5.63.153.25200 OK 1.3 kB URL User Request GET HTTP/1.1 IP 5.63.153.25:443
ASN #197695 Domain names registrar REG.RU, Ltd
Certificate IssuerLet's Encrypt
Subjectlkcupid.com
FingerprintD2:6B:B6:5F:6F:51:44:3A:82:72:EB:EB:32:EB:81:B8:14:3C:14:0C
ValidityTue, 02 May 2023 08:35:27 GMT - Mon, 31 Jul 2023 08:35:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1153)
Hash 2f869dd51e0d391a2be71495bade3ff5
451393fac929e30156eaabf4d560f02cea9ffcc1
8d1de38686802f10afea5dd09a9b6b1a15b6471c2eac9f1e1dfcdb3495795b49
Analyzer Verdict Alert fortinet Phishing
GET /zNtrRG HTTP/1.1
Host: lkcupid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 14:01:31 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1323
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=1sisi1a2uethk; expires=Thu, 29 Jun 2023 14:01:31 GMT; path=/
e13ae=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4ODVcIjoxNjg1MzY4ODkxfSxcImNhbXBhaWduc1wiOntcIjMzOFwiOjE2ODUzNjg4OTF9LFwidGltZVwiOjE2ODUzNjg4OTF9In0.FJlS4olXYbBrFD2rxUisH4GHbDzzcfLIBecfGcKincc; expires=Sun, 25 Oct 2076 04:03:02 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
lkcupid.com/lander/push3/Play_files/trls.js
5.63.153.25200 OK 3.1 kB URL GET HTTP/1.1 lkcupid.com/lander/push3/Play_files/trls.js
IP 5.63.153.25:443
ASN #197695 Domain names registrar REG.RU, Ltd
Requested by https://lkcupid.com/zNtrRG
Certificate IssuerLet's Encrypt
Subjectlkcupid.com
FingerprintD2:6B:B6:5F:6F:51:44:3A:82:72:EB:EB:32:EB:81:B8:14:3C:14:0C
ValidityTue, 02 May 2023 08:35:27 GMT - Mon, 31 Jul 2023 08:35:26 GMT
File type Unicode text, UTF-8 text, with very long lines (5791), with no line terminators
Hash abd5504e5c862c8e80e0f1cac5ff010d
fe2e2e3cbca56fcbf5d7c85950bd502a9c0faf0b
7bdaca71110d23ffdf0277d17f17f9e591bbacfb68317f17a0ab368e37c028b0
Analyzer Verdict Alert fortinet Phishing
GET /lander/push3/Play_files/trls.js HTTP/1.1
Host: lkcupid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lkcupid.com/zNtrRG
Cookie: _subid=1sisi1a2uethk; e13ae=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4ODVcIjoxNjg1MzY4ODkxfSxcImNhbXBhaWduc1wiOntcIjMzOFwiOjE2ODUzNjg4OTF9LFwidGltZVwiOjE2ODUzNjg4OTF9In0.FJlS4olXYbBrFD2rxUisH4GHbDzzcfLIBecfGcKincc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 14:01:32 GMT
Content-Type: application/javascript
Last-Modified: Tue, 20 Sep 2022 19:11:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"632a105d-199d"
Expires: Thu, 08 Jun 2023 14:01:32 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
lkcupid.com/lander/push3/Play_files/pxl.png
5.63.153.25200 OK 0 B URL GET HTTP/1.1 lkcupid.com/lander/push3/Play_files/pxl.png
IP 5.63.153.25:443
ASN #197695 Domain names registrar REG.RU, Ltd
Requested by https://lkcupid.com/zNtrRG
Certificate IssuerLet's Encrypt
Subjectlkcupid.com
FingerprintD2:6B:B6:5F:6F:51:44:3A:82:72:EB:EB:32:EB:81:B8:14:3C:14:0C
ValidityTue, 02 May 2023 08:35:27 GMT - Mon, 31 Jul 2023 08:35:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lander/push3/Play_files/pxl.png HTTP/1.1
Host: lkcupid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lkcupid.com/zNtrRG
Cookie: _subid=1sisi1a2uethk; e13ae=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4ODVcIjoxNjg1MzY4ODkxfSxcImNhbXBhaWduc1wiOntcIjMzOFwiOjE2ODUzNjg4OTF9LFwidGltZVwiOjE2ODUzNjg4OTF9In0.FJlS4olXYbBrFD2rxUisH4GHbDzzcfLIBecfGcKincc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 14:01:32 GMT
Content-Type: image/png
Content-Length: 0
Last-Modified: Tue, 20 Sep 2022 19:11:25 GMT
Connection: keep-alive
ETag: "632a105d-0"
Expires: Thu, 08 Jun 2023 14:01:32 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
lkcupid.com/lander/push3/Play_files/search.png
5.63.153.25200 OK 272 B URL GET HTTP/1.1 lkcupid.com/lander/push3/Play_files/search.png
IP 5.63.153.25:443
ASN #197695 Domain names registrar REG.RU, Ltd
Requested by https://lkcupid.com/zNtrRG
Certificate IssuerLet's Encrypt
Subjectlkcupid.com
FingerprintD2:6B:B6:5F:6F:51:44:3A:82:72:EB:EB:32:EB:81:B8:14:3C:14:0C
ValidityTue, 02 May 2023 08:35:27 GMT - Mon, 31 Jul 2023 08:35:26 GMT
File type PNG image data, 19 x 19, 4-bit colormap, non-interlaced\012- data
Hash 57b54d177760316e39682cf0771c5c2e
38ea6f8dd98f4c1839b8c645dacb57bbee9844cd
2c5cc814862e6c7458267452bc8c22cd5a80fc28627f7e23412a5cd713cc10c3
GET /lander/push3/Play_files/search.png HTTP/1.1
Host: lkcupid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lkcupid.com/zNtrRG
Cookie: _subid=1sisi1a2uethk; e13ae=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4ODVcIjoxNjg1MzY4ODkxfSxcImNhbXBhaWduc1wiOntcIjMzOFwiOjE2ODUzNjg4OTF9LFwidGltZVwiOjE2ODUzNjg4OTF9In0.FJlS4olXYbBrFD2rxUisH4GHbDzzcfLIBecfGcKincc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 14:01:32 GMT
Content-Type: image/png
Content-Length: 272
Last-Modified: Tue, 20 Sep 2022 19:11:25 GMT
Connection: keep-alive
ETag: "632a105d-110"
Expires: Thu, 08 Jun 2023 14:01:32 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
lkcupid.com/lander/push3/Play_files/pornhub2.png
5.63.153.25200 OK 3.8 kB URL GET HTTP/1.1 lkcupid.com/lander/push3/Play_files/pornhub2.png
IP 5.63.153.25:443
ASN #197695 Domain names registrar REG.RU, Ltd
Requested by https://lkcupid.com/zNtrRG
Certificate IssuerLet's Encrypt
Subjectlkcupid.com
FingerprintD2:6B:B6:5F:6F:51:44:3A:82:72:EB:EB:32:EB:81:B8:14:3C:14:0C
ValidityTue, 02 May 2023 08:35:27 GMT - Mon, 31 Jul 2023 08:35:26 GMT
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash 5a566962edb9250412a6ade3fbfa42ac
593e896c07193305ee0a0d51e61f267bbc0ad11a
a818fb019b0dd6a6472d7bb0c14744806c6aa5e65fc68c340d40cb36a8fadf36
GET /lander/push3/Play_files/pornhub2.png HTTP/1.1
Host: lkcupid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lkcupid.com/zNtrRG
Cookie: _subid=1sisi1a2uethk; e13ae=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4ODVcIjoxNjg1MzY4ODkxfSxcImNhbXBhaWduc1wiOntcIjMzOFwiOjE2ODUzNjg4OTF9LFwidGltZVwiOjE2ODUzNjg4OTF9In0.FJlS4olXYbBrFD2rxUisH4GHbDzzcfLIBecfGcKincc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 29 May 2023 14:01:32 GMT
Content-Type: image/png
Content-Length: 3827
Last-Modified: Tue, 20 Sep 2022 19:11:25 GMT
Connection: keep-alive
ETag: "632a105d-ef3"
Expires: Thu, 08 Jun 2023 14:01:32 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
lkcupid.com/favicon.ico
5.63.153.25404 Not Found 146 B IP 5.63.153.25:443
ASN #197695 Domain names registrar REG.RU, Ltd
Requested by https://lkcupid.com/zNtrRG
Certificate IssuerLet's Encrypt
Subjectlkcupid.com
FingerprintD2:6B:B6:5F:6F:51:44:3A:82:72:EB:EB:32:EB:81:B8:14:3C:14:0C
ValidityTue, 02 May 2023 08:35:27 GMT - Mon, 31 Jul 2023 08:35:26 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: lkcupid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lkcupid.com/zNtrRG
Cookie: _subid=1sisi1a2uethk; e13ae=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4ODVcIjoxNjg1MzY4ODkxfSxcImNhbXBhaWduc1wiOntcIjMzOFwiOjE2ODUzNjg4OTF9LFwidGltZVwiOjE2ODUzNjg4OTF9In0.FJlS4olXYbBrFD2rxUisH4GHbDzzcfLIBecfGcKincc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 29 May 2023 14:01:32 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
deehalig.net/zone?&pub=0&zone_id=5388323&is_mobile=false&domain=lkcupid.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
139.45.197.251200 OK 0 B URL POST HTTP/2 deehalig.net/zone?&pub=0&zone_id=5388323&is_mobile=false&domain=lkcupid.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest
IP 139.45.197.251:443
Requested by https://lkcupid.com/zNtrRG
Certificate IssuerLet's Encrypt
Subjectdeehalig.net
Fingerprint2C:9D:DA:32:1D:B3:70:D5:60:17:43:48:BC:26:C8:B7:AA:F8:4E:71
ValidityFri, 07 Apr 2023 05:21:25 GMT - Thu, 06 Jul 2023 05:21:24 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=5388323&is_mobile=false&domain=lkcupid.com&var=&ymid=&var_3=&var_4=&dsig=&action=prerequest HTTP/1.1
Host: deehalig.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lkcupid.com
DNT: 1
Connection: keep-alive
Referer: https://lkcupid.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 14:01:32 GMT
content-length: 0
x-trace-id: 393c71153d7da39553f99e21986cc573
access-control-allow-origin: https://lkcupid.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
lkcupid.com/sw-check-permissions-126ec.js
5.63.153.25404 Not Found 146 B URL GET HTTP/1.1 lkcupid.com/sw-check-permissions-126ec.js
IP 5.63.153.25:443
ASN #197695 Domain names registrar REG.RU, Ltd
Requested by https://lkcupid.com/zNtrRG
Certificate IssuerLet's Encrypt
Subjectlkcupid.com
FingerprintD2:6B:B6:5F:6F:51:44:3A:82:72:EB:EB:32:EB:81:B8:14:3C:14:0C
ValidityTue, 02 May 2023 08:35:27 GMT - Mon, 31 Jul 2023 08:35:26 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
Analyzer Verdict Alert fortinet Phishing
GET /sw-check-permissions-126ec.js HTTP/1.1
Host: lkcupid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://lkcupid.com/zNtrRG
Cookie: _subid=1sisi1a2uethk; e13ae=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE4ODVcIjoxNjg1MzY4ODkxfSxcImNhbXBhaWduc1wiOntcIjMzOFwiOjE2ODUzNjg4OTF9LFwidGltZVwiOjE2ODUzNjg4OTF9In0.FJlS4olXYbBrFD2rxUisH4GHbDzzcfLIBecfGcKincc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 29 May 2023 14:01:32 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
deehalig.net/pfe/current/micro.tag.min.js?z=5388323&sw=/sw-check-permissions-126ec.js
139.45.197.251200 OK 42 kB URL GET HTTP/2 deehalig.net/pfe/current/micro.tag.min.js?z=5388323&sw=/sw-check-permissions-126ec.js
IP 139.45.197.251:443
Requested by https://lkcupid.com/zNtrRG
Certificate IssuerLet's Encrypt
Subjectdeehalig.net
Fingerprint2C:9D:DA:32:1D:B3:70:D5:60:17:43:48:BC:26:C8:B7:AA:F8:4E:71
ValidityFri, 07 Apr 2023 05:21:25 GMT - Thu, 06 Jul 2023 05:21:24 GMT
File type C source, ASCII text, with very long lines (42050), with no line terminators
Hash 348aaf537e25d9ba3675b0202c78cb6d
eaccff0d833dcb09d9f359cdcde33798deec6bfd
cc5c0daa5580f8ad52aba290bf9055d9322a43e36d4fed60ebfd2d2e01f19987
GET /pfe/current/micro.tag.min.js?z=5388323&sw=/sw-check-permissions-126ec.js HTTP/1.1
Host: deehalig.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lkcupid.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 29 May 2023 14:01:32 GMT
content-type: application/javascript
last-modified: Mon, 29 May 2023 10:02:24 GMT
etag: W/"64747830-a442"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2