ocsp.starfieldtech.com/
192.124.249.36 2.1 kB IP 192.124.249.36:0
Hash e7c9c146d0f12448435f55e866dc7086
dfbeac6ab2c4c2ec988d1f1f7a2bb73b16168631
6325078a05551b5c66c2e390c939fb40a56d0d21b182401a858ca75e2cfc2311
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 10 May 2024 21:53:28 GMT
Content-Type: application/ocsp-response
Content-Length: 2148
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 10 May 2024 16:33:35 GMT
Expires: Sat, 11 May 2024 16:33:35 GMT
ETag: "dfbeac6ab2c4c2ec988d1f1f7a2bb73b16168631"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.trckb2b.com/49L7DK9/2J3TGB37/?uid=23543&sub2={clickid}&sub3={var5}
34.96.83.190302 Found 259 B URL User Request GET HTTP/2 www.trckb2b.com/49L7DK9/2J3TGB37/?uid=23543&sub2={clickid}&sub3={var5}
IP 34.96.83.190:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerStarfield Technologies, Inc.
Subjecttrck.novatrck.com
FingerprintD1:40:B6:26:F1:E7:AD:38:E9:30:82:8A:AD:1D:88:42:4E:9F:88:1D
ValidityWed, 03 Apr 2024 15:42:33 GMT - Mon, 05 May 2025 15:42:33 GMT
File type HTML document, ASCII text
Hash 5acbe4a83fa9a9b600f68ed499f85f7c
51f234f5e5a6a6328c401bc7d401537d15d5f140
789c9b8744dfd329c44581a8b266c1ab0b8ba91cce7bd19f0125fb31619442d6
GET /49L7DK9/2J3TGB37/?uid=23543&sub2={clickid}&sub3={var5} HTTP/1.1
Host: www.trckb2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 21:53:29 GMT
content-type: text/html; charset=utf-8
content-length: 259
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://trck.pecuniatrck.com/49L7DK9/2HBBQWMP/?__rpt=0&__po=24334&__ptid=d05171c17c0c47ffbd47536770baeee7&__rpa=1&__rc=1&sub1=&sub2=%7Bclickid%7D&sub3=%7Bvar5%7D&sub4=&sub5=&source_id=&__pcd=9
set-cookie: uniqueClick_2J3TGB37=abf21d53-70dc-4d24-b6bc-47e10ace6822:1715378009; Path=/; Expires=Sat, 11 May 2024 21:53:29 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 304bc35e-3196-464a-be8e-fe139c8404b9
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
192.124.249.23 2.1 kB IP 192.124.249.23:0
Hash e7c9c146d0f12448435f55e866dc7086
dfbeac6ab2c4c2ec988d1f1f7a2bb73b16168631
6325078a05551b5c66c2e390c939fb40a56d0d21b182401a858ca75e2cfc2311
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 10 May 2024 21:53:29 GMT
Content-Type: application/ocsp-response
Content-Length: 2148
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 10 May 2024 16:33:35 GMT
Expires: Sat, 11 May 2024 16:33:35 GMT
ETag: "dfbeac6ab2c4c2ec988d1f1f7a2bb73b16168631"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
trck.pecuniatrck.com/49L7DK9/2HBBQWMP/?__rpt=0&__po=24334&__ptid=d05171c17c0c47ffbd47536770baeee7&__rpa=1&__rc=1&sub1=&sub2=%7Bclickid%7D&sub3=%7Bvar5%7D&sub4=&sub5=&source_id=&__pcd=9
35.190.3.146302 Found 154 B URL User Request GET HTTP/2 trck.pecuniatrck.com/49L7DK9/2HBBQWMP/?__rpt=0&__po=24334&__ptid=d05171c17c0c47ffbd47536770baeee7&__rpa=1&__rc=1&sub1=&sub2=%7Bclickid%7D&sub3=%7Bvar5%7D&sub4=&sub5=&source_id=&__pcd=9
IP 35.190.3.146:443
Certificate IssuerGoogle Trust Services LLC
Subjecttrck.numustrck.com
Fingerprint83:1F:22:AF:73:FE:E3:CE:62:76:6F:12:B3:73:15:9A:12:D4:8F:8F
ValidityWed, 08 May 2024 13:21:22 GMT - Tue, 06 Aug 2024 14:13:14 GMT
File type HTML document, ASCII text
Hash 17d787545fff0f5a8b3623cb1cc10cf0
3ffa219adfb37bc063f48eb6deb5b043d8590aa9
33b8f150eb2e8321949fefbac07467c47f39dde725ece7ba2b51e22142681867
GET /49L7DK9/2HBBQWMP/?__rpt=0&__po=24334&__ptid=d05171c17c0c47ffbd47536770baeee7&__rpa=1&__rc=1&sub1=&sub2=%7Bclickid%7D&sub3=%7Bvar5%7D&sub4=&sub5=&source_id=&__pcd=9 HTTP/1.1
Host: trck.pecuniatrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 21:53:29 GMT
content-type: text/html; charset=utf-8
content-length: 154
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
location: https://track.smart-tds.com/c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=2040&t2=%7Bvar5%7D&tag=0c08e68688974b19b876ed82c6483765
set-cookie: uniqueClick_2HBBQWMP=0f2eadf1-1edb-46f0-a8a2-e1e7b1533bbe:1715378009; Path=/; Expires=Sat, 11 May 2024 21:53:29 GMT; Secure; SameSite=None
transaction_id=0c08e68688974b19b876ed82c6483765; Path=/; Expires=Thu, 08 Aug 2024 21:53:29 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: f1991e24-d2e0-44c0-ae94-16dc9f09ff8c
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
track.smart-tds.com/c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=2040&t2=%7Bvar5%7D&tag=0c08e68688974b19b876ed82c6483765
35.156.152.207302 Found 0 B URL User Request GET HTTP/2 track.smart-tds.com/c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=2040&t2=%7Bvar5%7D&tag=0c08e68688974b19b876ed82c6483765
IP 35.156.152.207:443
Certificate IssuerLet's Encrypt
Subjecttrack.smart-tds.com
Fingerprint6D:A4:16:9B:9C:BD:51:73:F2:75:7D:1F:BF:80:89:F2:B9:F9:DF:57
ValidityFri, 15 Mar 2024 06:47:09 GMT - Thu, 13 Jun 2024 06:47:08 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9a9eca1-de73-466d-aa60-f2d1325e89a7?t1=2040&t2=%7Bvar5%7D&tag=0c08e68688974b19b876ed82c6483765 HTTP/1.1
Host: track.smart-tds.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 21:53:29 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
pragma: no-cache
set-cookie: c9a9eca1-de73-466d-aa60-f2d1325e89a7-v4=kv-gJBaHaNbDejYAoJtlvjNXVxGo6w4p9KLlXATXQv0; Max-Age=86400; Expires=Sat, 11-May-2024 21:53:29 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=7%2FNvOp%2FM0OJ9a2K8xqby90l2sQQD1c4%2F%2F1a29WGFDTgrS5uXiPZ1rGKAnZbQ2Yx3akaoznJ0n9EnlsUGg0IILE3y6O9%2B99wBtYp%2FhlK2pvQs2wlTZkObs%2BJ9dKVEaYCSJYuuWFU9F1djwa5jLfRrAA%3D%3D; Max-Age=31536000; Expires=Sat, 10-May-2025 21:53:29 GMT; Domain=track.smart-tds.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
3.120.62.154302 Found 0 B URL User Request GET HTTP/2 nicking-unding.com/c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
IP 3.120.62.154:443
Certificate IssuerLet's Encrypt
Subjectnicking-unding.com
Fingerprint9B:E6:63:16:E4:1D:3A:A2:80:0A:CE:43:9A:C2:CC:63:66:28:92:FA
ValidityTue, 07 May 2024 05:58:07 GMT - Mon, 05 Aug 2024 05:58:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c4b5ad04-8822-42c1-9db5-e9a49f15358b?s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&s8=&s9=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484 HTTP/1.1
Host: nicking-unding.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Fri, 10 May 2024 21:53:29 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
pragma: no-cache
set-cookie: c4b5ad04-8822-42c1-9db5-e9a49f15358b-v4=rCpwrp-HIBq7w-HbGSV7-TEXP8_KlEM1nfVox3up7wA; Max-Age=86400; Expires=Sat, 11-May-2024 21:53:29 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=3YSJ29VHCazu0wC-FrKha6J8flwiRdwwMm6t4lRLPfc_RkKdnakeftVCM6rU9mI-US_po-IxS32IvCb1ECsJ6OG59x6xBLE_KLpapeEPOYoKa0epR86zSrDuNfK4ED5klxbcNpCLvFAsE5yIBry-Y3cddLMtm6m5P59MvzuHs2SI4iTSoTrXnjxwXvrGq0peZx3oqUag--46Fw3d7YS0vN8L3XVDD_ldpBnTk93Pqeip7lp9sWo-xFDOClJ645kOPextXpkgyF1wh0ynfcKPJO8-oFWJ9l9O1AvIWlDOUqaX75dSesa05U9-WzV5f_RXzvi3Bc3AaWjWR6qSUh2nV9CIRRHlyNoQiEcW6WGJgr8fIfi2sfaFAsduGWP8-xAe6j3ZyNFI6nwt4COIpBzjhAJEPKR-S-jZdWB9Yv-J5Ns0C638wCdfABU7WQuOrHUCS_YiexojPoW3YSgorq5-lTYG8BRbzEFdJZzED8xBoxVYy5ArrICk2Mjkob-wWo-lo7nvw0p283O1rF6Z0uJnpD9WTEQcrobNMBZnP8y_cOeT6BdKMBIIz1sU9VEPJ0Ji; Max-Age=86400; Expires=Sat, 11-May-2024 21:53:29 GMT; Domain=nicking-unding.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/Tlogo.png
188.114.97.1200 OK 21 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/Tlogo.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 334 x 172, 8-bit/color RGBA, non-interlaced
Hash cf052695dcfea41b32891c6fe0db704a
04666c7589d5f76d4d83b25180be153c74fa12c4
b0323f64bf0cf04da9f58a4b09142954f6d7843dfb037826aca05125c1590e45
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/Tlogo.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 20691
last-modified: Tue, 28 Dec 2021 16:22:49 GMT
etag: "50d3-5d4373b7c4c11"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwYih18f8GReISbmHB3FE8O2ggv2xqPlGnyh9L2L02k870H8jjp%2Fl%2BtwjKsdfsWLtWaW18U6CFIAojauI0L6By%2BWhcH17psOiqV0M9mDnNdpxeDV1a5r%2BmnhqizjM5JiI9dHxf%2F47Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d2994dca6712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/04.gif
188.114.97.1200 OK 388 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/04.gif
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type GIF image data, version 89a, 312 x 312
Size 388 kB (388375 bytes)
Hash f8db03d9bf7a637a23362df0914aabfc
5828fb6a2ca814a2aa7db0f0c6f8ff61561a5ac3
8618a596b8ff121219334e7680e60691712f054bec2c7d3ed28c1381e28c01b1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/04.gif HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/gif
content-length: 388375
last-modified: Tue, 28 Dec 2021 16:22:59 GMT
etag: "5ed17-5d4373c0d22df"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLN99Jcuu1cVVgYNfArsdU4YTrwWwBKgXqjm2zCoWytfZjWO8Z2IujcxLX%2FD%2BnOI%2FeV55NGAiuGDM1AgG4C9wyFeI5dqVTHPPaRa0ykj%2B7Zjra93hbN3mXhR3Hr1YXnXrtrXE%2BIqsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d2994dca9712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_2.png
188.114.97.1200 OK 56 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_2.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 0d8f82b8f9aa4d840b186f45c58be648
b756e6fa8803f25ac91ed0091be37bfcabd70a78
7c62140581382ceef8fdc3fef780f94d132d2758a22393aec252d65373d74d86
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p7_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 55991
last-modified: Tue, 28 Dec 2021 16:22:52 GMT
etag: "dab7-5d4373ba99607"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FXGAWsq4Ku9%2FoFuOF4etnbT0W21gnus3lPAnJEod3S9v4ggDNdPSgOLdLobakAmVQKrs0KjClDz8lggSpyXKSQNiyZrrm9V0uFCGoa0ri17D4C1U%2BcNRlehLw5rfgSb34z1%2FME2WBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29951cf0712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_1.png
188.114.97.1200 OK 48 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_1.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash c37b1d71b49a4c8f8bf645d045f16985
548f445b73a87ed311986b78ad30ae585eb94d32
0940f506ad7a63a87d4094ed8982c9ced20a40f80968a8d60c413d9b5ecab79e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p7_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 47972
last-modified: Tue, 28 Dec 2021 16:22:50 GMT
etag: "bb64-5d4373b8b8e63"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FXeJ%2Br1ZT%2F%2Bsw20Q29Q4Kr2GuRS2c2Tx3ZQ7Fc7chYB3fVqM%2BZbnVVN%2B9AxJgoYmvyWHR62qP0WiiCW29ZhtT1JooeM2G%2ByhmHofqSj%2BdGUDmxId6at6%2F5ySOhgblIO5vyAy32Jow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29951cef712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_3.png
188.114.97.1200 OK 40 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_3.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash b4c70525d55d14c65478b0f8b9c9954e
31e2063dc95f3d6a9995b76d382880f567246803
6f3f1d4003323a7f9135232b8cdca5f2cfde0e6b9b2988255c41a97c7b6fd163
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p7_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 40337
last-modified: Tue, 28 Dec 2021 16:22:51 GMT
etag: "9d91-5d4373b9830d2"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cS10LnQK6yhiNRdNnZtcqR8FfoBGMudok9QB5hOqJGeX2e6djQuXDwsWVxeaHppNrc5muV78Jk8fVjf83tHddLyymuW8slKX8d9VbdOmAdZW6dXU2fp2Ohfct9k5X3CP%2F0%2FdZQhrUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29951cf2712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_1.png
188.114.97.1200 OK 58 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_1.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 63f74d7c97a74239d43d4418803b345a
2855449c3a816dfa892b75ce3b6a1415da740fec
a988dba1586aa8826577d9320678d3855d0d9d2e981d1073dd56b91a3859e3fb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p8_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 57903
last-modified: Tue, 28 Dec 2021 16:22:46 GMT
etag: "e22f-5d4373b4201eb"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IAVtqupVMHNEoPbXMxGlakBhPNJ3QRoVFpG3zEiLpYg2B2CwST69qVtlO9U0jBl1G3MY3Ip4H3Hdij4ugaNjH01QcgL64ejRzpu3dQaieir%2F6y6HwaiqR3Eqbwt%2Fqiv6xt1tWplWHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29952cf6712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_5.png
188.114.97.1200 OK 51 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_5.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 9407b587b816571fef24ea488fb29138
f7cc0874ccb7c8199fc2a078b507cb7497369c91
db27f7041801043061be15117bf82104786d53d8c3fcdd3165270efb87110f01
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p7_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 50867
last-modified: Tue, 28 Dec 2021 16:22:54 GMT
etag: "c6b3-5d4373bc338a6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5TWCe%2FdjwKEFH2b4lXV6pIX9xthT69WTel9VVrZO7EIDSfvjDI6ff2SJpl3wG4dQ4rX%2F7Emq4YYnDQbCxWSn7n2yoU3UHRHvuwMn3JySHuqUKWPN5SIA8pGLvrP%2Bd4vdJlBpJudS6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29951cf5712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_4.png
188.114.97.1200 OK 60 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p7_4.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 746ac82d1374f51b4ceae516f69ab6ad
e3a378690b02af5732f3569ea71e00e666c46f1b
a44f12838759e2055800c0642603be1085c5120d6f5df276c2e0e87210e0b8ab
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p7_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 59759
last-modified: Tue, 28 Dec 2021 16:22:56 GMT
etag: "e96f-5d4373bddf486"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a6ApWnVH3X6IGuPdTKfth%2FpNpWOAc%2BZIQB2Kb58UeLAKPaJ6Q99Jbo5esAWd9WHAaXX31G05sReqxGqlQIlQ1oe2ZzrvCp5vHisKsxAdy%2FsvZLpVIzMbLPJKfCt5NLEhKkuwnqGeng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29951cf4712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_2.png
188.114.97.1200 OK 50 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_2.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 431679c0fdd060aeef69f2b8beec4169
0c7f0ef489e5e752c814420165bbd3941cb3fd70
ecee803291f0a56f17cbefc5c561f32d277226d4a25f331371109bdc0e1e27df
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p8_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 49466
last-modified: Tue, 28 Dec 2021 16:22:45 GMT
etag: "c13a-5d4373b36d67e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nuCHtH23Q%2BqKKB0rrmk8UMoAM7Ian1H2OWd0ykYdxKFDTm2qz26ECPMIziAsAsy%2BNGnjva9GiU%2Fk3mR9mwqWFTZH8Z27gQP4wMfptMDZNLd8VJRLhrH5qxANsUDRGRXVoYIRk8aj0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29952cf8712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_3.png
188.114.97.1200 OK 51 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_3.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash b44d52f1628ccbe49dea725a18667d74
80aacb07a91269756340ccfed0480ead57c6d54f
0057b6d4f57ea0dabd771f6358f10a231ae805436ee6fc6850a02135e8f13532
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p8_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 51413
last-modified: Tue, 28 Dec 2021 16:22:44 GMT
etag: "c8d5-5d4373b2d8f72"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yX65t3ZBP8Y6hC1lHaJSUyf1pPLwLqt3%2Bc8q9oJegIl0PZmJU%2BWxGFFerNMwExba7U4z6DajnCSwZP26ZCHXtQx2UJ%2BiWuaNRJdWfJQSktpYbt9qbyzMVsi32yVOI0QA2f5IgT%2FedA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29952cf9712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_4.png
188.114.97.1200 OK 55 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_4.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 4dfe1a0253a15cd22e57b3eaab9116d2
8aa46e3d35632187a70e396c688293f6d7e688f4
62cc8f8b8dedacb8754b1ce93bc479ca3f6ae6246257928a4a0e1e0a281cf4a3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p8_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 55219
last-modified: Tue, 28 Dec 2021 16:22:43 GMT
etag: "d7b3-5d4373b1dd01f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YF1sl0wSj4RGE2wV8UFWxZ2X0Qy1xYYNUQPg8E6NNUhCfgW0YP7S1k9hTvr1vb41qdtxmlQSOKb5MwT3tAJTt%2F%2BHSqswwy8ciTW9hVjKOIUdUaF1cNh1MYxv7m9dlzPjQCyjXYowhA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29952cfb712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_5.png
188.114.97.1200 OK 54 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p8_5.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 621fa434f53e05bdff2819eaf6e5c9ed
1aa94b820cd55a353a569e8cb4b5302c784a6ae7
10309b3258647bc6866587d6bca464cc6619b5c54187c27116ff6f74b9edcf61
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p8_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 54413
last-modified: Tue, 28 Dec 2021 16:22:43 GMT
etag: "d48d-5d4373b18fdba"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z0tf1%2FqEEw1vvBTL%2BxXOFSbJuERqq9STvLM3sq9NFtbSqGmnuX2XN7ERWRYS86nDUnYfqpDIDHT%2FHh%2BYFJRZSGML%2FagId9U1LcP%2BpiZnS4r9JfEw7Bo7ObPX7O6%2BwwqBRMqFpnzMRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29952cfe712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_1.png
188.114.97.1200 OK 54 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_1.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 37059e26c56db6eca0b25465101d4855
6540eb900095769de1a2e71516a48e54cd8173e1
cfc4151b42a93abddb3885a5d907ad7cf486149ec615e1c107759629c12cd49e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p9_1.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 54337
last-modified: Tue, 28 Dec 2021 16:22:48 GMT
etag: "d441-5d4373b620d31"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DyEAnFxOCkha2MM5Z2ZcQWmKlOncEZAtUpAUM6CARcYgluL%2FLfFvgGeqX8l8OmRJQQe5%2BbDVJPPZ0ZDma3Ihoz%2FqQAu5rJZdQQppk8BrrgPRNE0XNxVARYv5W3aYoELOyZNrRLZ%2Bdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29952d02712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_2.png
188.114.97.1200 OK 54 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_2.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 01769e8254253553da95a9280b5a6527
7e586cd317b68b14984106d1f17089302b97d6ec
8d20fec6e5cd6640741ebcc46609813b2e10e0fdba6757f6b2c0e56d7fea3e43
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p9_2.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 53970
last-modified: Tue, 28 Dec 2021 16:22:50 GMT
etag: "d2d2-5d4373b7f0b34"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dbj1W7GU4hb69uuhuTVEyF2Fupq%2BloD2kG%2B5ixyZmkPuh%2FS6Bns19bxK25bvR78DTsyQZqO9fe9p0bjxYuYLId1EYM8D%2BPK7rcsT%2FG6HbGiHMYMHMecNBt3OvTsBKfexJ5zIo2avtg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d2995ad69712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_3.png
188.114.97.1200 OK 53 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_3.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 1c3a2dc3681b3e447263e8790608e334
74e77a8638a881d11f88af4b8733cb00dbb9d8bd
6c2bba41d4aea31e90741e2fa84107439011bd56963033734159d8c7f46d895b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p9_3.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 53318
last-modified: Tue, 28 Dec 2021 16:22:48 GMT
etag: "d046-5d4373b6d28ff"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdD6AErBz%2BY5vRP47z6tz8h0CYqvyJKOCProa6lkYgugX73ah%2FUVqRiG5hgpjmteQwXxAEs2pE9dgpmTG1T18p9Q1bcPjqXbJ0dTiRsWfA%2FTTH3Oklj25%2B0JlU0ogwHEa5fHfANWuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d2995ad6d712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_4.png
188.114.97.1200 OK 60 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_4.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 475389ca94897a28dafcc0f92631094f
d94dcab07cfdec16972a14c61d534a15ca8cb556
956dd0bba9897c9997c3f22604a603594342775cdd1aac6d1aea790f43f96b33
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p9_4.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 59693
last-modified: Tue, 28 Dec 2021 16:22:47 GMT
etag: "e92d-5d4373b536720"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h415QrHfWbbGwAKNm8uWGG3Yd%2BmJuFVO84v26FK5Jl6VKustHc9194KpWjcVVvxiKaGrOUcZNOVEEtf3ahCJq%2FnOO8tMdLxB1h6hpHoKZowRd50qP29JsHAHhILV9KcT8ZzF%2F76Lgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d2995ad70712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_5.png
188.114.97.1200 OK 45 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/p9_5.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 166 x 166, 8-bit/color RGBA, non-interlaced
Hash 8c046ad61659ad83f18fb2d5349f274e
53526b692ba5ea4f318cae71cacdf7c7efb4712a
ac10817ac054c59733bd84b6c232b47e463b8557c479f534f3fbc609fdfd6314
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/p9_5.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 45353
last-modified: Tue, 28 Dec 2021 16:22:47 GMT
etag: "b129-5d4373b57ace5"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YuUerb6HubZ5F6QDBrLhFntVxbl2njzizeB8PRYyIz0plba3iDZRXHGofe0HUPcA4sZ8W4eOIq4JKpgg21iKPqknfZr3TEReRxTvolIb9yDxqutwXTEZxlrGqao8QlQY7o0EXJgwqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d2995ad71712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/blob.png
188.114.97.1200 OK 23 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/blob.png
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type PNG image data, 583 x 428, 8-bit/color RGBA, non-interlaced
Hash 5571d30924ae123918e9a192bdab268d
8456f8812e7f2a74b82c849a954c682e92dd8631
31cf63bfb1030bb5d36c6a84a8c5df57081e23481bde6f9fcb1ad78ccfea045b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/blob.png HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/png
content-length: 23169
last-modified: Tue, 28 Dec 2021 16:22:52 GMT
etag: "5a81-5d4373b9f455b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7YDU0TxZXoCE6Qy9wG3xPN%2BDDrlySe%2B7hMkqOFVqQzU1dxsI1JiA675GTtYkJfejyx4xo5OQu4jSuFCSZCZX3WDa3xf12Ul96UOm5aSGwCldaSi6ZpmY0CIHd9W2w0AnN5OfLkL6ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29964e05712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg3.jpg
188.114.97.1200 OK 56 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg3.jpg
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3
Hash 4e2d83c4bf79c1e4c84aefc33a382f31
ffab591ef8385e851d2c17feeba2b2a22eeb6d12
e05a0702af3ef4e8d37e6c491e1478e0416cbdfc404fa5da52d135b4b8e04234
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/bg3.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/jpeg
content-length: 56408
last-modified: Tue, 28 Dec 2021 16:22:55 GMT
etag: "dc58-5d4373bcc6071"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEfnZXX5C3Zvo5yzG%2BjvVj84fC4C7bFioiSpjBTZDXelALnSAYF%2BjhF2I2sWHIeWYuTvp9GI52hO4SHDsNEBmncWoxr%2BDUkdbQAApPi2yZn3Yk5Ubv1%2FEz0SNt%2FvJmY4V9nySxIWxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29964e02712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg2.jpg
188.114.97.1200 OK 51 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg2.jpg
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3
Hash 37832c21ce4b202719cd33b6db45028b
a363710e7567d46202dd73b0761c46993bf68dca
431f71eb5f7842de8711739f0833a4c30e46ba8831dc8b209634ad48544b595d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/bg2.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/jpeg
content-length: 50733
last-modified: Tue, 28 Dec 2021 16:22:55 GMT
etag: "c62d-5d4373bd47e9b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e1GSaX6V3xyhxczvIvnTt5MFRns%2FvtBtwA8CF111V0FQIuk90Ecg%2Bm9dspe0Hq%2FVI0WIAf6eDrk%2FkyMpuxcUJ%2FV362lyHN5PPWjdkh3gE580lAtrvTZ%2BZWmQUIvu9qt3OddlMX9PJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29964e01712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg1.jpg
188.114.97.1200 OK 64 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/bg1.jpg
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1366x768, components 3
Hash a6c153fab3849ec0e3ba73f645433aec
f3747bf682252fef7befdf2870f19e16c6d4f77f
33215a1515c319a23598b30fea546e10dcb8cca455b42e20d8aa5e2eebd73bde
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/bg1.jpg HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/jpeg
content-length: 64359
last-modified: Tue, 28 Dec 2021 16:22:54 GMT
etag: "fb67-5d4373bbc147e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wvk%2FF3NDzCHxmg88u8VMH7nt%2FtJv5I2S5jnpfxynlzc4JbNjWA5n%2BdUfjQEeIgZxiaAcrQTPzPvn7xB70t3v5e3W7P9tXQwAp4GAJM1OXlYq7XA21ZzgH5zEx7gh3egIYehccZCRnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29964dff712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjg2NjUyNDk0MDMwMTE4OCUyQyUyMnclMjIlM0ExMjgwJTJDJTIyaCUyMiUzQTEwMjQlMkMlMjJqJTIyJTNBMTAyNCUyQyUyMmUlMjIlM0ExMjgwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY2FzdWFsLWZsaXJ0LWh1Yi5jb20lMkYwJTJGbm8lMkZOT19mdWxscGFnZS10aWtfMjgxMjIwMjElMkYlM0ZsYW5kZXIlM0RiMTAxNjgxOS0xMmYxLTQ1ODEtOTMyNS1iYzJiNjQ1NGM0NjUlMjZjbGlja2lkJTNEdzhvdjM3MWp1OWo2aHQ2MTNmdXMwNDg0JTI2b2ZmZXIlM0Q3MmQ2MDRlMS0wYmEwLTQwMmUtYWIwMi04M2QyNzk1YTYyNmElMjZzdWJhZmYlM0QzMDQxJTI2Z2VvJTNETk8lMjZzOSUzRCUyNnM4JTNEJTI2ZDElM0RuaWNraW5nLXVuZGluZy5jb20lMjZjZXAlM0RiTFJXUUYxekdzZnVBSjEyT3BtdkM0MUw4V01ReEdsY1d0d2p4WXRUbDhWQlFxLW1PbUNwWWlUMGdWaVQ1MEdoRjdsZ0VjbTlMSktnMldVaFhuV3ZIb3I5UjlFTmRIckI3aVN0elRoMTVEY3NwZjRjdWdURFZVOS1XU0d1S2gwNElFM2g5QUZRWmNRc3hQRXNOSlJJSDJ5V24wdUtucFRsT1ZLRmdIRFJMUGtWa1QzZ1hyUVlSUGNkVXVrTWdSY015V01wemNabTlNODBNOXJpQ2phOUZOMXZCWUgySThNcXZyQTlIZEpPd3lQcUFSdDZndWx3cnMwQlRMSmNjWG9md3JSWnlOX3RFWGFGYmFfckV2dHNRcjJWM2tQY285dWhCTDRvT201RFJqTnYyRGtYaW9DanRueWUwbk5UZ0toekJYVW42eHBBbVAtbUlUbGlaWlVKZUZndGRjWk9HamdNdGxlZWh3WFlqNmctSTh6OEdYWENhZVRBcGo1ejBFLXBXcWlSMjVaSzZEWWplMXg5dHA4TDhYcF9Qak5qUFdNcGJuM3M3R3BvR2lFcDFXbTNjVHFJWVFCRWg4S0M0RW44TlNjZWJvdXl0dnprTG9EWjV0b1pIZkJQVmtnM3o4Nk9ITW9fYTZ2c2lrTGs5b01nNXAtYWIyRHpSSEUyeGh1ZlpVci1LaEdURDhXb0NEREdCZDZrOHhBQ3MzRUZ5MGF3VWc1dnltSkpPWlkzbHMtR2xZZEw0ZjMwd240cE5KSGIlMjZscHRva2VuJTNEMTdjNzE1NTMzNzVlOThmZjA5YWUlMjZzMSUzRDIwNDAlMjZzMiUzRCUyNTdCdmFyNSUyNTdEJTI2czMlM0QlMjZzNCUzRCUyNnM1JTNEJTI2czYlM0QlMjZzNyUzRCUyNmtzJTNEMzA0MSUyNmNvc3QlM0QlMjZ0YWclM0R3OG92MzcxanU5ajZodDYxM2Z1czA0ODQlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
188.114.97.1200 OK 2.6 kB URL GET HTTP/3 casual-flirt-hub.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjg2NjUyNDk0MDMwMTE4OCUyQyUyMnclMjIlM0ExMjgwJTJDJTIyaCUyMiUzQTEwMjQlMkMlMjJqJTIyJTNBMTAyNCUyQyUyMmUlMjIlM0ExMjgwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY2FzdWFsLWZsaXJ0LWh1Yi5jb20lMkYwJTJGbm8lMkZOT19mdWxscGFnZS10aWtfMjgxMjIwMjElMkYlM0ZsYW5kZXIlM0RiMTAxNjgxOS0xMmYxLTQ1ODEtOTMyNS1iYzJiNjQ1NGM0NjUlMjZjbGlja2lkJTNEdzhvdjM3MWp1OWo2aHQ2MTNmdXMwNDg0JTI2b2ZmZXIlM0Q3MmQ2MDRlMS0wYmEwLTQwMmUtYWIwMi04M2QyNzk1YTYyNmElMjZzdWJhZmYlM0QzMDQxJTI2Z2VvJTNETk8lMjZzOSUzRCUyNnM4JTNEJTI2ZDElM0RuaWNraW5nLXVuZGluZy5jb20lMjZjZXAlM0RiTFJXUUYxekdzZnVBSjEyT3BtdkM0MUw4V01ReEdsY1d0d2p4WXRUbDhWQlFxLW1PbUNwWWlUMGdWaVQ1MEdoRjdsZ0VjbTlMSktnMldVaFhuV3ZIb3I5UjlFTmRIckI3aVN0elRoMTVEY3NwZjRjdWdURFZVOS1XU0d1S2gwNElFM2g5QUZRWmNRc3hQRXNOSlJJSDJ5V24wdUtucFRsT1ZLRmdIRFJMUGtWa1QzZ1hyUVlSUGNkVXVrTWdSY015V01wemNabTlNODBNOXJpQ2phOUZOMXZCWUgySThNcXZyQTlIZEpPd3lQcUFSdDZndWx3cnMwQlRMSmNjWG9md3JSWnlOX3RFWGFGYmFfckV2dHNRcjJWM2tQY285dWhCTDRvT201RFJqTnYyRGtYaW9DanRueWUwbk5UZ0toekJYVW42eHBBbVAtbUlUbGlaWlVKZUZndGRjWk9HamdNdGxlZWh3WFlqNmctSTh6OEdYWENhZVRBcGo1ejBFLXBXcWlSMjVaSzZEWWplMXg5dHA4TDhYcF9Qak5qUFdNcGJuM3M3R3BvR2lFcDFXbTNjVHFJWVFCRWg4S0M0RW44TlNjZWJvdXl0dnprTG9EWjV0b1pIZkJQVmtnM3o4Nk9ITW9fYTZ2c2lrTGs5b01nNXAtYWIyRHpSSEUyeGh1ZlpVci1LaEdURDhXb0NEREdCZDZrOHhBQ3MzRUZ5MGF3VWc1dnltSkpPWlkzbHMtR2xZZEw0ZjMwd240cE5KSGIlMjZscHRva2VuJTNEMTdjNzE1NTMzNzVlOThmZjA5YWUlMjZzMSUzRDIwNDAlMjZzMiUzRCUyNTdCdmFyNSUyNTdEJTI2czMlM0QlMjZzNCUzRCUyNnM1JTNEJTI2czYlM0QlMjZzNyUzRCUyNmtzJTNEMzA0MSUyNmNvc3QlM0QlMjZ0YWclM0R3OG92MzcxanU5ajZodDYxM2Z1czA0ODQlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type JavaScript source, ASCII text, with very long lines (2997)
Hash eb0564056e296bed9c8d0b6512aa8866
b00cc9f9767220c74d4f61f9b0bd4a1f7aa41e75
29a13cf464347e5a961598f0d272b8bdc031b31f91813c4cd9c4f7e8bc0578eb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyQkVTVCUyMERBVElORyUyMFdPUkxEV0lERSVGMCU5RiU5MiU5OCUyMiUyQyUyMnglMjIlM0EwLjg2NjUyNDk0MDMwMTE4OCUyQyUyMnclMjIlM0ExMjgwJTJDJTIyaCUyMiUzQTEwMjQlMkMlMjJqJTIyJTNBMTAyNCUyQyUyMmUlMjIlM0ExMjgwJTJDJTIybCUyMiUzQSUyMmh0dHBzJTNBJTJGJTJGY2FzdWFsLWZsaXJ0LWh1Yi5jb20lMkYwJTJGbm8lMkZOT19mdWxscGFnZS10aWtfMjgxMjIwMjElMkYlM0ZsYW5kZXIlM0RiMTAxNjgxOS0xMmYxLTQ1ODEtOTMyNS1iYzJiNjQ1NGM0NjUlMjZjbGlja2lkJTNEdzhvdjM3MWp1OWo2aHQ2MTNmdXMwNDg0JTI2b2ZmZXIlM0Q3MmQ2MDRlMS0wYmEwLTQwMmUtYWIwMi04M2QyNzk1YTYyNmElMjZzdWJhZmYlM0QzMDQxJTI2Z2VvJTNETk8lMjZzOSUzRCUyNnM4JTNEJTI2ZDElM0RuaWNraW5nLXVuZGluZy5jb20lMjZjZXAlM0RiTFJXUUYxekdzZnVBSjEyT3BtdkM0MUw4V01ReEdsY1d0d2p4WXRUbDhWQlFxLW1PbUNwWWlUMGdWaVQ1MEdoRjdsZ0VjbTlMSktnMldVaFhuV3ZIb3I5UjlFTmRIckI3aVN0elRoMTVEY3NwZjRjdWdURFZVOS1XU0d1S2gwNElFM2g5QUZRWmNRc3hQRXNOSlJJSDJ5V24wdUtucFRsT1ZLRmdIRFJMUGtWa1QzZ1hyUVlSUGNkVXVrTWdSY015V01wemNabTlNODBNOXJpQ2phOUZOMXZCWUgySThNcXZyQTlIZEpPd3lQcUFSdDZndWx3cnMwQlRMSmNjWG9md3JSWnlOX3RFWGFGYmFfckV2dHNRcjJWM2tQY285dWhCTDRvT201RFJqTnYyRGtYaW9DanRueWUwbk5UZ0toekJYVW42eHBBbVAtbUlUbGlaWlVKZUZndGRjWk9HamdNdGxlZWh3WFlqNmctSTh6OEdYWENhZVRBcGo1ejBFLXBXcWlSMjVaSzZEWWplMXg5dHA4TDhYcF9Qak5qUFdNcGJuM3M3R3BvR2lFcDFXbTNjVHFJWVFCRWg4S0M0RW44TlNjZWJvdXl0dnprTG9EWjV0b1pIZkJQVmtnM3o4Nk9ITW9fYTZ2c2lrTGs5b01nNXAtYWIyRHpSSEUyeGh1ZlpVci1LaEdURDhXb0NEREdCZDZrOHhBQ3MzRUZ5MGF3VWc1dnltSkpPWlkzbHMtR2xZZEw0ZjMwd240cE5KSGIlMjZscHRva2VuJTNEMTdjNzE1NTMzNzVlOThmZjA5YWUlMjZzMSUzRDIwNDAlMjZzMiUzRCUyNTdCdmFyNSUyNTdEJTI2czMlM0QlMjZzNCUzRCUyNnM1JTNEJTI2czYlM0QlMjZzNyUzRCUyNmtzJTNEMzA0MSUyNmNvc3QlM0QlMjZ0YWclM0R3OG92MzcxanU5ajZodDYxM2Z1czA0ODQlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://casual-flirt-hub.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://casual-flirt-hub.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-max-age: 600
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0WCyfYoQi9DbCDel%2Fj%2B2iIEWARZNlu754zzr3NwMeklw0qo%2B3cs%2FszrD3T%2B%2FDy8eJFoG%2ByeByz%2Biux%2FcmAfMVfvwnVw2p%2BWT1aNIzEeH44wltLnNPDP7%2F4%2F8P0pUNSiYjEBirDro8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881d29967e51712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
188.114.97.1404 Not Found 874 B URL GET HTTP/3 casual-flirt-hub.com/0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
Hash c22300fb6bf9f17b8d91d7b0a64b2f71
8307f4f74288f8ad8bef97f3f94763c0d26206d7
e5ee80d75c44d3eae819ddb1eb5c6deaacf974f57ae54475d769ccebff840fbb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Fri, 10 May 2024 21:53:30 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mMqIeHS39t%2BqBKckoefKGIYcRpmqD5zyyRUVlmcLqQaPWuBZmuioxIxYams6KjKB0GJM2bmJ0%2Ff6Wc7lQm6VkCyNSIGWUz3bCfSbQ8qLc%2BMUq0J4gB18CPsHme%2FswiUwRaii1WJADA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881d29964e03712e-OSL
alt-svc: h3=":443"; ma=86400
www.googletagmanager.com/gtm.js?id=GTM-W62P37M
142.250.74.168200 OK 85 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W62P37M
IP 142.250.74.168:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
File type JavaScript source, ASCII text, with very long lines (40810)
Hash cb3812365939fc38291ee07d17d034f7
b5724ed92ed4ff60eb3781b1f4e35d537bec76e1
af695778ff40ccf53906bd5d569218beab03c83800bf8fc9c69a89e396697dda
GET /gtm.js?id=GTM-W62P37M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 21:53:30 GMT
expires: Fri, 10 May 2024 21:53:30 GMT
cache-control: private, max-age=900
last-modified: Fri, 10 May 2024 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 84820
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 444 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type XML 1.0 document, ASCII text, with very long lines (332)
Hash 3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-29-17-33-45.chain; p384ecdsa=-oU0huwfbsc_gW_xRwc-oOmlinSdrlU_RQ5FkY3IGBilDMZ32kHuHz7e1WvN0P2hmjQ8IVYF5kW7HmpVgSFHTBSEdtEtLsjraKn3hUq738n_VfdbTjf_Ry4Y711Vejpe
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 10 May 2024 21:52:05 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 102
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
188.114.97.1404 Not Found 371 B URL GET HTTP/3 casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type HTML document, ASCII text, with very long lines (386), with no line terminators
Hash ee38251b54e4a0a06ddf5b91e8338c17
7ac6a8c5c99acc67beb6ba6a44b8f004736b7c6f
f177fb69c123c5d7ab569cf61efe23fcdf9c4149018640699fd87821ea751b74
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 21:53:30 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rjjm8Z1PGnjws8EqQ%2B6QWUZlylu0FnwMHWY1fVXx4CUaVj4c0xVI4T0hggVAVlRWYINjvMeefzeqaZEAdZh7sbKaF9qbiB1RcezKDpZBDxL5sf%2Fs%2BEPdbwpupuGPt5Keo%2BMSJ13Xuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881d29964e09712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/favicon.ico
188.114.97.1200 OK 1.2 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/images/favicon.ico
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 38722a803b73dd1871a3d8a19db44d2f
3379960a2c6611bfefcb39e662198d6df322e12d
314dc8584b1a7c7d66a5882b6d153c53ceae37d7137df7b67ddd9735187f2c97
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/images/favicon.ico HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: image/x-icon
last-modified: Tue, 28 Dec 2021 16:22:44 GMT
etag: W/"47e-5d4373b23ac27"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6970
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LmyAsg%2FitE5ga4bpKZvNOuUuCgBQ2bdxakvZPj04smepKC%2F1%2FasApFa90FDlY8MJaRNX6sQUGz8C4evKyYne%2FeAMuDpUvCGkR%2BfYWbJhjG8to%2F3kGiuChnlFlNSOVU%2BdfigadYA%2F%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881d29975f0c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js
188.114.97.1200 OK 90 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/js/jquery-3.5.1.min.js HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: text/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Dec 2021 16:23:02 GMT
etag: W/"15d84-5d4373c3684d1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JQ1OPCljMXEogy5BhGHANFG%2FlcM0WAA3sbSbwzZujpRZWI9aZn%2B2oG%2F9VtaIiR%2F1kIHsNQ3Q%2B8Mo41AvrrVczaoFW%2BKzcAwFwyZQIms337iJ5RMrpHbx0y0HSk6I23Yq4Uiy1vpNzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881d2994dca4712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
188.114.97.1404 Not Found 371 B URL GET HTTP/3 casual-flirt-hub.com/0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type HTML document, ASCII text, with very long lines (386), with no line terminators
Hash ee38251b54e4a0a06ddf5b91e8338c17
7ac6a8c5c99acc67beb6ba6a44b8f004736b7c6f
f177fb69c123c5d7ab569cf61efe23fcdf9c4149018640699fd87821ea751b74
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 10 May 2024 21:53:30 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jcIgm8eTm3FFwZaS77VEueZoHKgkidrzdfdTAOPOfgMUW9Dq9HJzjFlP2ub%2BeFDttTJoELp2u8j6KLK%2FZtF2d9mfglqzI4im6P5Xe%2BVPckyYGFHjh8%2F%2F1z36shUnvk%2BJo4YHtQZ4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881d29964e07712e-OSL
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
188.114.97.1200 OK 21 kB URL User Request GET HTTP/2 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484 HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 21:53:29 GMT
content-type: text/html
cf-ray: 881d299219b70b51-OSL
cf-cache-status: DYNAMIC
last-modified: Tue, 28 Dec 2021 16:22:36 GMT
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X5QGKx7HbaIJOXMZQXJ923fBUZPcE1J813cLRzW1EsspyqF%2B6md7tUK8xTvMmRTnipTyammCNP%2FZcSYnltTV5F1MuxMBr%2BmiEZXhg4i8YsMh0zHP3O%2Fm3CAV4gppI%2B%2B2kGKrSziqYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
188.114.97.1200 OK 9.2 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/style.css
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type ASCII text, with very long lines (9233), with no line terminators
Hash 26a4c2ca32b70017b7203fde81bed3a9
3c1d00c858ab49a30013c747b9faafbcdf84a063
cd3123418fc2ff36cbfa763593f84385bc0592d22a8eb9a9f5356519f00ef717
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/css/style.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=14510
etag: W/"38ae-5d4373ae27c58"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxRyg2Kmw69HkBVC17CDb59EXFksNt71%2FsneVdxIRoQCYdLOmKfYrfR8fEIx9bcEXjSyQa85uj%2Btkg6Jj%2B19IhyfvEpNQn01aY19IU5fmETf3WXsFOD829j%2BgS8pYpCvl3y%2B%2FgJ4Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881d2994dc9f712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
188.114.97.1200 OK 8.1 kB URL GET HTTP/3 casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/css/css.css
IP 188.114.97.1:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectcasual-flirt-hub.com
Fingerprint2D:20:4D:3A:9C:2A:DD:B2:D0:D3:4F:F3:70:13:57:FC:B3:9A:1D:92
ValiditySun, 05 May 2024 22:55:23 GMT - Sat, 03 Aug 2024 22:55:22 GMT
File type ASCII text, with very long lines (8122), with no line terminators
Hash 123176116c749f7de8c66d3d54365989
c885d077360d7029e39eac8c340a4e7cc4e3012c
6d86148ecc48ad67e1a750e5f367009b7f6da2c18596092662b4b4413aad57f5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0/no/NO_fullpage-tik_28122021/css/css.css HTTP/1.1
Host: casual-flirt-hub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=9762
etag: W/"2622-5d4373ae366b9"
last-modified: Tue, 28 Dec 2021 16:22:39 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 6971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wfxgMHkKfmfTXnfYNNZQPhV%2BCpUnUzGfpxoqRr0RfY6W77WnOBX%2BUiqkDaErWhbXni71DbwPbr6N%2Fl9XYubpgjY6SPGEhnUqNBGVJvizIiEGPyhV7qrN2WwdcmhynKUFvO2zgJj54A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881d2994dca1712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.onesignal.com/sdks/OneSignalSDK.js
104.16.160.145200 OK 9.2 kB URL GET HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.16.160.145:443
Requested by https://casual-flirt-hub.com/0/no/NO_fullpage-tik_28122021/?lander=b1016819-12f1-4581-9325-bc2b6454c465&clickid=w8ov371ju9j6ht613fus0484&offer=72d604e1-0ba0-402e-ab02-83d2795a626a&subaff=3041&geo=NO&s9=&s8=&d1=nicking-unding.com&cep=bLRWQF1zGsfuAJ12OpmvC41L8WMQxGlcWtwjxYtTl8VBQq-mOmCpYiT0gViT50GhF7lgEcm9LJKg2WUhXnWvHor9R9ENdHrB7iStzTh15Dcspf4cugTDVU9-WSGuKh04IE3h9AFQZcQsxPEsNJRIH2yWn0uKnpTlOVKFgHDRLPkVkT3gXrQYRPcdUukMgRcMyWMpzcZm9M80M9riCja9FN1vBYH2I8MqvrA9HdJOwyPqARt6gulwrs0BTLJccXofwrRZyN_tEXaFba_rEvtsQr2V3kPco9uhBL4oOm5DRjNv2DkXioCjtnye0nNTgKhzBXUn6xpAmP-mITliZZUJeFgtdcZOGjgMtleehwXYj6g-I8z8GXXCaeTApj5z0E-pWqiR25ZK6DYje1x9tp8L8Xp_PjNjPWMpbn3s7GpoGiEp1Wm3cTqIYQBEh8KC4En8NScebouytvzkLoDZ5toZHfBPVkg3z86OHMo_a6vsikLk9oMg5p-ab2DzRHE2xhufZUr-KhGTD8WoCDDGBd6k8xACs3EFy0awUg5vymJJOZY3ls-GlYdL4f30wn4pNJHb&lptoken=17c71553375e98ff09ae&s1=2040&s2=%7Bvar5%7D&s3=&s4=&s5=&s6=&s7=&ks=3041&cost=&tag=w8ov371ju9j6ht613fus0484
Certificate IssuerGoogle Trust Services LLC
Subjectonesignal.com
Fingerprint28:4D:B2:BB:68:03:29:A7:D8:CB:4B:48:D4:14:BD:A4:4C:0F:D8:70
ValidityMon, 01 Apr 2024 23:12:28 GMT - Sun, 30 Jun 2024 23:12:27 GMT
File type JavaScript source, ASCII text, with very long lines (9410), with no line terminators
Hash 5eb2adfca36be15c8d4a206576132abd
f507beb2560693723f4b360af70bfe9bd8bed534
6ad1aa44625325d8e975bccee776e9a60ae134d2de1cb8d98852de9f3109aa4a
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://casual-flirt-hub.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 21:53:30 GMT
content-type: application/javascript
etag: W/"a87c48d211877c49b878679b2e3cdab8"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 2429
expires: Mon, 13 May 2024 21:53:30 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=aKaoVo2Pg9MYbzQp80.N_xREw5Qw4JEvRAQHLyJZLQc-1715378010-1.0.1.1-l6SsYKjUqYZa8tYgOrhv1pnB1H.Gg2LOk7VrQ.ImXK43c4YVGZQf0KLIzf4KDlcUPN8FiTCknBgXTSdwdeSfHA; path=/; expires=Fri, 10-May-24 22:23:30 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 881d29986a0256bf-OSL
content-encoding: br
X-Firefox-Spdy: h2