| www.trckb2b.com/49L7DK9/2J3TGB37/?uid=21000&sub2={clickid}&sub3=172039 |  34.96.83.190 | 302 Found | 255 B |
URL User Request GET HTTP/2www.trckb2b.com/49L7DK9/2J3TGB37/?uid=21000&sub2={clickid}&sub3=172039 IP34.96.83.190:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerStarfield Technologies, Inc. Subjecttrck.novatrck.com FingerprintD1:40:B6:26:F1:E7:AD:38:E9:30:82:8A:AD:1D:88:42:4E:9F:88:1D ValidityWed, 03 Apr 2024 15:42:33 GMT - Mon, 05 May 2025 15:42:33 GMT
File typeHTML document, ASCII text Hash94568fa943580bc6dd18f6ee28ba3b6e ef4e6d56c50cee1932640d04800342b2687c3af5 fd1ed4b967f698fc3df42dc8ee73e1b86b3fed377d168cbb5a8f2c3dae3b70a4
GET /49L7DK9/2J3TGB37/?uid=21000&sub2={clickid}&sub3=172039 HTTP/1.1
Host: www.trckb2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 03:29:04 GMT
content-type: text/html; charset=utf-8
content-length: 255
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://trck.pecuniatrck.com/49L7DK9/2HBBQWMP/?__rpt=0&__po=24334&__ptid=da8a4a6f85114626a1f6c1213d381c2f&__rpa=1&__rc=1&sub1=&sub2=%7Bclickid%7D&sub3=172039&sub4=&sub5=&source_id=&__pcd=9
set-cookie: uniqueClick_2J3TGB37=5684496b-0a20-45a7-b6c3-34038a53728b:1714102144; Path=/; Expires=Sat, 27 Apr 2024 03:29:04 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 94d8cea7-1261-47b7-9cf2-ffecc5e8dd51
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| trck.pecuniatrck.com/49L7DK9/2HBBQWMP/?__rpt=0&__po=24334&__ptid=da8a4a6f85114626a1f6c1213d381c2f&__rpa=1&__rc=1&sub1=&sub2=%7Bclickid%7D&sub3=172039&sub4=&sub5=&source_id=&__pcd=9 | 35.190.3.146 | 302 Found | 150 B |
URL User Request GET HTTP/2trck.pecuniatrck.com/49L7DK9/2HBBQWMP/?__rpt=0&__po=24334&__ptid=da8a4a6f85114626a1f6c1213d381c2f&__rpa=1&__rc=1&sub1=&sub2=%7Bclickid%7D&sub3=172039&sub4=&sub5=&source_id=&__pcd=9 IP35.190.3.146:443
CertificateIssuerGoogle Trust Services LLC Subjecttrck.numustrck.com Fingerprint51:33:8D:9A:70:0F:B6:A0:E0:15:5F:91:4E:F0:CB:31:CF:DC:D0:6B ValidityTue, 12 Mar 2024 18:11:27 GMT - Mon, 10 Jun 2024 19:03:40 GMT
File typeHTML document, ASCII text Hashda805484b99af112dc1e78d45f92b128 da351305db9761d83c7056b66bb0e7202a899191 f8a1722cddcf45889dd83f6c1d946662ef7d32baa3ae584c7d1eb7e9c5331396
GET /49L7DK9/2HBBQWMP/?__rpt=0&__po=24334&__ptid=da8a4a6f85114626a1f6c1213d381c2f&__rpa=1&__rc=1&sub1=&sub2=%7Bclickid%7D&sub3=172039&sub4=&sub5=&source_id=&__pcd=9 HTTP/1.1
Host: trck.pecuniatrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 03:29:04 GMT
content-type: text/html; charset=utf-8
content-length: 150
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://track.smart-tds.com/c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=2040&t2=172039&tag=cb142ab93bee439389dee57932715159
set-cookie: uniqueClick_2HBBQWMP=9da37d7c-cd48-4832-8fcc-fda6b27f0bdf:1714102144; Path=/; Expires=Sat, 27 Apr 2024 03:29:04 GMT; Secure; SameSite=None
transaction_id=cb142ab93bee439389dee57932715159; Path=/; Expires=Thu, 25 Jul 2024 03:29:04 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 9842e475-d9c8-4400-808c-975055fb7712
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| track.smart-tds.com/c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=2040&t2=172039&tag=cb142ab93bee439389dee57932715159 |  35.156.152.207 | 302 Found | 0 B |
URL User Request GET HTTP/2track.smart-tds.com/c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=2040&t2=172039&tag=cb142ab93bee439389dee57932715159 IP35.156.152.207:443
CertificateIssuerLet's Encrypt Subjecttrack.smart-tds.com Fingerprint6D:A4:16:9B:9C:BD:51:73:F2:75:7D:1F:BF:80:89:F2:B9:F9:DF:57 ValidityFri, 15 Mar 2024 06:47:09 GMT - Thu, 13 Jun 2024 06:47:08 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=2040&t2=172039&tag=cb142ab93bee439389dee57932715159 HTTP/1.1
Host: track.smart-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 03:29:04 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c
pragma: no-cache
set-cookie: c9a9eca1-de73-466d-aa60-f2d1325e89a7-v4=oIrioSa5qTZi5iePdr_tW1wMqOyT092CbW3kk_z_zzk; Max-Age=86400; Expires=Sat, 27-Apr-2024 03:29:04 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=MOQSe5d5f3%2FziJZ3wgXu2wOuV73gZq0hzVWW8RGraD9gLf6sb9aM%2BME1aubjTXrB4OuOdiEXQkkTmoUMZ3hiiABAkUsjacgicnNziZEtyC5gTkrX3uCzr2aPXw%2Fv5ScbcUlIb0gu0XoaQh8G4rDQyw%3D%3D; Max-Age=31536000; Expires=Sat, 26-Apr-2025 03:29:04 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c | 3.120.62.154 | 302 Found | 0 B |
URL User Request GET HTTP/2nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c IP3.120.62.154:443
CertificateIssuerLet's Encrypt Subjectnicking-unding.com FingerprintA5:CF:AA:AB:0F:1F:99:7E:6E:A6:E3:89:2E:FE:D4:A5:59:43:15:30 ValidityFri, 08 Mar 2024 07:04:05 GMT - Thu, 06 Jun 2024 07:04:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c HTTP/1.1
Host: nicking-unding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 26 Apr 2024 03:29:04 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c
pragma: no-cache
set-cookie: c4b5ad04-8822-42c1-9db5-e9a49f15358b-v4=BllHRqIDmbRWvB4FBFrMXsAtf5CtUrDBsJZ_pqr2Tgg; Max-Age=86400; Expires=Sat, 27-Apr-2024 03:29:04 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=RDu2oTnbeewjTknaKgjSuTBYAz8_Tk7AbjyoMY2Oz0cW6O11HqrBF_XuKmVUfC71nai-AxJl1d-cebw-BjcpcwShZ_mKXAnw93F3bWmvl9nQhtkfdpurG6GmGhBdGYH7bVn4zP0vn1SG1rEbYFnlXOVV1FUp0B8BY8_ZxQ9quRse6IzNdzekXelUUQkS6XM2zpUMbvJrn7DWP78wOX_22jbdc-S5QTZ3Pdh0gkTPqTw32mcIAYKp6YRM58CzwxP0KtgHqz6IJahr3F4qDEsPkH9Z-atyD41wxLbvbXK_zxmlRfEl_a4Y8y9x6XHRPm2Y44ZSpN1_MROpGMMrBYoRwvTBoEzF1ZVMAC7X5kyg719iStRnZkVLYP3NY-IOzcojeMplyIp_V7TDOH6KKe6g-ECL8JiZEQImZymRImrgkzXYO6W87ZMQoYAYRPICVdMLG5HpPNlhjz9rUG1wql7BLt6RMzn_o9g7Tct6J18_u8GRQBwoBEDcME5soJFMhHLwDqef-MGHXbsvnXjouAEPDkRaUB65QvmTPaiLmDP11tsYxhz0UjW4Ot96Lz4aAB1O; Max-Age=86400; Expires=Sat, 27-Apr-2024 03:29:04 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/images/pic01.png |  188.114.97.1 | 200 OK | 326 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/images/pic01.png IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typePNG image data, 400 x 600, 8-bit/color RGB, non-interlaced Size326 kB (325860 bytes) Hashd5c14c121930b64d765271f3f51d0e92 295a6d991189a76f663bd0ca393f1e2ec55d80a0 8309e2466fd7b27947f57336e27819dd0ba6e95d4bfc3eb5e2d0bee925b690e3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_black-blonde-milf_13042022/images/pic01.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:29:05 GMT
content-type: image/png
content-length: 325860
last-modified: Wed, 20 Apr 2022 19:02:16 GMT
etag: "4f8e4-5dd1aa1c91819"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLaD84ygth1h3Mcs9UcBmmEL5dnAAWn5iNTsAdmghxqXKdWn%2B%2BVXBZ%2BdxidWUTvG2n%2FVs3LfMam6vakban5TWHtaWOYVLvC6c9NRx1xI8gHosFfzQ%2BtQUotdrB6qRWh1ozfGLnkYlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87a37c892f33b505-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.googletagmanager.com/gtm.js?id=GTM-W62P37M | 142.250.74.168 | 200 OK | 83 kB |
URL GET HTTP/2www.googletagmanager.com/gtm.js?id=GTM-W62P37M IP142.250.74.168:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (40006) Hash2ea01b4730f302ba207fc292a467f345 8f8f42943e4f967d5f716558f044e123297fa6af 2d81f946f3e7ab9aacf77e4bcb3677565315ee81708f86c78ffe4fb39d064e83
GET /gtm.js?id=GTM-W62P37M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 03:29:05 GMT
expires: Fri, 26 Apr 2024 03:29:05 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 Apr 2024 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 82875
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/favicon.ico | 188.114.97.1 | 404 Not Found | 758 B |
URL GET HTTP/3casual-flirt-hub.com/favicon.ico IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, ASCII text Hash0eb11ecac6c00563e9511d7de396623e 2d5c9ac8704f0ed2749b06c773095c0a204c0ba5 35c07c7ddde722dc024a6ee7775398f42f509d00aeda26feedca69b9a77f80c0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 03:29:05 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNz0dsetb7IqD2JGQ4713xBgGajtLmJQsVL5Ygy3LQLWjOTi1pt5H7Ve2KG4%2Fr2a5nU0Iw3B41wfvnfKA%2FOFDfZ8Sowy84YppqH7L83RAsfuZHRKt%2F2XmGGqVY24L%2FreZ0tVkuBurw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a37c8aafc5b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.onesignal.com/sdks/OneSignalSDK.js |  104.17.111.223 | 200 OK | 12 kB |
URL GET HTTP/2cdn.onesignal.com/sdks/OneSignalSDK.js IP104.17.111.223:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c CertificateIssuerGoogle Trust Services LLC Subjectonesignal.com Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70 ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT
File typeJavaScript source, ASCII text, with very long lines (9163) Hasha87c48d211877c49b878679b2e3cdab8 e75653dd0156806682e39abe8b1323ed40d840ca 4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:29:05 GMT
content-type: application/javascript
etag: W/"a87c48d211877c49b878679b2e3cdab8"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 621
expires: Mon, 29 Apr 2024 03:29:05 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=cYVTQmNVXTbimcskFJHZV7C6pJtGTt81hoKIGGG.Xa4-1714102145-1.0.1.1-TOxalO0Bf9EgDj9khvn.UThbXNoO9mH_B0lVaATvsi_mgfDj1PvLoBEfQ8RkuXn_szviWN8ewp68rp0RDprtFg; path=/; expires=Fri, 26-Apr-24 03:59:05 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 87a37c8badc05697-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/css/style.css | 188.114.97.1 | 200 OK | 2.4 kB |
URL GET HTTP/3casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/css/style.css IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeASCII text, with very long lines (2360), with no line terminators Hash358a2e00a69f6ec6ac28d58e2b9144bd 30cbbeb7c05907d2b5ca65c3d23783fe9e333ece fd934bef61580928b65429c7552b8b9429cd728ec1b3fabea05f32d5785a2073
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_black-blonde-milf_13042022/css/style.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:29:05 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=2848
etag: W/"b20-5dd1aa19fb629"
last-modified: Wed, 20 Apr 2022 19:02:14 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uRHgOZ5lOpbGpMG7GZTi0nFpPQy6zxhZizCenlzT0gSDy%2B85yhVGsMuAV%2FFA2BvXNU22qaw84whLANNB9DiC79hveN3Wtkvs2WKn1zmZ2oA89O2qIyhcHKpNxFlQzGAhXTA6kRRmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a37c892f32b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c | 188.114.97.1 | 200 OK | 6.6 kB |
URL User Request GET HTTP/2casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6960), with no line terminators Hash1c5e75c53f5b49e3b78edefb5eb06d63 5d2e2dc0dd8ce1bd236fb4892ddbbe20624e9d3f 3d38727575a50820631193f88a7e7b86d6fedd49ee5e9f59cc9f8f8f0157a67d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 03:29:05 GMT
content-type: text/html
cf-ray: 87a37c86dc2b0b4d-OSL
cf-cache-status: DYNAMIC
last-modified: Wed, 20 Apr 2022 19:02:13 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2Foi9Y8eNL3q9%2F3MjxRGLwfn6RHy%2Bwnp4rKNjXv9rzCzgL5%2FhwskcDXQJWbSvagrIz07nLOsXG7QcEo4w%2Fvb%2Fd0mDOTk8NflGIPRJ%2Fjt%2Bq5VWej%2Br%2BzM6eLbes8q61BkcgoQmEJODA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyU2V4JTIwTm9yZ2UlMjIlMkMlMjJ4JTIyJTNBMC4xMzcwNTA5NzYxODYzNTIzJTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0ExMDI0JTJDJTIyZSUyMiUzQTEyODAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjYXN1YWwtZmxpcnQtaHViLmNvbSUyRjAlMkZubyUyRk5PX2JsYWNrLWJsb25kZS1taWxmXzEzMDQyMDIyJTJGJTNGbGFuZGVyJTNENjBkZGUxYTEtMzhhZC00YjllLTliYTItYWRmODBhNTIwMGM2JTI2Y2xpY2tpZCUzRHc2OGYzdWIzZ2dha2NycjBqa3M2NW03YyUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzA0MSUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEcVNsY3B4ZTItTTNpSEo1NzVSSzVSLTRhRFZOMmw4V2NkdThCTmdaRUxlMGdoLUtfM09ONFpnem04VEZBX002UWVnazVaY3k3OUlGYXhOT3JLdndPN0VDSXQ5Z0N0d21nZGVfa08xVzV3SmNQUDRGdWJpakIzN3RxZDZLQmpseVZ5SmMzS0t5NU1TbHJzVHJCQ3pZVkkwbjU2QjVTQzNJdnI3QTdtUFRQem9RVnBPczNyUk96ak1USTNoaEg3bHlEYnZ2cHZEeXVMd0s1dnRPUDF1YTM0Nk9Vdl9Sd3Z2WUdJNHVoeUFHTk9ubXNMMjJVUDlzTVpyR1E3Y2V4M25zU1FZSGl1RVZaYVllTnQ5ZG5mR3JZS2pwaF9uMUJpWFM1cEV1ZWxnWmVIM0RKUGRRdlJ0akJUQmJiQlE4VUktUUxNWGtaYWEyejJlTUJkRmF2UnhFdzVWLVpqWVlvODQ0VGZFcjJ5ZTEwWUdyMXdnRll1VVdPWjVub1Nyc2NDcG1nNzhCY1p3Z3lDSm9vZlVGWWhFV2k0Z3VTNFM1Z1BwTzNDamJoOVJ0TGZsTE04MDBFal8zMkltX0ZIQ21Qdlk1SVRoV2NJM3g2c3BHMFNpU0ZnSERLTHMtcmh5cFIzOUtGY2RHaGtGV1N2MXNkQ1duWk9HbGhyMHFkYUpvcHNGSF8zbXFHTXpvWldUVnBrem9nMWtFalN4NUN4VEdXZldVSnByZ1pNYndhNzhMX0JCSlhXdm9TNkFTWXBDVnZ0YlJYJTI2bHB0b2tlbiUzRDE3ZjMxNGJhMTAwZTM5NDk0NGQ1JTI2czElM0QyMDQwJTI2czIlM0QxNzIwMzklMjZzMyUzRCUyNnM0JTNEJTI2czUlM0QlMjZzNiUzRCUyNnM3JTNEJTI2a3MlM0QzMDQxJTI2Y29zdCUzRCUyNnRhZyUzRHc2OGYzdWIzZ2dha2NycjBqa3M2NW03YyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= | 188.114.97.1 | 200 OK | 4.9 kB |
URL GET HTTP/3casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyU2V4JTIwTm9yZ2UlMjIlMkMlMjJ4JTIyJTNBMC4xMzcwNTA5NzYxODYzNTIzJTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0ExMDI0JTJDJTIyZSUyMiUzQTEyODAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjYXN1YWwtZmxpcnQtaHViLmNvbSUyRjAlMkZubyUyRk5PX2JsYWNrLWJsb25kZS1taWxmXzEzMDQyMDIyJTJGJTNGbGFuZGVyJTNENjBkZGUxYTEtMzhhZC00YjllLTliYTItYWRmODBhNTIwMGM2JTI2Y2xpY2tpZCUzRHc2OGYzdWIzZ2dha2NycjBqa3M2NW03YyUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzA0MSUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEcVNsY3B4ZTItTTNpSEo1NzVSSzVSLTRhRFZOMmw4V2NkdThCTmdaRUxlMGdoLUtfM09ONFpnem04VEZBX002UWVnazVaY3k3OUlGYXhOT3JLdndPN0VDSXQ5Z0N0d21nZGVfa08xVzV3SmNQUDRGdWJpakIzN3RxZDZLQmpseVZ5SmMzS0t5NU1TbHJzVHJCQ3pZVkkwbjU2QjVTQzNJdnI3QTdtUFRQem9RVnBPczNyUk96ak1USTNoaEg3bHlEYnZ2cHZEeXVMd0s1dnRPUDF1YTM0Nk9Vdl9Sd3Z2WUdJNHVoeUFHTk9ubXNMMjJVUDlzTVpyR1E3Y2V4M25zU1FZSGl1RVZaYVllTnQ5ZG5mR3JZS2pwaF9uMUJpWFM1cEV1ZWxnWmVIM0RKUGRRdlJ0akJUQmJiQlE4VUktUUxNWGtaYWEyejJlTUJkRmF2UnhFdzVWLVpqWVlvODQ0VGZFcjJ5ZTEwWUdyMXdnRll1VVdPWjVub1Nyc2NDcG1nNzhCY1p3Z3lDSm9vZlVGWWhFV2k0Z3VTNFM1Z1BwTzNDamJoOVJ0TGZsTE04MDBFal8zMkltX0ZIQ21Qdlk1SVRoV2NJM3g2c3BHMFNpU0ZnSERLTHMtcmh5cFIzOUtGY2RHaGtGV1N2MXNkQ1duWk9HbGhyMHFkYUpvcHNGSF8zbXFHTXpvWldUVnBrem9nMWtFalN4NUN4VEdXZldVSnByZ1pNYndhNzhMX0JCSlhXdm9TNkFTWXBDVnZ0YlJYJTI2bHB0b2tlbiUzRDE3ZjMxNGJhMTAwZTM5NDk0NGQ1JTI2czElM0QyMDQwJTI2czIlM0QxNzIwMzklMjZzMyUzRCUyNnM0JTNEJTI2czUlM0QlMjZzNiUzRCUyNnM3JTNEJTI2a3MlM0QzMDQxJTI2Y29zdCUzRCUyNnRhZyUzRHc2OGYzdWIzZ2dha2NycjBqa3M2NW03YyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= IP188.114.97.1:443
Requested byhttps://casual-flirt-hub.com/0/no/NO_black-blonde-milf_13042022/?lander=60dde1a1-38ad-4b9e-9ba2-adf80a5200c6&clickid=w68f3ub3ggakcrr0jks65m7c&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=qSlcpxe2-M3iHJ575RK5R-4aDVN2l8Wcdu8BNgZELe0gh-K_3ON4Zgzm8TFA_M6Qegk5Zcy79IFaxNOrKvwO7ECIt9gCtwmgde_kO1W5wJcPP4FubijB37tqd6KBjlyVyJc3KKy5MSlrsTrBCzYVI0n56B5SC3Ivr7A7mPTPzoQVpOs3rROzjMTI3hhH7lyDbvvpvDyuLwK5vtOP1ua346OUv_RwvvYGI4uhyAGNOnmsL22UP9sMZrGQ7cex3nsSQYHiuEVZaYeNt9dnfGrYKjph_n1BiXS5pEuelgZeH3DJPdQvRtjBTBbbBQ8UI-QLMXkZaa2z2eMBdFavRxEw5V-ZjYYo844TfEr2ye10YGr1wgFYuUWOZ5noSrscCpmg78BcZwgyCJoofUFYhEWi4guS4S5gPpO3Cjbh9RtLflLM800Ej_32Im_FHCmPvY5IThWcI3x6spG0SiSFgHDKLs-rhypR39KFcdGhkFWSv1sdCWnZOGlhr0qdaJopsFH_3mqGMzoZWTVpkzog1kEjSx5CxTGWfWUJprgZMbwa78L_BBJXWvoS6ASYpCVvtbRX&lptoken=17f314ba100e394944d5&s1=2040&s2=172039&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w68f3ub3ggakcrr0jks65m7c CertificateIssuerGoogle Trust Services LLC Subjectcasual-flirt-hub.com Fingerprint02:2C:3A:01:6D:E1:90:8F:03:77:8A:5C:95:F7:E4:99:7C:F9:E5:B3 ValidityThu, 07 Mar 2024 23:38:26 GMT - Wed, 05 Jun 2024 23:38:25 GMT
File typeJavaScript source, ASCII text, with very long lines (5044), with no line terminators Hash4f8e7bece0e33eebe4e125006a962faa 02df4701a7a073a8ecdf239a4bf72cef2479c5b6 8e51ff96ef81e6ed83a5e9eac293c4e3817601e91050a7b350daeb4ec3359356
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyU2V4JTIwTm9yZ2UlMjIlMkMlMjJ4JTIyJTNBMC4xMzcwNTA5NzYxODYzNTIzJTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0ExMDI0JTJDJTIyZSUyMiUzQTEyODAlMkMlMjJsJTIyJTNBJTIyaHR0cHMlM0ElMkYlMkZjYXN1YWwtZmxpcnQtaHViLmNvbSUyRjAlMkZubyUyRk5PX2JsYWNrLWJsb25kZS1taWxmXzEzMDQyMDIyJTJGJTNGbGFuZGVyJTNENjBkZGUxYTEtMzhhZC00YjllLTliYTItYWRmODBhNTIwMGM2JTI2Y2xpY2tpZCUzRHc2OGYzdWIzZ2dha2NycjBqa3M2NW03YyUyNm9mZmVyJTNENzJkNjA0ZTEtMGJhMC00MDJlLWFiMDItODNkMjc5NWE2MjZhJTI2c3ViYWZmJTNEMzA0MSUyNmdlbyUzRE5PJTI2czklM0QlMjZzOCUzRCUyNmQxJTNEbmlja2luZy11bmRpbmcuY29tJTI2Y2VwJTNEcVNsY3B4ZTItTTNpSEo1NzVSSzVSLTRhRFZOMmw4V2NkdThCTmdaRUxlMGdoLUtfM09ONFpnem04VEZBX002UWVnazVaY3k3OUlGYXhOT3JLdndPN0VDSXQ5Z0N0d21nZGVfa08xVzV3SmNQUDRGdWJpakIzN3RxZDZLQmpseVZ5SmMzS0t5NU1TbHJzVHJCQ3pZVkkwbjU2QjVTQzNJdnI3QTdtUFRQem9RVnBPczNyUk96ak1USTNoaEg3bHlEYnZ2cHZEeXVMd0s1dnRPUDF1YTM0Nk9Vdl9Sd3Z2WUdJNHVoeUFHTk9ubXNMMjJVUDlzTVpyR1E3Y2V4M25zU1FZSGl1RVZaYVllTnQ5ZG5mR3JZS2pwaF9uMUJpWFM1cEV1ZWxnWmVIM0RKUGRRdlJ0akJUQmJiQlE4VUktUUxNWGtaYWEyejJlTUJkRmF2UnhFdzVWLVpqWVlvODQ0VGZFcjJ5ZTEwWUdyMXdnRll1VVdPWjVub1Nyc2NDcG1nNzhCY1p3Z3lDSm9vZlVGWWhFV2k0Z3VTNFM1Z1BwTzNDamJoOVJ0TGZsTE04MDBFal8zMkltX0ZIQ21Qdlk1SVRoV2NJM3g2c3BHMFNpU0ZnSERLTHMtcmh5cFIzOUtGY2RHaGtGV1N2MXNkQ1duWk9HbGhyMHFkYUpvcHNGSF8zbXFHTXpvWldUVnBrem9nMWtFalN4NUN4VEdXZldVSnByZ1pNYndhNzhMX0JCSlhXdm9TNkFTWXBDVnZ0YlJYJTI2bHB0b2tlbiUzRDE3ZjMxNGJhMTAwZTM5NDk0NGQ1JTI2czElM0QyMDQwJTI2czIlM0QxNzIwMzklMjZzMyUzRCUyNnM0JTNEJTI2czUlM0QlMjZzNiUzRCUyNnM3JTNEJTI2a3MlM0QzMDQxJTI2Y29zdCUzRCUyNnRhZyUzRHc2OGYzdWIzZ2dha2NycjBqa3M2NW03YyUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlNUQlN0Q= HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casual-flirt-hub.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 03:29:05 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://casual-flirt-hub.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-max-age: 600
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hC5NgSVrQbiDbYDg5iieMBWlBqM1Rg1ryiThkI4gy3%2B8K6%2BT%2F0bXzBTUyxDVyeMbVu4afeRSRObSnrczg8BlcIJgCl7zYqGX5ItRBsvF%2FIh5OhJcqICg5GzeeFFgdHrEEwWr%2FS3O2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87a37c89af52b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
0.0.0.0