| ml.getlopers.com/a9426e39-0f88-4666-a964-d260412757d0?email=REPLACE&zoneid={%25cid%25}&source={%25utm_term|url|%25} | 143.204.55.11 | 302 Found | 0 B |
URL User Request GET HTTP/2ml.getlopers.com/a9426e39-0f88-4666-a964-d260412757d0?email=REPLACE&zoneid={%25cid%25}&source={%25utm_term|url|%25} IP143.204.55.11:443
CertificateIssuerAmazon Subjectml.getlopers.com Fingerprint55:89:DD:BE:52:B3:AA:9E:DF:02:7A:92:A1:AA:A7:9E:3F:6C:6C:B9 ValidityThu, 18 Apr 2024 00:00:00 GMT - Sat, 17 May 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /a9426e39-0f88-4666-a964-d260412757d0?email=REPLACE&zoneid={%25cid%25}&source={%25utm_term|url|%25} HTTP/1.1
Host: ml.getlopers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
content-length: 0
location: https://track.smart-tds.com/89335c26-1520-4e03-a754-0984e3f1cb1b?t1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&t2=a9426e39-0f88-4666-a964-d260412757d0&tag=wjc7pfjcnvqancq0j47m277m
date: Wed, 24 Apr 2024 04:57:53 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: a9426e39-0f88-4666-a964-d260412757d0-v4=rsNyvz1JgZTTe_J-1Tmio--r6bQvmHl0vGLvrXh_mdM; Max-Age=86400; Expires=Thu, 25-Apr-2024 04:57:53 GMT; Domain=ml.getlopers.com; Path=/; Secure; HttpOnly;SameSite=None
voluum-cid-v4=%7B%22cid%22%3A%22wjc7pfjcnvqancq0j47m277m%22%2C%22caid%22%3A%22a9426e39-0f88-4666-a964-d260412757d0%22%7D; Max-Age=31536000; Expires=Thu, 24-Apr-2025 04:57:53 GMT; Domain=ml.getlopers.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4jME87iMhkNSSaMFFFUAjc2yzw2uB3Qr-u_c4xrvyrocR5pHnX2Z5Q==
X-Firefox-Spdy: h2
|
|
| track.smart-tds.com/89335c26-1520-4e03-a754-0984e3f1cb1b?t1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&t2=a9426e39-0f88-4666-a964-d260412757d0&tag=wjc7pfjcnvqancq0j47m277m | 35.156.152.207 | 302 Found | 0 B |
URL User Request GET HTTP/2track.smart-tds.com/89335c26-1520-4e03-a754-0984e3f1cb1b?t1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&t2=a9426e39-0f88-4666-a964-d260412757d0&tag=wjc7pfjcnvqancq0j47m277m IP35.156.152.207:443
CertificateIssuerLet's Encrypt Subjecttrack.smart-tds.com Fingerprint6D:A4:16:9B:9C:BD:51:73:F2:75:7D:1F:BF:80:89:F2:B9:F9:DF:57 ValidityFri, 15 Mar 2024 06:47:09 GMT - Thu, 13 Jun 2024 06:47:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /89335c26-1520-4e03-a754-0984e3f1cb1b?t1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&t2=a9426e39-0f88-4666-a964-d260412757d0&tag=wjc7pfjcnvqancq0j47m277m HTTP/1.1
Host: track.smart-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 04:57:53 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
pragma: no-cache
set-cookie: 89335c26-1520-4e03-a754-0984e3f1cb1b-v4=xiSkbNUsex51V9Ef3tSvAo3oIkZZUN1W-gGJw3P6TBA; Max-Age=86400; Expires=Thu, 25-Apr-2024 04:57:53 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=NM74oWtY%2Bj%2FObBG83xq9otA0iSuQHyaHcOZtHbSF3ZBFvfAQalrjr1vocJgSK6A8kThDeHufxCbLyuCvNwXaHQhDSHLmke7oq072CLtbWfvOS4uC%2B8FFhekucolabwrsHiwxZOeu3gsjGmpwhhhevw%3D%3D; Max-Age=31536000; Expires=Thu, 24-Apr-2025 04:57:53 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 | 3.120.62.154 | 302 Found | 0 B |
URL User Request GET HTTP/2nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 IP3.120.62.154:443
CertificateIssuerLet's Encrypt Subjectnicking-unding.com FingerprintA5:CF:AA:AB:0F:1F:99:7E:6E:A6:E3:89:2E:FE:D4:A5:59:43:15:30 ValidityFri, 08 Mar 2024 07:04:05 GMT - Thu, 06 Jun 2024 07:04:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 HTTP/1.1
Host: nicking-unding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 04:57:53 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
pragma: no-cache
set-cookie: c4b5ad04-8822-42c1-9db5-e9a49f15358b-v4=t5EWADftORhaSyL-gyHMNo63mr_2jHXTUgAdCGHI-70; Max-Age=86400; Expires=Thu, 25-Apr-2024 04:57:53 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=R332zKRmtX4YoR6FGKihYJATJyhT2rBr4dth0vEd4iUFpKZx10ZI7kLd5RikqPULQ3cBZ-Tc1_5x5ld-0PM-ijEavpwWQVHl0Tvh1B4kc1eIzKpwPhx5VbJ24TdzQ_RmBCx4PFpwl3DNejKvbWcsElRVUQ96tqLJrKSJDS86syg0gIj1r0YoMHRtyjiQv_93hw3GTTij1Ckc3NQrT5-qnOBcx9D11mhW-1oxJwrTFrrzSQmqE7Mvgp4LbBgIyJdm_2Zgfl2kLEm421URW035rAYt5tlQ3937Le80RelHVzKbbpxHQw-cw5p7EC8kmwVuSIzjGOOSKvohrf4UJR2VUw3EEBYyVdVwn-hSB3sX5fXVDFNhLPQIjn1MeriOvcvCme5WQuORNNUIex7rxG6zkTrEcYLVy7Q4XEaZS7cZBZ6m-VwqByZ9cwPm5X4qVHtJhG_AdTtC1knJC67YVz23sHDcNnAo-EdZoepf3YhP05grHNrgPpszvCWdW2r1-1cYUALudSvTJnx1-gXxkac0S6pope-T_6RgCtU5HltTjphkQXpYgzSFQ2-hJyNeZ2pXjJZnxV7RtEEb7OQenzN1VJwD_O0QgsSXMRMjEZvBt938kzsFS_bD-EuWwk3MBctT; Max-Age=86400; Expires=Thu, 25-Apr-2024 04:57:53 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/Tlogo.png | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/Tlogo.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 334 x 172, 8-bit/color RGBA, non-interlaced Hashcf052695dcfea41b32891c6fe0db704a 04666c7589d5f76d4d83b25180be153c74fa12c4 b0323f64bf0cf04da9f58a4b09142954f6d7843dfb037826aca05125c1590e45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/Tlogo.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 20691
last-modified: Tue, 28 Dec 2021 16:22:49 GMT
etag: "50d3-5d4373b7c4c11"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4416
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6FDbyRuPK2VvBkWX%2Fflzq7TbDj%2Bj2uTWE4tHM55AQ3ARoTViXpSkB2cbNGLSQU23i1bYtfyOHWHW%2FnpQR%2BWA0r0KbhmEfqp6%2FcjlIf2Dea%2Fb3rQ5%2FoCXCZwHQ1mab5RhbXjE0PSM5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e37b225687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/04.gif | 188.114.96.1 | 200 OK | 388 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/04.gif IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeGIF image data, version 89a, 312 x 312 Size388 kB (388375 bytes) Hashf8db03d9bf7a637a23362df0914aabfc 5828fb6a2ca814a2aa7db0f0c6f8ff61561a5ac3 8618a596b8ff121219334e7680e60691712f054bec2c7d3ed28c1381e28c01b1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/04.gif HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/gif
content-length: 388375
last-modified: Tue, 28 Dec 2021 16:22:59 GMT
etag: "5ed17-5d4373c0d22df"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4416
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iLJljkI1mAne0QBuWcaEb%2FrANT88YZl7N%2F85qT2PK2CMcabo0YX9Ud3le6XgyV79ydpHovwzcVLngRCDo8bTRFxUpG12z3e8VzS42pjD8nZOxvs3pjguEDlLjtCkGkeYBfwmEN4Urg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e37b245687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 | 188.114.96.1 | 200 OK | 55 kB |
URL User Request GET HTTP/2casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1568), with CRLF, LF line terminators Hash091983cdf8aad4d7d170e9c4c6ee9c5e 7f17636979107bcb1f7537ce53f49ec020c2b7f0 08045adfa0c642151216ee95b14b51e8bb279a4ed0a914d7088e80f46b317b28
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: text/html
cf-ray: 879383e0bc5956ab-OSL
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Dec 2021 16:22:36 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R0cpOH1G8mxaIZtrcIEwoyZMbeZizAts7c5B%2BIdyGyteplcfU17iw2fo3H0dR6%2F4sDBjJjOMc%2ByoYrYZYLFHSXtk5ROcCrxzSFBLSeGx%2F0ATQRcUdY0Nb9NXlpsXN4gmdEJn1RaqXg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_2.png | 188.114.96.1 | 200 OK | 56 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_2.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash0d8f82b8f9aa4d840b186f45c58be648 b756e6fa8803f25ac91ed0091be37bfcabd70a78 7c62140581382ceef8fdc3fef780f94d132d2758a22393aec252d65373d74d86
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 55991
last-modified: Tue, 28 Dec 2021 16:22:52 GMT
etag: "dab7-5d4373ba99607"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ph9qu%2BeG3k0gd%2BlgShp%2BorrkOGCP1qQkIL2%2BNfTCECsWrgFq8FCqn1VgQaKye0hB8VKjtrV%2BJ1wKkZnF5hYODJTeJFigGkMSoCFLSGfpzIOPcoLCuql2Wwgxpt0eOI113d7dXXRABg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e38b2a5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_3.png | 188.114.96.1 | 200 OK | 40 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_3.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hashb4c70525d55d14c65478b0f8b9c9954e 31e2063dc95f3d6a9995b76d382880f567246803 6f3f1d4003323a7f9135232b8cdca5f2cfde0e6b9b2988255c41a97c7b6fd163
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 40337
last-modified: Tue, 28 Dec 2021 16:22:51 GMT
etag: "9d91-5d4373b9830d2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FcgsJt%2BMWaESy%2BrG3w6O%2B5KHOTXe4yga65TQlBCLbtOGpOZ%2FfhXKg6FeL4miDW%2FTaD5W92elQiuT51NIX6gOl6gp8lz2TfcFp3KNPq9TA6Nty2NBosaXY2ESOCnFtw40CAr2lLGdww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e38b2d5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_4.png | 188.114.96.1 | 200 OK | 60 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_4.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash746ac82d1374f51b4ceae516f69ab6ad e3a378690b02af5732f3569ea71e00e666c46f1b a44f12838759e2055800c0642603be1085c5120d6f5df276c2e0e87210e0b8ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 59759
last-modified: Tue, 28 Dec 2021 16:22:56 GMT
etag: "e96f-5d4373bddf486"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBty1S0Prn%2Bkqn6iTRTGPlvDKtR4SvKMmitR7HFK377vqaqIAVOZySvV6c2S0xHN1d%2FQ3nyo2R7n%2BdlRnBCQcFuS0j8BGOWnEhNNjHV4UVjZTDUQyE0ewtqqruWjD70Hnbrd45NjnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e38b2e5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_5.png | 188.114.96.1 | 200 OK | 51 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_5.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash9407b587b816571fef24ea488fb29138 f7cc0874ccb7c8199fc2a078b507cb7497369c91 db27f7041801043061be15117bf82104786d53d8c3fcdd3165270efb87110f01
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 50867
last-modified: Tue, 28 Dec 2021 16:22:54 GMT
etag: "c6b3-5d4373bc338a6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2QHfTUg2cQyYmhHtRXWbXP%2Bk0GZBslur%2BEE7uBZ%2FPp8IqYXamCBt8SWgxEMzUyB38sSZvujobKlLIMpNnMWiSF0slPyI5LD3q2jVHUizo8li44sq7wFuIBdWgil4cI9OWn9u31O22g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e38b2f5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_1.png | 188.114.96.1 | 200 OK | 58 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_1.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash63f74d7c97a74239d43d4418803b345a 2855449c3a816dfa892b75ce3b6a1415da740fec a988dba1586aa8826577d9320678d3855d0d9d2e981d1073dd56b91a3859e3fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 57903
last-modified: Tue, 28 Dec 2021 16:22:46 GMT
etag: "e22f-5d4373b4201eb"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1M3gJ7e%2FflDvQUA%2F%2BED2A2w%2BdbF6nvu2Y%2FYkC7idi8floUEBRFM6oJqBE9Hvj%2BQX5jx1MWvbbI%2F1FeGNgZhDTQW%2FYayAcPn4cmk3I5PiJjOtaPiPZuRShDUfntNg6ZdbuJ3UW7aSkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e39b325687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_2.png | 188.114.96.1 | 200 OK | 50 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_2.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash431679c0fdd060aeef69f2b8beec4169 0c7f0ef489e5e752c814420165bbd3941cb3fd70 ecee803291f0a56f17cbefc5c561f32d277226d4a25f331371109bdc0e1e27df
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 49466
last-modified: Tue, 28 Dec 2021 16:22:45 GMT
etag: "c13a-5d4373b36d67e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4415
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6AmUBAQeLBIadqjN4HKuJgysFmYdVbnNUGFwtYjPtreaXXNXXp5BRiTBJqgebtnBu0aJlYY3w%2FCqIFqXSsz9UqaP%2FCWxwqC2tUwWo3IaLrh%2Bl858WihsGnq%2FcWTjYjb0AVQnDD79cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e39b335687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_3.png | 188.114.96.1 | 200 OK | 51 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_3.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hashb44d52f1628ccbe49dea725a18667d74 80aacb07a91269756340ccfed0480ead57c6d54f 0057b6d4f57ea0dabd771f6358f10a231ae805436ee6fc6850a02135e8f13532
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 51413
last-modified: Tue, 28 Dec 2021 16:22:44 GMT
etag: "c8d5-5d4373b2d8f72"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2dhyjopttDH4h%2FA%2BA3zScBT1lnCYSI2PDVB1JXtZHLYZ%2FfZmd1B%2F01p9a6V40mzwO1OSVC7AppxTKD6oOMLJswwQk0btBxhG40nj05GY4aVmztD1m%2BNIqxflYu8vPV14M8RgDA4WNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e39b385687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_4.png | 188.114.96.1 | 200 OK | 55 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_4.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash4dfe1a0253a15cd22e57b3eaab9116d2 8aa46e3d35632187a70e396c688293f6d7e688f4 62cc8f8b8dedacb8754b1ce93bc479ca3f6ae6246257928a4a0e1e0a281cf4a3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 55219
last-modified: Tue, 28 Dec 2021 16:22:43 GMT
etag: "d7b3-5d4373b1dd01f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuKQYA45ArL6oH16YV8rNiUUFUUYTBaW%2FgquAeYXFqvkfJJFVm06RGqpiEtvEDwaOigHQP%2FbQuxGD4KodE3Q0bJikd%2B%2FDZ%2FlAGR3G8PC0snXwnutHJ8ONJtez5UkMO8xHU4WSon8XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e39b3a5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_5.png | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_5.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash621fa434f53e05bdff2819eaf6e5c9ed 1aa94b820cd55a353a569e8cb4b5302c784a6ae7 10309b3258647bc6866587d6bca464cc6619b5c54187c27116ff6f74b9edcf61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p8_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 54413
last-modified: Tue, 28 Dec 2021 16:22:43 GMT
etag: "d48d-5d4373b18fdba"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ljjmpp8I5QMzT0M3r03HDPnm3hCVdxRSUznXxY83R40e5IfOXOZhyxFqMZ%2F5vHvpm0Pdxbm5ZDY0wLcISDBQ2ABfWxhKiSN%2FHJ59TzwSP%2FcMHG2tDF8QX3niorpIH19uITr6vAP7zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e39b3b5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_1.png | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_1.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash37059e26c56db6eca0b25465101d4855 6540eb900095769de1a2e71516a48e54cd8173e1 cfc4151b42a93abddb3885a5d907ad7cf486149ec615e1c107759629c12cd49e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 54337
last-modified: Tue, 28 Dec 2021 16:22:48 GMT
etag: "d441-5d4373b620d31"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jizmIHYGuynMPuPcMmerVTJmJoXOJDJ41OXwffkUPBsc%2FKOkKwPyPl%2BxRI2OXX2ML9ldrTfbPuKiuL9xJqV%2B85LpJwJLY%2FyKqzssCofLuPsm4cpziu5wadgFyK1orQyOF4uMhH4dQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e39b405687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_2.png | 188.114.96.1 | 200 OK | 54 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_2.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash01769e8254253553da95a9280b5a6527 7e586cd317b68b14984106d1f17089302b97d6ec 8d20fec6e5cd6640741ebcc46609813b2e10e0fdba6757f6b2c0e56d7fea3e43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 53970
last-modified: Tue, 28 Dec 2021 16:22:50 GMT
etag: "d2d2-5d4373b7f0b34"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6MjdblWRdXz0n%2B5SG4%2BVkA4qp5VD2S2kxmOsJ805g7NcY4wTvJaex0PElC0fJXDxRO3XMRv%2BjWhG%2FxTgYy99jDnHYbuESJI%2FaUzmKT3BuR8uS20ZzUe%2FJJv%2FJL85RFuv1FC6vb6%2Bvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e39b415687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_3.png | 188.114.96.1 | 200 OK | 53 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_3.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash1c3a2dc3681b3e447263e8790608e334 74e77a8638a881d11f88af4b8733cb00dbb9d8bd 6c2bba41d4aea31e90741e2fa84107439011bd56963033734159d8c7f46d895b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 53318
last-modified: Tue, 28 Dec 2021 16:22:48 GMT
etag: "d046-5d4373b6d28ff"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4414
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvlbibJYH%2FYvJgTiJY2SejWi20GjZT4olWVawyNloPH4v9EeFgJvvS3%2Fq5Qm9UJ4KxeFIj7tKbi3qV1O8apKZHkXL5au8MObZ0CglBUp6X7UC%2Fe9uVxQNEE806Z%2FyLIvL1A0uHdkIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e39b435687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_4.png | 188.114.96.1 | 200 OK | 60 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_4.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash475389ca94897a28dafcc0f92631094f d94dcab07cfdec16972a14c61d534a15ca8cb556 956dd0bba9897c9997c3f22604a603594342775cdd1aac6d1aea790f43f96b33
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 59693
last-modified: Tue, 28 Dec 2021 16:22:47 GMT
etag: "e92d-5d4373b536720"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4413
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xQ9QR0RxZFdOLGOhowt1LJvcPckL5qGt%2B69fhy1KI3eQfE%2Bkp%2F7jA4%2F2P9p3iEZgiicytKwYWUycl1LIl6uzrtcHPJ0kHK4QURH%2BeOThGrdC7pxG6iQfKVb9bIYxKe7Xd%2FX9d%2B%2Fbbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e39b465687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_5.png | 188.114.96.1 | 200 OK | 45 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_5.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hash8c046ad61659ad83f18fb2d5349f274e 53526b692ba5ea4f318cae71cacdf7c7efb4712a ac10817ac054c59733bd84b6c232b47e463b8557c479f534f3fbc609fdfd6314
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p9_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 45353
last-modified: Tue, 28 Dec 2021 16:22:47 GMT
etag: "b129-5d4373b57ace5"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4413
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ylAWnWGRvxExsEVtjQg8nsbtygpzmSK6wudEPqitnDRCPuyt8l3B1BDorVmJObF%2FrTMgXvQpm%2BkVdhqzMjUIiE03NdRtejbnVcIZqisubN9GPh51aATPoLSAhwieCN4onHDL%2FNoP%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e3ab4a5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg2.jpg | 188.114.96.1 | 200 OK | 51 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg2.jpg IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3 Hash37832c21ce4b202719cd33b6db45028b a363710e7567d46202dd73b0761c46993bf68dca 431f71eb5f7842de8711739f0833a4c30e46ba8831dc8b209634ad48544b595d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/bg2.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/jpeg
content-length: 50733
last-modified: Tue, 28 Dec 2021 16:22:55 GMT
etag: "c62d-5d4373bd47e9b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4413
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0QOdKGuiL0sR1uvk8%2BYTXRm%2F06ujc%2B008I2joHacewReIS15fPP601UaCWKhxBpGnHeTHdnyPac2E9ChmHFycMgf2Ri1m6XqB466sJVQfYl022%2FzoVtiLPTJtpXenfyMCB4RQ44nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e53c7d5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg1.jpg | 188.114.96.1 | 200 OK | 64 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg1.jpg IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3 Hasha6c153fab3849ec0e3ba73f645433aec f3747bf682252fef7befdf2870f19e16c6d4f77f 33215a1515c319a23598b30fea546e10dcb8cca455b42e20d8aa5e2eebd73bde
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/bg1.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/jpeg
content-length: 64359
last-modified: Tue, 28 Dec 2021 16:22:54 GMT
etag: "fb67-5d4373bbc147e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4413
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9I1tx9nFWZ%2BxNnPbE3Z6IDAAEaxGp%2F6P9nLaoztf8TW%2FwRDkkbbpMST7ce4K09yyLPedjCBn2ePE9chdNZA1g9Br%2FVzpO5NE2SfjblLHZuk8phVD0SfPkn1kwandq%2FAn8VL57CuVHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e53c7b5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg3.jpg | 188.114.96.1 | 200 OK | 56 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg3.jpg IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3 Hash4e2d83c4bf79c1e4c84aefc33a382f31 ffab591ef8385e851d2c17feeba2b2a22eeb6d12 e05a0702af3ef4e8d37e6c491e1478e0416cbdfc404fa5da52d135b4b8e04234
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/bg3.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/jpeg
content-length: 56408
last-modified: Tue, 28 Dec 2021 16:22:55 GMT
etag: "dc58-5d4373bcc6071"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4413
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UHyaUBfGiTNS%2FAPFUTTkie8C3IiMPw3Y%2Ff6oer%2B0e2hwUnAaviIrUZeTPJEl%2B8VckQdpVBAiYa3v3J%2FBP2pw9KKNxDzJEdSa39Lbe8%2FMGTj5xZVBBaXy0q7QNcE%2FXnWgZ49G6ddcIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e53c7e5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 | 188.114.96.1 | 404 Not Found | 24 kB |
URL GET HTTP/3casual-flirt-hub.com/0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
Hashe539f0c68981256bd00c4149b01cce64 2b2e00355749704dee8ea3ddb563da9adb64d61b 224c1b38aab43884c44549198c0375f408a0a11490210f6829b1e87ed312404d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3sXmSHG83nm2Fe5wwbW51Am5PikWlqZXS6O8GDYDi1QXV1zS6zAjJhNQGK18Kwwc5kVtWPasM60Dmi67I67cJdx9roTmmkbAcjgH0fN3b2EO7dgrjR%2BUubEQRq63W4EnAe9l9uxPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879383e53c805687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css | 188.114.96.1 | 200 OK | 8.3 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeASCII text, with very long lines (8122), with no line terminators Hash123176116c749f7de8c66d3d54365989 c885d077360d7029e39eac8c340a4e7cc4e3012c 6d86148ecc48ad67e1a750e5f367009b7f6da2c18596092662b4b4413aad57f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/css/css.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9762
etag: W/"2622-5d4373ae366b9"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4416
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XpcSeZhd7AKW2JjtFDTYI%2FBM1QQloz8S0sOdpRMa94YkC6juuK%2BucSkbXt2W2Bh7uy21mqJF8YjIwY5mZts7SZXQz%2BFlO4TbqOXv34Nw0H4KfaVgIImeVip3oNHoRxiGB5EsjfSxgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879383e37b1f5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-W62P37M | 142.250.74.168 | 200 OK | 83 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-W62P37M IP142.250.74.168:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (39202) Hashb9804ebd2759f723dfcd8aec1c83a8aa 5d44337c0540bbcf6c301855fde97ae7fe410aa3 bd755a8f33ea54d53a78077e27aade4aba5bd1694a92ba427774205502f06b0d
GET /gtm.js?id=GTM-W62P37M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 04:57:54 GMT
expires: Wed, 24 Apr 2024 04:57:54 GMT
cache-control: private, max-age=900
last-modified: Wed, 24 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83082
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js | 188.114.96.1 | 200 OK | 90 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Dec 2021 16:23:02 GMT
etag: W/"15d84-5d4373c3684d1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4416
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDJtaoWwVBd%2Fjcm01x9moiRVigBlC%2FPZRu9GNb5r%2Boc5gGgdSFS5Ov5ABVAsioeuv25I1%2F3fEfEIbdbg6T5waYE%2BInnCus8ayNoqrvw2fOrulxHeliJLB4GqvFhZDVX4Q7W0vlIOWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879383e37b215687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 | 188.114.96.1 | 404 Not Found | 371 B |
URL GET HTTP/3casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, ASCII text, with very long lines (386), with no line terminators Hashee38251b54e4a0a06ddf5b91e8338c17 7ac6a8c5c99acc67beb6ba6a44b8f004736b7c6f f177fb69c123c5d7ab569cf61efe23fcdf9c4149018640699fd87821ea751b74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FkFYfA6BFeApCdPFwl4mmZrThzssRaf8j56eDNd5pZ6FzMA%2BlwARuBtKmnHwin7g2rK%2F5IubflpfREx%2BuOtWgRaWIyAdtj3a2Sw8xhaSKHVXU5njh8TR9KIMCsRyVbFRAvWrHYqdIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879383e59cba5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/blob.png | 188.114.96.1 | 200 OK | 23 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/blob.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 583 x 428, 8-bit/color RGBA, non-interlaced Hash5571d30924ae123918e9a192bdab268d 8456f8812e7f2a74b82c849a954c682e92dd8631 31cf63bfb1030bb5d36c6a84a8c5df57081e23481bde6f9fcb1ad78ccfea045b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/blob.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 23169
last-modified: Tue, 28 Dec 2021 16:22:52 GMT
etag: "5a81-5d4373b9f455b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4413
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLSSs3IzYmQxjh%2BpqpfS3vQWf0bs4F3ikpDwfuH2n%2Bw0qz64QEFTvfcVKY7dUopkaJpaSsQuwoL%2FmeS3DMFJQsJwfSkuOxy6R6q7rWmP1glMMut8h7flhTpVeSZ6jiP4pDPdfBh6CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e59cb65687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 | 188.114.96.1 | 404 Not Found | 371 B |
URL GET HTTP/3casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, ASCII text, with very long lines (386), with no line terminators Hashee38251b54e4a0a06ddf5b91e8338c17 7ac6a8c5c99acc67beb6ba6a44b8f004736b7c6f f177fb69c123c5d7ab569cf61efe23fcdf9c4149018640699fd87821ea751b74
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rf6N0x2e5Fn45KN5rhgBSdFkUSKSTQBdRbErWgy0e7NLhUhE2T9DoVmyvsQmIGuZtr7%2FdVD2OY%2FJ42mIUAPZ6XFiQFSarw9mffv%2FWR%2B1Tz3pZBVVX5Mc7PLYlM30NUfGMEmGPZCwnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879383e59cb85687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_1.png | 188.114.96.1 | 200 OK | 48 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_1.png IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced Hashc37b1d71b49a4c8f8bf645d045f16985 548f445b73a87ed311986b78ad30ae585eb94d32 0940f506ad7a63a87d4094ed8982c9ced20a40f80968a8d60c413d9b5ecab79e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/p7_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: image/png
content-length: 47972
last-modified: Tue, 28 Dec 2021 16:22:50 GMT
etag: "bb64-5d4373b8b8e63"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4416
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=96jEzEfoObxymaaLw5kQ1zjiqoQdCF6azzBgd6Ob9T3FEzd56TSDjjb9X%2BVj4LJQ8mZ%2BcZBdolEDssAgJIlf7RLbyF250DAGO7ikX%2Feh9GGgKxMYKXHNwtuUdWWeo%2BHqwWT5WfHJzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e38b265687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdn.onesignal.com/sdks/OneSignalSDK.js | 104.17.111.223 | 200 OK | 9.2 kB |
URL GET HTTP/2cdn.onesignal.com/sdks/OneSignalSDK.js IP104.17.111.223:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectonesignal.com Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70 ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT
File typeJavaScript source, ASCII text, with very long lines (9410), with no line terminators Hash5eb2adfca36be15c8d4a206576132abd f507beb2560693723f4b360af70bfe9bd8bed534 6ad1aa44625325d8e975bccee776e9a60ae134d2de1cb8d98852de9f3109aa4a
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 04:57:55 GMT
content-type: application/javascript
etag: W/"a87c48d211877c49b878679b2e3cdab8"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1399
expires: Sat, 27 Apr 2024 04:57:55 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=1IMcELw56qd8HYddMTbOgSa8qQQkIUdhJepWkevccPs-1713934675-1.0.1.1-B99sFgSYkgoupEA6RE7gg4PC4oLkf6nyLkScUjGI4Wz_AlqbQhYolo58GrWGwS3GR93h6T05znQFGaaz_k9hng; path=/; expires=Wed, 24-Apr-24 05:27:55 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 879383e73f4d56ba-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css | 188.114.96.1 | 200 OK | 9.2 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeASCII text, with very long lines (9233), with no line terminators Hash26a4c2ca32b70017b7203fde81bed3a9 3c1d00c858ab49a30013c747b9faafbcdf84a063 cd3123418fc2ff36cbfa763593f84385bc0592d22a8eb9a9f5356519f00ef717
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/css/style.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=14510
etag: W/"38ae-5d4373ae27c58"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4416
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s7YLsC5zVM%2FrWnASuz21RcWyhNoxvzuoXuptT%2Frq%2FuT9wQk%2Bfs%2BwDhr6CRE4c3MMzdsSG%2BWyqNpQPL81%2Br4CoodjGMAR7cY9GSi7WIpeu5C%2BnSMZj5aAIVXzJsb3wqNMBrOc6D0hBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879383e37b1e5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjM5NTY2ODgxMjg1MTA0MzUlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc3VhbC1mbGlydC1odWIuY29tJTJGMCUyRm5vJTJGTk9fZnVsbHBhZ2UtdGlrXzI4MTIyMDIxJTJGJTNGbGFuZGVyJTNEYjEwMTY4MTktMTJmMS00NTgxLTkzMjUtYmMyYjY0NTRjNDY1JTI2Y2xpY2tpZCUzRHd2bHIycXJvaXBkbXJjcTBqdHB1bXY0NCUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzA1NSUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEdWZlVVlvaXdGQTFPcDdqUlBfQTE2a09jWHNDemdwNE9DWGkySm5YM184ekxGUVY0N2VyWWd1MHZpYzM4VDliSUlrajdHVkZVYXM3aDljNW9wcWVnWW1OOWlBU214OFljUE9qMDhkWjJIWjM3Qmd2anVTcXYxa0ctcVdrTjNHUGp5dHJ4aDFqczBKLWV0eFFlbE0zUEFpMlhGbXAzUnpiM3lSLTBzSTk5bzVNYzhLX0V2b0psdkd1WEFKcjZVUE54bmQ0NHZsLXdfdmJpQUl2MUJWbTc2ckpxdzVKRWhiYWFzdmc2cjdpdVNtdEhRc25IUGJsck56TjRTc2hrcE95OXF4MTFRZkJTcUZPZFJ4WlpCdzJxR2xnR2JrWXpjQm1YT1FNaGhMQ3JfWFdZbXdva2JIRlJqT25VYXZTTTVCbWxEMlU1WFRTOFE3aXUyTFptOFJ5MmhwaUJLTkoyaGlCanFEMkhwSkh1Mjk2aFZXZDVCbllHWjJrZHQxU21kd0dRVkl4YW9kZlZ1a010OGdOUmdBOWtqTHRPd3V3Y2RSS2ZVY3FTcU9IQkk2cm9PbjJrNnFWbFl6alZPdWdKN2w4eTRyRU1JRzZsbVNnRTBqVGJ2aW5PVjYyaTVXYWZlSDNsYUdKWExhdXdUd1NFa2x0STdhcFZ4REdjWXJaV2ZGOXJ1QzAzZWRnWEMtQ1JQRjZOdWpOUl9DNzhoSVk3Ymlac0lsaDQtdlZkOGRLeU42ZzdJcS1ISkZ0U1JiN04yM2pLczI4YS1naVZCcWVnalVxbmdDQ3RSaU9mQ0JpQ1N6b19lWjFQaktVVUcwZC1yMTFiaEZHMnVISnNvSjNLeEhBYSUyNmxwdG9rZW4lM0QxNzE2MTM4ZTkzN2Y2NGQ4NzMzNSUyNnMxJTNEZTY1Y2JiMGItYTJhYS00ZDdiLWFlOWYtMzkyNWMzZjFlYTE1JTI2czIlM0RhOTQyNmUzOS0wZjg4LTQ2NjYtYTk2NC1kMjYwNDEyNzU3ZDAlMjZzMyUzRCUyNnM0JTNEJTI2czUlM0QlMjZzNiUzRCUyNnM3JTNEJTI2a3MlM0QzMDU1JTI2Y29zdCUzRCUyNnRhZyUzRHd2bHIycXJvaXBkbXJjcTBqdHB1bXY0NCUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= | 188.114.96.1 | 200 OK | 4.9 kB |
URL GET HTTP/3casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjM5NTY2ODgxMjg1MTA0MzUlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc3VhbC1mbGlydC1odWIuY29tJTJGMCUyRm5vJTJGTk9fZnVsbHBhZ2UtdGlrXzI4MTIyMDIxJTJGJTNGbGFuZGVyJTNEYjEwMTY4MTktMTJmMS00NTgxLTkzMjUtYmMyYjY0NTRjNDY1JTI2Y2xpY2tpZCUzRHd2bHIycXJvaXBkbXJjcTBqdHB1bXY0NCUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzA1NSUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEdWZlVVlvaXdGQTFPcDdqUlBfQTE2a09jWHNDemdwNE9DWGkySm5YM184ekxGUVY0N2VyWWd1MHZpYzM4VDliSUlrajdHVkZVYXM3aDljNW9wcWVnWW1OOWlBU214OFljUE9qMDhkWjJIWjM3Qmd2anVTcXYxa0ctcVdrTjNHUGp5dHJ4aDFqczBKLWV0eFFlbE0zUEFpMlhGbXAzUnpiM3lSLTBzSTk5bzVNYzhLX0V2b0psdkd1WEFKcjZVUE54bmQ0NHZsLXdfdmJpQUl2MUJWbTc2ckpxdzVKRWhiYWFzdmc2cjdpdVNtdEhRc25IUGJsck56TjRTc2hrcE95OXF4MTFRZkJTcUZPZFJ4WlpCdzJxR2xnR2JrWXpjQm1YT1FNaGhMQ3JfWFdZbXdva2JIRlJqT25VYXZTTTVCbWxEMlU1WFRTOFE3aXUyTFptOFJ5MmhwaUJLTkoyaGlCanFEMkhwSkh1Mjk2aFZXZDVCbllHWjJrZHQxU21kd0dRVkl4YW9kZlZ1a010OGdOUmdBOWtqTHRPd3V3Y2RSS2ZVY3FTcU9IQkk2cm9PbjJrNnFWbFl6alZPdWdKN2w4eTRyRU1JRzZsbVNnRTBqVGJ2aW5PVjYyaTVXYWZlSDNsYUdKWExhdXdUd1NFa2x0STdhcFZ4REdjWXJaV2ZGOXJ1QzAzZWRnWEMtQ1JQRjZOdWpOUl9DNzhoSVk3Ymlac0lsaDQtdlZkOGRLeU42ZzdJcS1ISkZ0U1JiN04yM2pLczI4YS1naVZCcWVnalVxbmdDQ3RSaU9mQ0JpQ1N6b19lWjFQaktVVUcwZC1yMTFiaEZHMnVISnNvSjNLeEhBYSUyNmxwdG9rZW4lM0QxNzE2MTM4ZTkzN2Y2NGQ4NzMzNSUyNnMxJTNEZTY1Y2JiMGItYTJhYS00ZDdiLWFlOWYtMzkyNWMzZjFlYTE1JTI2czIlM0RhOTQyNmUzOS0wZjg4LTQ2NjYtYTk2NC1kMjYwNDEyNzU3ZDAlMjZzMyUzRCUyNnM0JTNEJTI2czUlM0QlMjZzNiUzRCUyNnM3JTNEJTI2a3MlM0QzMDU1JTI2Y29zdCUzRCUyNnRhZyUzRHd2bHIycXJvaXBkbXJjcTBqdHB1bXY0NCUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJavaScript source, ASCII text, with very long lines (5044), with no line terminators Hash4f8e7bece0e33eebe4e125006a962faa 02df4701a7a073a8ecdf239a4bf72cef2479c5b6 8e51ff96ef81e6ed83a5e9eac293c4e3817601e91050a7b350daeb4ec3359356
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjM5NTY2ODgxMjg1MTA0MzUlMkMlMjJ3JTIyJTNBMTI4MCUyQyUyMmglMjIlM0ExMDI0JTJDJTIyaiUyMiUzQTEwMjQlMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRmNhc3VhbC1mbGlydC1odWIuY29tJTJGMCUyRm5vJTJGTk9fZnVsbHBhZ2UtdGlrXzI4MTIyMDIxJTJGJTNGbGFuZGVyJTNEYjEwMTY4MTktMTJmMS00NTgxLTkzMjUtYmMyYjY0NTRjNDY1JTI2Y2xpY2tpZCUzRHd2bHIycXJvaXBkbXJjcTBqdHB1bXY0NCUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzA1NSUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEdWZlVVlvaXdGQTFPcDdqUlBfQTE2a09jWHNDemdwNE9DWGkySm5YM184ekxGUVY0N2VyWWd1MHZpYzM4VDliSUlrajdHVkZVYXM3aDljNW9wcWVnWW1OOWlBU214OFljUE9qMDhkWjJIWjM3Qmd2anVTcXYxa0ctcVdrTjNHUGp5dHJ4aDFqczBKLWV0eFFlbE0zUEFpMlhGbXAzUnpiM3lSLTBzSTk5bzVNYzhLX0V2b0psdkd1WEFKcjZVUE54bmQ0NHZsLXdfdmJpQUl2MUJWbTc2ckpxdzVKRWhiYWFzdmc2cjdpdVNtdEhRc25IUGJsck56TjRTc2hrcE95OXF4MTFRZkJTcUZPZFJ4WlpCdzJxR2xnR2JrWXpjQm1YT1FNaGhMQ3JfWFdZbXdva2JIRlJqT25VYXZTTTVCbWxEMlU1WFRTOFE3aXUyTFptOFJ5MmhwaUJLTkoyaGlCanFEMkhwSkh1Mjk2aFZXZDVCbllHWjJrZHQxU21kd0dRVkl4YW9kZlZ1a010OGdOUmdBOWtqTHRPd3V3Y2RSS2ZVY3FTcU9IQkk2cm9PbjJrNnFWbFl6alZPdWdKN2w4eTRyRU1JRzZsbVNnRTBqVGJ2aW5PVjYyaTVXYWZlSDNsYUdKWExhdXdUd1NFa2x0STdhcFZ4REdjWXJaV2ZGOXJ1QzAzZWRnWEMtQ1JQRjZOdWpOUl9DNzhoSVk3Ymlac0lsaDQtdlZkOGRLeU42ZzdJcS1ISkZ0U1JiN04yM2pLczI4YS1naVZCcWVnalVxbmdDQ3RSaU9mQ0JpQ1N6b19lWjFQaktVVUcwZC1yMTFiaEZHMnVISnNvSjNLeEhBYSUyNmxwdG9rZW4lM0QxNzE2MTM4ZTkzN2Y2NGQ4NzMzNSUyNnMxJTNEZTY1Y2JiMGItYTJhYS00ZDdiLWFlOWYtMzkyNWMzZjFlYTE1JTI2czIlM0RhOTQyNmUzOS0wZjg4LTQ2NjYtYTk2NC1kMjYwNDEyNzU3ZDAlMjZzMyUzRCUyNnM0JTNEJTI2czUlM0QlMjZzNiUzRCUyNnM3JTNEJTI2a3MlM0QzMDU1JTI2Y29zdCUzRCUyNnRhZyUzRHd2bHIycXJvaXBkbXJjcTBqdHB1bXY0NCUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casual-flirt-hub.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:54 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://casual-flirt-hub.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-max-age: 600
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2p%2FaBjg3TYbVRYln9wd9zb%2FIoaZQ%2BQrlksrlgQnq8AljsvwvLNyO1jYgJFhaQ5InfDX8Y6ZexCeNh6scyZ7TOHcvrvx95%2FoNM%2FJD97geF2dfIH7ABkKGA8yDxEaySpfBGQHTHNQLeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879383e5bccc5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/favicon.ico | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/favicon.ico IP188.114.96.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44 CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash38722a803b73dd1871a3d8a19db44d2f 3379960a2c6611bfefcb39e662198d6df322e12d 314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_fullpage-tik_28122021/images/favicon.ico HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=wvlr2qroipdmrcq0jtpumv44&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3055&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=ufeUYoiwFA1Op7jRP_A16kOcXsCzgp4OCXi2JnX3_8zLFQV47erYgu0vic38T9bIIkj7GVFUas7h9c5opqegYmN9iASmx8YcPOj08dZ2HZ37BgvjuSqv1kG-qWkN3GPjytrxh1js0J-etxQelM3PAi2XFmp3Rzb3yR-0sI99o5Mc8K_EvoJlvGuXAJr6UPNxnd44vl-w_vbiAIv1BVm76rJqw5JEhbaasvg6r7iuSmtHQsnHPblrNzN4SshkpOy9qx11QfBSqFOdRxZZBw2qGlgGbkYzcBmXOQMhhLCr_XWYmwokbHFRjOnUavSM5BmlD2U5XTS8Q7iu2LZm8Ry2hpiBKNJ2hiBjqD2HpJHu296hVWd5BnYGZ2kdt1SmdwGQVIxaodfVukMt8gNRgA9kjLtOwuwcdRKfUcqSqOHBI6roOn2k6qVlYzjVOugJ7l8y4rEMIG6lmSgE0jTbvinOV62i5WafeH3laGJXLauwTwSEkltI7apVxDGcYrZWfF9ruC03edgXC-CRPF6NujNR_C78hIY7biZsIlh4-vVd8dKyN6g7Iq-HJFtSRb7N23jKs28a-giVBqegjUqngCCtRiOfCBiCSzo_eZ1PjKUUG0d-r11bhFG2uHJsoJ3KxHAa&lptoken=1716138e937f64d87335&s1=e65cbb0b-a2aa-4d7b-ae9f-3925c3f1ea15&s2=a9426e39-0f88-4666-a964-d260412757d0&s3=&s4=&s5=&s6=&s7=&ks=3055&cost=&tag=wvlr2qroipdmrcq0jtpumv44
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 04:57:55 GMT
content-type: image/x-icon
last-modified: Tue, 28 Dec 2021 16:22:44 GMT
etag: W/"47e-5d4373b23ac27"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U57htydaAQchFpzHOcVxyQ7%2BV567nqDp6LSy613p%2FqPbGfUZ5N2QFjck648zyiWtkXVDkPCeVahcUTuqacl4GLBrEKf4c9bO7oM3ehTtI76o%2FsEeAi%2BPFs1UPcIeCySpTjfSJOz%2FAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879383e68d565687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|