Report - thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push

Report Overview

Submitted URL
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv
IP
151.101.1.195
ASN
#54113 FASTLY
Submitted
2023-05-26 09:33:43
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-26	1.4 kB	2.8 kB	142.250.74.131
tfosrv.com	65142	2020-11-17	2020-11-18	2023-05-25	444 B	23 kB	216.18.168.29
api-un.unative.com	297644	2011-07-21	2019-07-05	2023-05-23	1.1 kB	1.3 kB	162.55.0.219
tr-un.unative.com	86814	2011-07-21	2019-10-10	2023-05-23	1.1 kB	1.0 kB	162.55.0.220
ocsp.r2m02.amazontrust.com	unknown	2007-05-11	2022-10-12	2023-05-26	340 B	944 B	54.230.80.227
ocsp.godaddy.com	698	1999-03-02	2012-05-20	2023-05-26	330 B	2.3 kB	192.124.249.22
sdk.unative.com	468198	2011-07-21	2019-08-11	2023-05-23	830 B	201 kB	185.76.9.16
nextgencounter.com	92600	2022-05-20	2021-03-02	2023-05-25	483 B	0 B	0.0.0.0
thenewfling.com	unknown	unknown	2020-03-25	2023-03-17	6.9 kB	253 kB	151.101.1.195
pickupmates.com	unknown	unknown	2019-03-29	2023-04-05	829 B	1.3 kB	151.101.65.195
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-05-26	421 B	59 kB	142.250.74.168
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-26	330 B	964 B	104.18.14.101
ads.traffichunt.com	68632	2003-11-10	2014-02-19	2023-05-25	467 B	757 B	50.17.64.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-26	medium	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv
2023-05-26	medium	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
2023-05-26	medium	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/quiz.jquery.js
2023-05-26	medium	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/jquery-2.1.3.min.js
2023-05-26	medium	thenewfling.com/prelanderSDK.min.js

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtm.js?id=GTM-TMR4NP	169 kB	2023-05-26	2023-05-26
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TMR4NP IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-26 11:33:45 Last Seen2023-05-26 13:59:21 Times Seen4 Hash d35287f2e948a69497395b7b5ebfde44 4e60d8af3d7bf969bd3082933cc0eda52ffb3cfe 190055570b9012d030ed571cc80a40f553832e70b5bd77963cce4e08c6d50dca Loading...

	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/	446 B	2023-05-26	2023-05-26
Pretty URL thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/ IP 151.101.1.195 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-26 11:33:45 Last Seen2023-05-26 11:33:45 Times Seen1 Hash d90e0693470bae21f70469958a45f932 f6c62a6d7a5eb1695ec1a64b69f650f64e34dde8 463d3f4c88a5b16d719c8beaee8b0c862f4c291b8219dc0937049ce44cfce79a Loading...

	pickupmates.com/UNativeSDKUpdaterWorker.js	62 B	2023-03-12	2023-05-26
Pretty URL pickupmates.com/UNativeSDKUpdaterWorker.js IP 151.101.65.195 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 20:41:56 Last Seen2023-05-26 11:33:45 Times Seen4 Hash 0c7909043bfae2b5b9546631b3aaea79 1e97e771f276fe81ba10ead478390056b47e4037 1ce071c9effc970aa56d59810f9b04372a9ac4c0bb273fd416f743b0c3e49689 Loading...

	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/	0 B	2023-03-07	2024-04-26
Pretty URL thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/ IP 151.101.1.195 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 05:32:24 Times Seen37084078 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/quiz.jquery.js	756 B	2023-03-09	2023-10-02
Pretty URL thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/quiz.jquery.js IP 151.101.1.195 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 05:34:11 Last Seen2023-10-02 20:04:33 Times Seen7 Hash 4205e82f8b6d013d405c74cc16b3b9a2 1f271868163d1cfa7a254889d6d8ccf33aa40861 4c828a9318bb846d20751582aa76f426dca400a4951043ece8e3c027daea5b2e Loading...

	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/	0 B	2023-03-07	2024-04-26
Pretty URL thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/ IP 151.101.1.195 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 05:32:24 Times Seen37084078 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	sdk.unative.com/UNativeSDK.js	17 kB	2023-03-07	2023-12-01
Pretty URL sdk.unative.com/UNativeSDK.js IP 185.76.9.16 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:10 Last Seen2023-12-01 10:55:03 Times Seen161 Hash 647c17795b88ec6b0432e10ebebbce67 ae012902de61b37343ed3288b65e07a4f94edb31 12f3ffc2bef3ae11d82ec74d1c21eaf9d7ee389d320b85d8fb00b666a6eefa2c Loading...

	sdk.unative.com/UNativePageSDKES6.js?v=150706	183 kB	2023-05-07	2023-12-01
Pretty URL sdk.unative.com/UNativePageSDKES6.js?v=150706 IP 185.76.9.16 ASN #60068 Datacamp Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-07 17:04:28 Last Seen2023-12-01 10:55:03 Times Seen75 Hash b3332c141ef65c70ffcb6c233261d49e 64340ed0e6f5ed9cefd865ab49b93b5b16e9dc53 2d97792c95b1c337e75917308f9da48c3497c1896cc3039106bf343b2f14d3b8 Loading...

	thenewfling.com/prelanderSDK.min.js	274 B	2023-03-08	2024-02-28
Pretty URL thenewfling.com/prelanderSDK.min.js IP 151.101.1.195 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:41:07 Last Seen2024-02-28 12:35:29 Times Seen118 Hash d906c8490feee06c13c35b61fbabfde8 2eb25b8c38db7e9105c560f5801d982f7682d747 6d623cabd30ff4adb8e9b8e1780f1089822c386384e3888b4e3d713a9372b317 Loading...

	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/jquery-2.1.3.min.js	84 kB	2023-03-07	2024-04-26
Pretty URL thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/jquery-2.1.3.min.js IP 151.101.1.195 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 01:59:57 Times Seen14089 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/	603 B	2023-05-09	2024-02-28
Pretty URL thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/ IP 151.101.1.195 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-09 23:40:43 Last Seen2024-02-28 12:35:29 Times Seen23 Hash 1eb6bcf38332adf8655e94257d4a2f88 a6bdcfbfda972ca751fe5803d7474e004517b458 fed16d13e504d91692ca72c955849cd6a63e55b5401039da08fcad7d935b458f Loading...

	thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/	0 B	2023-03-07	2024-04-26
Pretty URL thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/ IP 151.101.1.195 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 05:32:24 Times Seen37084078 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (32)

URL IP Response Size

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv

151.101.1.195

301 Moved Permanently

64 B

URL User Request GET HTTP/2
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv
IP
151.101.1.195:443
ASN
#54113 FASTLY

Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
bc16f91008d9df3b3a79c10f3eb9cf98
ce7b1a5ec0ba3eadadc60b0fc6488e045148080c
cdf5d905fdf7390bd4e080f3019d2d5242e0cca8d706059b8afd45775aa9a530

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
location: /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093605.112069,VS0,VE43
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 64
X-Firefox-Spdy: h2

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/

151.101.1.195

200 OK

2.0 kB

URL User Request GET HTTP/2
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
IP
151.101.1.195:443
ASN
#54113 FASTLY

Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (618)
Size
2.0 kB (2045 bytes)
Hash
1d442b3044365105dbd5e62bace59381
22632953998a228790e574d9b62db899aa0f7c6a
a4bd5a1bdede80daa57d2f6538b2a46ed70859257ea4f07fd470cc3f3f580b40

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/ HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "3d64f4c27e2e36cd1841208943b6257974151c4570025a0862f9cdbf8cfeac48-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093605.210343,VS0,VE127
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2045
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4/gJxony9XCjo

142.250.74.131

471 B

URL
ocsp.pki.goog/s/gts1d4/gJxony9XCjo
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5119a387ae6da7509acb59818c55bcc6
df314a02e9479daa9465a3679f3a51099f45c9d8
8b52860e4e3a012d3ecfeac4cb48b3e2696ff439e4cde93fd331a06397468d78

HTTP Headers

POST /s/gts1d4/gJxony9XCjo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 09:33:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/quiz.jquery.js

151.101.1.195

200 OK

269 B

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/quiz.jquery.js
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
ASCII text, with very long lines (370)
Size
269 B (269 bytes)
Hash
4205e82f8b6d013d405c74cc16b3b9a2
1f271868163d1cfa7a254889d6d8ccf33aa40861
4c828a9318bb846d20751582aa76f426dca400a4951043ece8e3c027daea5b2e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/quiz.jquery.js HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 269
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "7b5911115046ae160c74884e2f365a59c61d192118497d6f801e454b813694f1-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.658815,VS0,VE50
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/jquery-2.1.3.min.js

151.101.1.195

200 OK

27 kB

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/jquery-2.1.3.min.js
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
ASCII text, with very long lines (32180)
Size
27 kB (26669 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/js/jquery-2.1.3.min.js HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 26669
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "ab6dfee40c45ba9c9689a69f90ac9ca9f3a9ec87b5a5d754a5e968d9159d3f84-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.658285,VS0,VE77
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/cookie.css

151.101.1.195

200 OK

742 B

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/cookie.css
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
ASCII text
Size
742 B (742 bytes)
Hash
b6afeeee87b7fcef05acfbffc7fa4515
91469243b8d1d23d9e2ee643d938d2f167687f1e
5c6dc2ed6abe1a0094ed05ac25bd1f133dd23c25500fcebbcc5351a5802980f7

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/cookie.css HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 742
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "7c368996daf997cc6cf25d5a66d940ba6b90d542b87b5379c2df67a7eefbadf4-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.654267,VS0,VE122
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

pickupmates.com/UNativeSDKUpdaterWorker.js

151.101.65.195

200 OK

62 B

URL GET HTTP/2
pickupmates.com/UNativeSDKUpdaterWorker.js
IP
151.101.65.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjecteleicaoaovivo.com.br
FingerprintAB:3F:13:8C:CB:D9:EF:F5:F8:21:90:BB:2C:C3:11:F6:78:F1:EB:27
ValiditySun, 14 May 2023 14:27:27 GMT - Sat, 12 Aug 2023 15:25:32 GMT

File type
Java source, ASCII text
Size
62 B (62 bytes)
Hash
0c7909043bfae2b5b9546631b3aaea79
1e97e771f276fe81ba10ead478390056b47e4037
1ce071c9effc970aa56d59810f9b04372a9ac4c0bb273fd416f743b0c3e49689

HTTP Headers

GET /UNativeSDKUpdaterWorker.js HTTP/1.1
Host: pickupmates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-type: text/javascript; charset=utf-8
etag: "98584797339fc7b930aed7f5fc19a38730c4312dc558a3ef458942d9df3c2e87"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1674-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.733016,VS0,VE103
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62
X-Firefox-Spdy: h2

pickupmates.com/UNativeSDKWorker.js

151.101.65.195

200 OK

62 B

URL GET HTTP/2
pickupmates.com/UNativeSDKWorker.js
IP
151.101.65.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjecteleicaoaovivo.com.br
FingerprintAB:3F:13:8C:CB:D9:EF:F5:F8:21:90:BB:2C:C3:11:F6:78:F1:EB:27
ValiditySun, 14 May 2023 14:27:27 GMT - Sat, 12 Aug 2023 15:25:32 GMT

File type
Java source, ASCII text
Size
62 B (62 bytes)
Hash
0c7909043bfae2b5b9546631b3aaea79
1e97e771f276fe81ba10ead478390056b47e4037
1ce071c9effc970aa56d59810f9b04372a9ac4c0bb273fd416f743b0c3e49689

HTTP Headers

GET /UNativeSDKWorker.js HTTP/1.1
Host: pickupmates.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-type: text/javascript; charset=utf-8
etag: "98584797339fc7b930aed7f5fc19a38730c4312dc558a3ef458942d9df3c2e87"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1674-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.737433,VS0,VE100
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 62
X-Firefox-Spdy: h2

thenewfling.com/prelanderSDK.min.js

151.101.1.195

200 OK

159 B

URL GET HTTP/3
thenewfling.com/prelanderSDK.min.js
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
ASCII text, with no line terminators
Size
159 B (159 bytes)
Hash
d906c8490feee06c13c35b61fbabfde8
2eb25b8c38db7e9105c560f5801d982f7682d747
6d623cabd30ff4adb8e9b8e1780f1089822c386384e3888b4e3d713a9372b317

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /prelanderSDK.min.js HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 159
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "28f8bb9bb5209eb23dd08adec02cc1ef239ce6bf0eb2126a34aa5cfbf484ca48-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.651968,VS0,VE213
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/logo.png

151.101.1.195

200 OK

2.5 kB

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/logo.png
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
PNG image data, 99 x 27, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2481 bytes)
Hash
e71e0d341eaf9e127a15f7d0c1de1e84
ca2f550b53e9c1d1b5ebba886ba01f53089c5bf8
6a5d67e248e7d446af534b0402a93621875ab55ad11fa0ff1de1bff11d3abd7a

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/logo.png HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2481
cache-control: max-age=3600
content-encoding: br
content-type: image/png
etag: "97ab77bf187ba714d25e6f3aeb664abb6d9aa4f8a8048d422f6be8dc6bdb4b69-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.657867,VS0,VE214
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/tos.css

151.101.1.195

200 OK

261 B

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/tos.css
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
ASCII text
Size
261 B (261 bytes)
Hash
8d38fdbd57b12082e9b99722427d6d2d
a2985688bc995daf59db4d69be9ca67a26df8c7e
cfd18bfd446468ed7c76814ce9bc5aa26169ac4390bf37d67720ddae7f1156de

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/tos.css HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 261
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "3237a7dc7ec73f50f08941de1211303227e4142b692e23ee7db41a24aa893545-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.654831,VS0,VE231
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css

151.101.1.195

200 OK

2.5 kB

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
ASCII text, with very long lines (1644)
Size
2.5 kB (2510 bytes)
Hash
e4d8616380ba53778d675900a487e19f
a8198760de49c3cf2895b7be227c7848f6aab68a
8c1de21fe94f1777565f06200b0a297165ef76e5f23a69d524263cb2da733764

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2510
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "fa6cafb81af35a9aae752fc783be3693e6a21e931e6df0fd7cb97f8ca5a8682b-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:25 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.653054,VS0,VE249
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.pki.goog/s/gts1d4/o8O33kxIzXk

142.250.74.131

472 B

URL
ocsp.pki.goog/s/gts1d4/o8O33kxIzXk
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b69c1211cd915e4b1ddd5fe1e0153f08
92effeef43ef44c8553de280425d88764db8b807
199f565ac407af4e2f1f0c46539694782ce7b66c7634b50edf988a5d821f38a5

HTTP Headers

POST /s/gts1d4/o8O33kxIzXk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 09:33:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4f771b9e05938d93366a814a2714cc32
33b5a01f35241d5085c476d06542865904652ad4
2db84be074e99462d8d9dd248b445da5bb78332b6087a247abfe88dd9b9f8cdf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 09:33:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-TMR4NP

142.250.74.168

200 OK

58 kB

URL GET HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TMR4NP
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (14686)
Size
58 kB (58094 bytes)
Hash
d35287f2e948a69497395b7b5ebfde44
4e60d8af3d7bf969bd3082933cc0eda52ffb3cfe
190055570b9012d030ed571cc80a40f553832e70b5bd77963cce4e08c6d50dca

HTTP Headers

GET /gtm.js?id=GTM-TMR4NP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 May 2023 09:33:26 GMT
expires: Fri, 26 May 2023 09:33:26 GMT
cache-control: private, max-age=900
last-modified: Fri, 26 May 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 58094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/02.gif

151.101.1.195

200 OK

41 kB

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/02.gif
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
GIF image data, version 89a, 200 x 300\012- data
Size
41 kB (40729 bytes)
Hash
d2b6a17792b4b70d72f79148a03ecbb6
6b05aeb8897e563c21cb077a1ca0a6918dfde1ba
01358dc7722866cc65e88099761b9542b9ce28f46e1348117dee341c2cd5ef9c

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/02.gif HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 40729
cache-control: max-age=3600
content-encoding: br
content-type: image/gif
etag: "9f183c4784b8e6c8f60f4a48fac530d38b419dae88cecbace6c2aec8e0b509de-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:26 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.052123,VS0,VE102
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4f771b9e05938d93366a814a2714cc32
33b5a01f35241d5085c476d06542865904652ad4
2db84be074e99462d8d9dd248b445da5bb78332b6087a247abfe88dd9b9f8cdf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 26 May 2023 09:33:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/bg.jpg

151.101.1.195

200 OK

80 kB

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/bg.jpg
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2004x1252, components 3\012- data
Size
80 kB (79524 bytes)
Hash
5c636f38346483eb3490a7dd150e9619
45ad806c67795ae56f72ad70b6407cbe13667eac
b60fc52636018917e614bdb012cd002e196109a051cc971cdc16e5857439fda7

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/bg.jpg HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 79524
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "a8af376aee65cbdc80b9814dc9e82cb89ebe93646a2882fdfd050ddde9721a1b-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:26 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.045965,VS0,VE297
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/01.gif

151.101.1.195

200 OK

89 kB

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/01.gif
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
GIF image data, version 89a, 200 x 300\012- data
Size
89 kB (89160 bytes)
Hash
acdb1a6c76850f957fed7fdd8f0f7d19
db536cb81494ab3e0de70e2f91282f3f3c9f5e67
fc461b65e548b4e96652a96aae85faa55a951c4a3355d3cacb7af3c6616c2b61

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/01.gif HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/css/skeleton.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 89160
cache-control: max-age=3600
content-encoding: br
content-type: image/gif
etag: "3a104a46fd214e3092364a7c742212b6dc9522a6b553c8be444574707b3479f4-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:26 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093606.051748,VS0,VE278
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ocsp.sectigo.com/

104.18.14.101

472 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
6a0059029d0a6786de5d43f8da5f1090
20db24462d3cd844179444f0af822c94f819bbd8
07cd5640c9eb8ffd998e6b5c9932d1fa27d4ec48004fe77608f0441f05f1b61f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 26 May 2023 09:33:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 26 May 2023 07:46:43 GMT
Expires: Fri, 02 Jun 2023 07:46:42 GMT
Etag: "20db24462d3cd844179444f0af822c94f819bbd8"
Cache-Control: max-age=598554,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cd5043fa953b50f-OSL

tfosrv.com/retargeting.js?id=981&gtmcb=83948494

216.18.168.29

200 OK

22 kB

URL GET HTTP/1.1
tfosrv.com/retargeting.js?id=981&gtmcb=83948494
IP
216.18.168.29:443
ASN
#29789 REFLECTED

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerSectigo Limited
Subject*.tfosrv.com
Fingerprint02:80:28:FF:F2:1F:50:3B:EB:C2:80:1C:FC:89:57:41:02:60:19:04
ValidityMon, 07 Nov 2022 00:00:00 GMT - Sat, 18 Nov 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (59972), with no line terminators
Size
22 kB (22400 bytes)
Hash
2c6da79b4fde76de73775959102316ff
85d49c9039e9472283d6538affdc6ba4e3c53aa6
d9f4e141f06b5e635d055b7c516309a85ce6f971f58c4e8143f9507b8e4b2d13

HTTP Headers

GET /retargeting.js?id=981&gtmcb=83948494 HTTP/1.1
Host: tfosrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
server: nginx
date: Fri, 26 May 2023 09:33:26 GMT
content-type: text/javascript
transfer-encoding: chunked
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: 0
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding: gzip
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version

api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd

162.55.0.219

200

18 B

URL OPTIONS HTTP/1.1
api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd
IP
162.55.0.219:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerLet's Encrypt
Subjectunative.com
Fingerprint5C:45:95:F3:E4:7F:3E:45:81:1C:87:CE:0C:E6:E7:1B:C0:B3:8A:35
ValiditySat, 06 May 2023 08:11:27 GMT - Fri, 04 Aug 2023 08:11:26 GMT

File type
ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879

HTTP Headers

OPTIONS /p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd HTTP/1.1
Host: api-un.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,sdk-version
Referer: https://thenewfling.com/
Origin: https://thenewfling.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
allow: HEAD,GET,OPTIONS
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: content-type,sdk-version,origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
access-control-allow-headers: content-type,sdk-version,origin,accept,content-type,x-requested-with
content-type: text/plain;charset=UTF-8
content-length: 18
date: Fri, 26 May 2023 09:33:25 GMT

tr-un.unative.com/track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd

162.55.0.220

200

18 B

URL GET HTTP/1.1
tr-un.unative.com/track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd
IP
162.55.0.220:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerLet's Encrypt
Subjectunative.com
Fingerprint5C:45:95:F3:E4:7F:3E:45:81:1C:87:CE:0C:E6:E7:1B:C0:B3:8A:35
ValiditySat, 06 May 2023 08:11:27 GMT - Fri, 04 Aug 2023 08:11:26 GMT

File type
ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
cc7fd95a87ea3721ce1853bf3c4dd75e
7f687f7881adf0fc407378d375a61b8f198c0912
0f06a4c8d34690d4e42c81f232a5bdfe9fcbde8a54b5ccd0609a313e90da0879

HTTP Headers

OPTIONS /track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd HTTP/1.1
Host: tr-un.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,sdk-version
Referer: https://thenewfling.com/
Origin: https://thenewfling.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
allow: HEAD,GET,OPTIONS
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: content-type,sdk-version,origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
access-control-allow-headers: content-type,sdk-version,origin,accept,content-type,x-requested-with
content-type: text/plain;charset=UTF-8
content-length: 18
date: Fri, 26 May 2023 09:33:25 GMT

ocsp.r2m02.amazontrust.com/

54.230.80.227

471 B

URL
ocsp.r2m02.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9c20b6eea6243fabb752085d6be934fc
28578c12d46431e162d7f2c8663da00887f06c2a
c4e8ce753fcb00e5c1b647cd7381dae5c63fe7a373f6719156bbb4bc1fd96050

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Fri, 26 May 2023 09:33:26 GMT
Last-Modified: Fri, 26 May 2023 07:51:31 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7AdaGrpj_1yW-hkRXZYNv2PkZHMI8yxBmXUBh6Dt75L4NMeEq9wKjg==
Age: 6115

api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd

162.55.0.219

200

195 B

URL OPTIONS HTTP/1.1
api-un.unative.com/p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd
IP
162.55.0.219:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerLet's Encrypt
Subjectunative.com
Fingerprint5C:45:95:F3:E4:7F:3E:45:81:1C:87:CE:0C:E6:E7:1B:C0:B3:8A:35
ValiditySat, 06 May 2023 08:11:27 GMT - Fri, 04 Aug 2023 08:11:26 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
195 B (195 bytes)
Hash
f41a8eae0760099fe19c7b303f011f8f
0274ea39d09d84685e33b7d27a785779ae7b5a3e
b0195e7e061ecb9023569e2227df2ee320e3b9037d230d042c7a706e59495c59

HTTP Headers

GET /p/w/33db8e77-19c7-4958-9af2-1a888a2a64fd HTTP/1.1
Host: api-un.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thenewfling.com/
content-type: application/json;charset=UTF-8
sdk-version: unative/web/150706
Origin: https://thenewfling.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
content-type: application/json;charset=UTF-8
content-length: 195
date: Fri, 26 May 2023 09:33:25 GMT

tr-un.unative.com/track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd

162.55.0.220

200

0 B

URL GET HTTP/1.1
tr-un.unative.com/track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd
IP
162.55.0.220:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerLet's Encrypt
Subjectunative.com
Fingerprint5C:45:95:F3:E4:7F:3E:45:81:1C:87:CE:0C:E6:E7:1B:C0:B3:8A:35
ValiditySat, 06 May 2023 08:11:27 GMT - Fri, 04 Aug 2023 08:11:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /track/visit/incognito/33db8e77-19c7-4958-9af2-1a888a2a64fd HTTP/1.1
Host: tr-un.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thenewfling.com/
content-type: application/json;charset=UTF-8
sdk-version: unative/web/150706
Origin: https://thenewfling.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
content-length: 0
date: Fri, 26 May 2023 09:33:25 GMT

ocsp.godaddy.com/

192.124.249.22

1.8 kB

URL
ocsp.godaddy.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
3ad880cf40d9cce3ec780806bff57ffd
f6a6ccda70cfc6bda2f948d422fd13101f0be0aa
0216c328aed44842dd846cdde5169f59333d13e3f4f578db98afac5a5bedfd0c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 26 May 2023 09:33:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 26 May 2023 01:07:26 GMT
Expires: Sat, 27 May 2023 01:07:26 GMT
ETag: "f6a6ccda70cfc6bda2f948d422fd13101f0be0aa"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/favicon.ico

151.101.1.195

200 OK

637 B

URL GET HTTP/3
thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/favicon.ico
IP
151.101.1.195:443
ASN
#54113 FASTLY

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerGoogle Trust Services LLC
Subjectdeeplink.rapidbooksapp.com
Fingerprint3A:26:99:9E:10:89:BB:C8:44:72:3D:3A:B9:55:BE:6D:08:50:0F:67
ValidityMon, 15 May 2023 19:01:17 GMT - Sun, 13 Aug 2023 19:59:41 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced\012- data
Size
637 B (637 bytes)
Hash
f3307a052515a60d66746e23a6643577
a5b634673547884f8a1278594943d4551b53407c
40aae88ad63cb43fdc765222aed3654035d03ea3f4ee37e24a5e9bc2d308a960

HTTP Headers

GET /ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/images/favicon.ico HTTP/1.1
Host: thenewfling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 637
cache-control: max-age=3600
content-encoding: br
content-type: image/x-icon
etag: "f51b8bc05c1b4c9acf831a82ef85f352141a06f3e60863f027007be9f138c8e5-br"
last-modified: Mon, 22 May 2023 09:06:01 GMT
strict-transport-security: max-age=31556926
accept-ranges: bytes
date: Fri, 26 May 2023 09:33:26 GMT
x-served-by: cache-bma1621-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1685093607.822414,VS0,VE84
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

sdk.unative.com/UNativeSDK.js

185.76.9.16

200 OK

17 kB

URL GET HTTP/2
sdk.unative.com/UNativeSDK.js
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerLet's Encrypt
Subject1058678020.rsc.cdn77.org
Fingerprint3B:5B:FB:88:88:D1:AD:6C:3C:F7:51:90:54:F1:20:72:1A:95:2A:3F
ValidityFri, 07 Apr 2023 21:00:39 GMT - Thu, 06 Jul 2023 21:00:38 GMT

File type
ASCII text, with very long lines (17396), with no line terminators
Size
17 kB (17396 bytes)
Hash
647c17795b88ec6b0432e10ebebbce67
ae012902de61b37343ed3288b65e07a4f94edb31
12f3ffc2bef3ae11d82ec74d1c21eaf9d7ee389d320b85d8fb00b666a6eefa2c

HTTP Headers

GET /UNativeSDK.js HTTP/1.1
Host: sdk.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 May 2023 09:33:25 GMT
content-type: application/x-javascript
last-modified: Thu, 27 Apr 2023 15:05:30 GMT
etag: W/"43f4-5fa52affcd6e3"
vary: Accept-Encoding, Accept-Encoding
server: CDN77-Turbo
x-77-nzt: AblMCQ33yi//InQKAA
x-77-nzt-ray: c0a4cc288a72b0b9e57c70642f9bb131
x-accel-expires: @1685445315
x-accel-date: 1684408515
x-cache: HIT
x-age: 685090
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3&gtmcb=1479518658

50.17.64.27

200 OK

0 B

URL GET HTTP/2
ads.traffichunt.com/adv_ret/?adv_pixel_id=861&nid=3&gtmcb=1479518658
IP
50.17.64.27:443
ASN
#14618 AMAZON-AES

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerAmazon
Subjecttraffichunt.com
Fingerprint38:A6:CE:AD:A1:64:3D:1A:5F:30:26:ED:6B:E1:5A:EC:ED:2E:11:66
ValidityWed, 01 Mar 2023 00:00:00 GMT - Sat, 26 Aug 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /adv_ret/?adv_pixel_id=861&nid=3&gtmcb=1479518658 HTTP/1.1
Host: ads.traffichunt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 May 2023 09:33:26 GMT
server: nginx
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
set-cookie: new_adx_profile_guid=7ab39552-6685-407a-a96e-13f15de77b8f;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure
new_3.adx_daily_rt_0=861;Max-Age=51993;Path=/;SameSite=None; Secure
new_3.adx_rt_0=861;Max-Age=7776000;Path=/;SameSite=None; Secure
3.adx_daily_rt_0=861; Max-Age=51993; Expires=Fri, 26 May 2023 23:59:59 GMT; Path=/
adx_profile_guid=7ab39552-6685-407a-a96e-13f15de77b8f; Max-Age=7776000; Expires=Thu, 24 Aug 2023 09:33:26 GMT; Path=/
3.adx_rt_0=861; Max-Age=7776000; Expires=Thu, 24 Aug 2023 09:33:26 GMT; Path=/
X-Firefox-Spdy: h2

nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1261619758

0.0.0.0

0 B

URL GET
nextgencounter.com/index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1261619758
IP
0.0.0.0:0
ASN
#0

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /index.min.js?pk=d22e6e1bbef67e016bac3e7555dfcf6d&gtmcb=1261619758 HTTP/1.1
Host: nextgencounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

sdk.unative.com/UNativePageSDKES6.js?v=150706

185.76.9.16

200 OK

183 kB

URL GET HTTP/2
sdk.unative.com/UNativePageSDKES6.js?v=150706
IP
185.76.9.16:443
ASN
#60068 Datacamp Limited

Requested by
https://thenewfling.com/ep/adu_en_06_04_20_t7_v1_8_ex1_re2_dis2_Push_jv/
Certificate
IssuerLet's Encrypt
Subject1058678020.rsc.cdn77.org
Fingerprint3B:5B:FB:88:88:D1:AD:6C:3C:F7:51:90:54:F1:20:72:1A:95:2A:3F
ValidityFri, 07 Apr 2023 21:00:39 GMT - Thu, 06 Jul 2023 21:00:38 GMT

File type

Size
183 kB (182707 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /UNativePageSDKES6.js?v=150706 HTTP/1.1
Host: sdk.unative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thenewfling.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 26 May 2023 09:33:26 GMT
content-type: application/x-javascript
last-modified: Thu, 27 Apr 2023 15:05:30 GMT
etag: W/"2c9b3-5fa52affcd6e3"
vary: Accept-Encoding, Accept-Encoding
server: CDN77-Turbo
x-77-nzt: AblMCQ3rfSz/oG8KAA
x-77-nzt-ray: c0a4cc288a72b0b9e67c7064ec4b5e05
x-accel-expires: @1685446470
x-accel-date: 1684409670
x-cache: HIT
x-age: 683936
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML