sI8r%2FhLQu0XRBV0f98JewfP6pxITtrwxuMVCPZnw%2BQf4p30Ru3YHzzk5HjQqXXsMo86BAnN7Yr945EBl%2BDlylmBNWW9KZLofl%2Bk8zwhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764070e4e151c16-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce | 188.114.96.1 | 200 OK | 21 kB |
URL User Request GET HTTP/2casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: text/html
cf-ray: 8764070b3c64568a-OSL
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Dec 2021 16:22:36 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmgxC4xbMxiHSZr49EZtZNvHVaaiFB0S536a2y8cq2VpVGSDUN%2Fmq%2B6Ebl%2BJqKFP00AflNYg8PifNeptmEcxTGatRYWu%2BYCV7E0XsORNRf7eu%2B%2B79Am4I8YTRwLp5kexvCPCDQr%2Bog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css | 188.114.96.1 | 200 OK | 9.2 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeASCII text, with very long lines (9233), with no line terminators Hash26a4c2ca32b70017b7203fde81bed3a9 3c1d00c858ab49a30013c747b9faafbcdf84a063 cd3123418fc2ff36cbfa763593f84385bc0592d22a8eb9a9f5356519f00ef717
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/css/style.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=14510
etag: W/"38ae-5d4373ae27c58"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F0H%2FBEMeXQIP5fKa0YoIn%2FD5er6ywioRnFvOEALd%2Bz4rMYgJsi34v14dhqQncd1cC3OLnR3Brfgd37mjdqjeM5h5wy5YQT%2FIqNg%2BPJ3UYKca2DGT%2FyQE%2Bt4wyB8JojBAlEdMju4%2Ftw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764070cdc9f1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css | 188.114.96.1 | 200 OK | 8.1 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeASCII text, with very long lines (8122), with no line terminators Hash123176116c749f7de8c66d3d54365989 c885d077360d7029e39eac8c340a4e7cc4e3012c 6d86148ecc48ad67e1a750e5f367009b7f6da2c18596092662b4b4413aad57f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/css/css.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9762
etag: W/"2622-5d4373ae366b9"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sBf0L2Gw67OMUJ%2B0NbYgNpvuU7yaS2sEgn4VdtF5IrOxFl0qA9%2BHyOg0yPvGlnNQs0Mg8JTYrwg%2BgFI8uVDK9dqf9W1YiJasFxj%2BsxgER%2BXkQSbHITy3KZbIGOSmrofenk5lp2l7%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764070cdca51c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js | 188.114.96.1 | 200 OK | 90 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Dec 2021 16:23:02 GMT
etag: W/"15d84-5d4373c3684d1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=14xeDFX33Wv5o7E1rlirQbeywiN3i%2F2ucajFD6ojH8L3Uw0GG3wvQqlJYt4wNhdUfSAMJZB7LcNxmqLw9zumjGG10GTFaQzgyIci94kKJifejCY8zgLOtj%2BF7uzK8QQ%2Fq2hh9MIkQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764070cdcaa1c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 | 188.114.96.1 | 404 Not Found | 371 B |
URL GET HTTP/3casual-flirt-hub.com/0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w3sj2168hq11f2m0j5oepuce&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3038&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bfs15ecmbVLxfjIMmZpPUDkSGslLwj0gC-rNGJbC0lH7pVw022rfuDn45FrckqidMlXFrFFssbv3SvXxcRKAak0QJNlBn9RCwvRkX48HZVFr7xppD2aImwyMyKJC6PEvGcGbYOq5O2zUu9LNPsvLlHD4Aa30hW3jPLv7emmGQAvXl6hdJFHc2RxusC7IzHaFAOY-aDVkKg4a9cA-n7R6w8eZqQuGq0lQQjZWOb1B0I9YfiytYx6pbiORGHG6Uu9DPESgW__8ctYXuvtNwOLxK_y9UQV2OiLxGGnbj1CKZRbG6s5ZPqcjZ_rlOZyIizSTRJuU_P-wyiQrp9YYB5D-_Y-LMq0tbXnFNcT6HV_EzbGEDFeGt2W7NRE4AL2QtnA-og8zAtCruNP2WaaK3AiU5EdEX2SfdWWTclHefjdlCTSkwVNDiM5fEMxEC_Gk3CoEnORqQ55uvUd-mx40i470udHr5bWJCCdNb7-hmwneu3zzySr-fJVcYbn550b_OQmMpPiwTwjv6j6-HCs5HYdlPfw0X2tceE5IZWt5h2dYsLt-l6kQQ5oPVMCXYLlQ1SEc7ExZU2KB2KOl1AXSlsPSBtuo5kQqs3s4plMw8r-eEuI&lptoken=171d139c435f858c294d&s1=21306&s2=42ea0cb4-1ff6-422e-9943-9a87238fd6a2&s3=&s4=&s5=&s6=&s7=&ks=3038&cost=&tag=w3sj2168hq11f2m0j5oepuce CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, ASCII text, with very long lines (386), with no line terminators Hashee38251b54e4a0a06ddf5b91e8338c17 7ac6a8c5c99acc67beb6ba6a44b8f004736b7c6f f177fb69c123c5d7ab569cf61efe23fcdf9c4149018640699fd87821ea751b74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 10:38:50 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dz77Xx6PDP7iZhmNVTS17fCDPCxUQhdmlJ8fYkPhsY6teHBVipYzmb%2BclJTDYwoO4PF2OKMXf1Q7a5J1Bmf%2BMM9kCZzvg%2F22qzmHgBncynu9Vp5ZHfBe98u1bj8FoGLS2B3Yht%2B%2FUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8764070dfdd41c16-OSL
alt-svc: h3=":443"; ma=86400
|
|