Submitted URL: https://www.more-2-flirt.com/click/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Effective URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e6...
Submission: On August 11 via api from BE — Scanned from DE

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 41 HTTP transactions. The main IP is 2606:4700::6812:b60, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.casualdating.com.
TLS certificate: Issued by E1 on July 28th 2023. Valid for: 3 months.
This is the only time www.casualdating.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
18 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
41 8
Apex Domain
Subdomains
Transfer
18 servefilesonly.com
lpmedia.servefilesonly.com — Cisco Umbrella Rank: 241216
imedia.servefilesonly.com — Cisco Umbrella Rank: 298655
408 KB
12 more-2-flirt.com
www.more-2-flirt.com
benefits.more-2-flirt.com
490 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3840
onesignal.com — Cisco Umbrella Rank: 1426
img.onesignal.com — Cisco Umbrella Rank: 7498
91 KB
2 gstatic.com
fonts.gstatic.com
46 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
ajax.googleapis.com — Cisco Umbrella Rank: 392
31 KB
2 casualdating.com
www.casualdating.com
6 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 986
7 KB
41 7
Domain Requested by
16 lpmedia.servefilesonly.com www.casualdating.com
lpmedia.servefilesonly.com
11 www.more-2-flirt.com 1 redirects www.more-2-flirt.com
3 onesignal.com cdn.onesignal.com
2 fonts.gstatic.com fonts.googleapis.com
2 imedia.servefilesonly.com www.casualdating.com
2 cdn.onesignal.com www.casualdating.com
cdn.onesignal.com
2 www.casualdating.com 1 redirects benefits.more-2-flirt.com
1 img.onesignal.com
1 ajax.googleapis.com www.casualdating.com
1 maxcdn.bootstrapcdn.com www.casualdating.com
1 fonts.googleapis.com www.casualdating.com
1 benefits.more-2-flirt.com www.more-2-flirt.com
41 12

This site contains no links.

Subject Issuer Validity Valid
more-2-flirt.com
E1
2023-07-30 -
2023-10-28
3 months crt.sh
casualdating.com
E1
2023-07-28 -
2023-10-26
3 months crt.sh
servefilesonly.com
E1
2023-06-16 -
2023-09-14
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Frame ID: 00D33D596B1682E8DC14AE193493F774
Requests: 41 HTTP requests in this frame

Screenshot

Page Title

Casualdating

Page URL History Show full URLs

  1. https://www.more-2-flirt.com/click/b2615780039385b36c2f47ecfd4a4585?trk=nft5597 HTTP 302
    https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597 Page URL
  2. https://benefits.more-2-flirt.com/amateurx.com/2/406e9b36-2e50-4bcd-8d99-6881799dfad8/register.php?registratio... Page URL
  3. https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67 HTTP 301
    https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

12
Subdomains

8
IPs

2
Countries

1077 kB
Transfer

1662 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.more-2-flirt.com/click/b2615780039385b36c2f47ecfd4a4585?trk=nft5597 HTTP 302
    https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597 Page URL
  2. https://benefits.more-2-flirt.com/amateurx.com/2/406e9b36-2e50-4bcd-8d99-6881799dfad8/register.php?registrationStrategy=TARGET_DOMAIN_FIRST&searchGender=FEMALE&usePseudoSuggestions=1&channel=CRM&isBdtSnt=true&xsignup=free&listId=236&linkGroup=5c1909e754a15ddbf30c676653ca9a6cff4f395c&username=csaszoke&password=b9a083c6&email=csaszoke%40hotmail.com&gender=MALE&subPublisher=CRMTOOL_12369&source=CRMTOOL_12369_EMAIL_2863&countryCode=DE&user-geoip=DE&landingUrl=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&httpReferrer=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&xref=%2BfuE29Jyd4dVQ1dlUXBPSnNSTUFkQS9oTjdBMnJ1OWpFTlZOR09sbGpkOHNVNjNKVXU5LzF2OEJwV1p0d2pjRStBUk9ZY3dWQnBwZldCNGYrRmZVV09vRWZpcTEvcTR2b2pSZURIUjU0S2d0&trk=nft5597 Page URL
  3. https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67 HTTP 301
    https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.more-2-flirt.com/click/b2615780039385b36c2f47ecfd4a4585?trk=nft5597 HTTP 302
  • https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597

41 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
b2615780039385b36c2f47ecfd4a4585
www.more-2-flirt.com/click/go/
Redirect Chain
  • https://www.more-2-flirt.com/click/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
  • https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
3 KB
2 KB
Document
General
Full URL
https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ed19c45643ea4fbc93a3dfcb9f9f659525cf170dfec79d20f79b6316090942

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7f4c821aab1218d6-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 11 Aug 2023 00:54:36 GMT
server
cloudflare

Redirect headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
7f4c82197a2818d6-FRA
content-type
text/html; charset=UTF-8
date
Fri, 11 Aug 2023 00:54:35 GMT
location
https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
server
cloudflare
main.css
www.more-2-flirt.com/css/more2flirt/
6 KB
2 KB
Stylesheet
General
Full URL
https://www.more-2-flirt.com/css/more2flirt/main.css
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c1e06fd5b2af72743285f10bcd8d3b3de2c255a91421c28e3a73b152790b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Fri, 04 Aug 2023 11:28:21 GMT
server
cloudflare
cf-polished
origSize=10434
etag
W/"64cce0d5-28c2"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
cf-ray
7f4c821b2baa18d6-FRA
expires
Fri, 11 Aug 2023 04:54:36 GMT
icon_en.svg
www.more-2-flirt.com/img/more2flirt/
2 KB
759 B
Image
General
Full URL
https://www.more-2-flirt.com/img/more2flirt/icon_en.svg
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d23d373e1ff2ed8e3f53f96646d506ad84e2ebd671c646952fc98dd797aeb11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 11:28:21 GMT
server
cloudflare
etag
W/"64cce0d5-772"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7f4c821b3bae18d6-FRA
expires
Fri, 11 Aug 2023 04:54:36 GMT
icon_de.svg
www.more-2-flirt.com/img/more2flirt/
1 KB
498 B
Image
General
Full URL
https://www.more-2-flirt.com/img/more2flirt/icon_de.svg
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e09db25dd88c745dc69bcea30236bf76d9c757baf150845157bc03d48b4bb1f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 11:28:21 GMT
server
cloudflare
etag
W/"64cce0d5-402"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7f4c821b3bb018d6-FRA
expires
Fri, 11 Aug 2023 04:54:36 GMT
icon_pl.svg
www.more-2-flirt.com/img/more2flirt/
852 B
463 B
Image
General
Full URL
https://www.more-2-flirt.com/img/more2flirt/icon_pl.svg
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81557d4bc0cb369af34b0101f8dfda3db5c8b80e4f1f3a01f95f383801d92b28

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 11:28:21 GMT
server
cloudflare
etag
W/"64cce0d5-354"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
7f4c821b3bb118d6-FRA
expires
Fri, 11 Aug 2023 04:54:36 GMT
app-395e899d.js
www.more-2-flirt.com/build/assets/
236 KB
77 KB
Script
General
Full URL
https://www.more-2-flirt.com/build/assets/app-395e899d.js
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e886f4585995fa5552c122db136ab1ce601b49871a173e543cfdbc8ce511f8e0

Request headers

Referer
https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Origin
https://www.more-2-flirt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:36 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Fri, 04 Aug 2023 11:28:36 GMT
server
cloudflare
cf-polished
origSize=242227
etag
W/"64cce0e4-3b233"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
7f4c821b3bac18d6-FRA
expires
Fri, 11 Aug 2023 04:54:36 GMT
email-decode.min.js
www.more-2-flirt.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
863 B
Script
General
Full URL
https://www.more-2-flirt.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 07 Aug 2023 17:26:21 GMT
server
cloudflare
etag
W/"64d1293d-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
7f4c821b3baf18d6-FRA
expires
Sun, 13 Aug 2023 00:54:36 GMT
header.jpg
www.more-2-flirt.com/img/more2flirt/
361 KB
361 KB
Image
General
Full URL
https://www.more-2-flirt.com/img/more2flirt/header.jpg
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/css/more2flirt/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab81d0812289e256067b2765c4419414a192c0b212418fe61aab59176f120a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.more-2-flirt.com/css/more2flirt/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:36 GMT
cf-cache-status
REVALIDATED
cf-bgj
h2pri
last-modified
Fri, 04 Aug 2023 11:28:21 GMT
server
cloudflare
etag
"64cce0d5-5a378"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7f4c821c4cb018d6-FRA
content-length
369528
expires
Fri, 11 Aug 2023 04:54:36 GMT
aguafina-script-v9-latin-regular.woff2
www.more-2-flirt.com/fonts/more2flirt/
16 KB
16 KB
Font
General
Full URL
https://www.more-2-flirt.com/fonts/more2flirt/aguafina-script-v9-latin-regular.woff2
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/css/more2flirt/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ab5804f45db76be0c7053dc81e2e8ca5c5738890896449bdebbf8621a391f5

Request headers

Referer
https://www.more-2-flirt.com/css/more2flirt/main.css
Origin
https://www.more-2-flirt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 06:09:10 GMT
server
cloudflare
etag
"64cc9606-3e50"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7f4c821c4cb318d6-FRA
content-length
15952
expires
Fri, 11 Aug 2023 04:54:36 GMT
lato-v17-latin-regular.woff2
www.more-2-flirt.com/fonts/more2flirt/
23 KB
23 KB
Font
General
Full URL
https://www.more-2-flirt.com/fonts/more2flirt/lato-v17-latin-regular.woff2
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/css/more2flirt/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Request headers

Referer
https://www.more-2-flirt.com/css/more2flirt/main.css
Origin
https://www.more-2-flirt.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:36 GMT
cf-cache-status
REVALIDATED
last-modified
Fri, 04 Aug 2023 06:09:10 GMT
server
cloudflare
etag
"64cc9606-5bbc"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
7f4c821c4cb518d6-FRA
content-length
23484
expires
Fri, 11 Aug 2023 04:54:36 GMT
register.php
benefits.more-2-flirt.com/amateurx.com/2/406e9b36-2e50-4bcd-8d99-6881799dfad8/
11 KB
5 KB
Document
General
Full URL
https://benefits.more-2-flirt.com/amateurx.com/2/406e9b36-2e50-4bcd-8d99-6881799dfad8/register.php?registrationStrategy=TARGET_DOMAIN_FIRST&searchGender=FEMALE&usePseudoSuggestions=1&channel=CRM&isBdtSnt=true&xsignup=free&listId=236&linkGroup=5c1909e754a15ddbf30c676653ca9a6cff4f395c&username=csaszoke&password=b9a083c6&email=csaszoke%40hotmail.com&gender=MALE&subPublisher=CRMTOOL_12369&source=CRMTOOL_12369_EMAIL_2863&countryCode=DE&user-geoip=DE&landingUrl=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&httpReferrer=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&xref=%2BfuE29Jyd4dVQ1dlUXBPSnNSTUFkQS9oTjdBMnJ1OWpFTlZOR09sbGpkOHNVNjNKVXU5LzF2OEJwV1p0d2pjRStBUk9ZY3dWQnBwZldCNGYrRmZVV09vRWZpcTEvcTR2b2pSZURIUjU0S2d0&trk=nft5597
Requested by
Host: www.more-2-flirt.com
URL: https://www.more-2-flirt.com/click/go/b2615780039385b36c2f47ecfd4a4585?trk=nft5597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.more-2-flirt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7f4c821e3ddc18d6-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 11 Aug 2023 00:54:36 GMT
expires
Mon, 24 Sep 2012 04:00:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
Primary Request cs2000
www.casualdating.com/landing/
Redirect Chain
  • https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67
  • https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c61...
19 KB
6 KB
Document
General
Full URL
https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Requested by
Host: benefits.more-2-flirt.com
URL: https://benefits.more-2-flirt.com/amateurx.com/2/406e9b36-2e50-4bcd-8d99-6881799dfad8/register.php?registrationStrategy=TARGET_DOMAIN_FIRST&searchGender=FEMALE&usePseudoSuggestions=1&channel=CRM&isBdtSnt=true&xsignup=free&listId=236&linkGroup=5c1909e754a15ddbf30c676653ca9a6cff4f395c&username=csaszoke&password=b9a083c6&email=csaszoke%40hotmail.com&gender=MALE&subPublisher=CRMTOOL_12369&source=CRMTOOL_12369_EMAIL_2863&countryCode=DE&user-geoip=DE&landingUrl=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&httpReferrer=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&xref=%2BfuE29Jyd4dVQ1dlUXBPSnNSTUFkQS9oTjdBMnJ1OWpFTlZOR09sbGpkOHNVNjNKVXU5LzF2OEJwV1p0d2pjRStBUk9ZY3dWQnBwZldCNGYrRmZVV09vRWZpcTEvcTR2b2pSZURIUjU0S2d0&trk=nft5597
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:b60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccb69e96aeee231ed4b612c090d249939410e8d7f19a200f19c0511aca008cc

Request headers

Referer
https://benefits.more-2-flirt.com/amateurx.com/2/406e9b36-2e50-4bcd-8d99-6881799dfad8/register.php?registrationStrategy=TARGET_DOMAIN_FIRST&searchGender=FEMALE&usePseudoSuggestions=1&channel=CRM&isBdtSnt=true&xsignup=free&listId=236&linkGroup=5c1909e754a15ddbf30c676653ca9a6cff4f395c&username=csaszoke&password=b9a083c6&email=csaszoke%40hotmail.com&gender=MALE&subPublisher=CRMTOOL_12369&source=CRMTOOL_12369_EMAIL_2863&countryCode=DE&user-geoip=DE&landingUrl=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&httpReferrer=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&xref=%2BfuE29Jyd4dVQ1dlUXBPSnNSTUFkQS9oTjdBMnJ1OWpFTlZOR09sbGpkOHNVNjNKVXU5LzF2OEJwV1p0d2pjRStBUk9ZY3dWQnBwZldCNGYrRmZVV09vRWZpcTEvcTR2b2pSZURIUjU0S2d0&trk=nft5597
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7f4c82214e7e4d3d-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 11 Aug 2023 00:54:37 GMT
link
<www.casualdating.com/landing/cs2000?tpcampid=6bed10a3-d244-4d7c-ae2f-3d82f6504b1d>; rel="canonical"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-headers
X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7f4c8220ae2d4d3d-FRA
content-type
text/html; charset=UTF-8
date
Fri, 11 Aug 2023 00:54:36 GMT
location
https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
pragma
no-cache
server
cloudflare
form.css
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/
5 KB
2 KB
Stylesheet
General
Full URL
https://lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.css?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a791a12ae0fcbff0592253d9443f531223d6fb1b980ffaa1917e945026f769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 09:01:23 GMT
server
cloudflare
age
59104
cf-polished
origSize=7148
etag
W/"64abc8e3-1bec"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c82223f0a9036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
login_form.css
lpmedia.servefilesonly.com/widgets/loginFormBuilder/
1 KB
695 B
Stylesheet
General
Full URL
https://lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.css?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfb1111dc6eff14757577d1fff2c680537d64775c9822a5ac75acee83fc0f1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 09:01:23 GMT
server
cloudflare
age
59104
cf-polished
origSize=1425
etag
W/"64abc8e3-591"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c82223f0b9036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
corner.css
lpmedia.servefilesonly.com/widgets/corner/
170 B
607 B
Stylesheet
General
Full URL
https://lpmedia.servefilesonly.com/widgets/corner/corner.css?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 09:01:23 GMT
server
cloudflare
age
59136
cf-polished
origSize=246
etag
W/"64abc8e3-f6"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c82223f0c9036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
css
fonts.googleapis.com/
1 KB
817 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 10 Aug 2023 23:33:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Aug 2023 00:54:37 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
723
age
16494292
cdn-cachedat
11/15/2021 21:49:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.0
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
8b677d48aa464c28c0815c97adbbe174
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7f4c8222ad923825-FRA
cdn-requestpullsuccess
True
style.css
lpmedia.servefilesonly.com/style/templates/CasualDating/
9 KB
2 KB
Stylesheet
General
Full URL
https://lpmedia.servefilesonly.com/style/templates/CasualDating/style.css?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f201d1cae9d6bc7ffbaf6be222bc7c6a158617a8e0a68caa660223e1e3028bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 09:01:23 GMT
server
cloudflare
age
56309
cf-polished
origSize=12735
etag
W/"64abc8e3-31bf"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c82223f0d9036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
232
etag
W/"2a3bbde818bef34d53a0df862ead5d5f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f4c82231a762c49-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 14 Aug 2023 00:54:37 GMT
casualdatingHeart_w.png
lpmedia.servefilesonly.com/img/_logos/
3 KB
4 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_logos/casualdatingHeart_w.png
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb58acc54679268926472a6a05930c84036b8b1ba18be1a33d10e1838382f7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 09:40:04 GMT
server
cloudflare
age
220393
etag
"64d20d74-dec"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f4c8222ef689036-FRA
content-length
3564
expires
Sat, 19 Aug 2023 00:54:37 GMT
6121be47-74a8-4aef-98b7-61dd0dccdc88_cs2000.jpg
imedia.servefilesonly.com/
235 KB
235 KB
Image
General
Full URL
https://imedia.servefilesonly.com/6121be47-74a8-4aef-98b7-61dd0dccdc88_cs2000.jpg
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87deb4e749e902bea450372dcf0cc2c176441e8fb0361db64dda1069c6d12e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
via
1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA50-C1
age
35176
x-cache
RefreshHit from cloudfront
content-length
240520
cf-bgj
h2pri
last-modified
Thu, 15 Oct 2020 02:11:18 GMT
server
cloudflare
etag
"f04dda66d9943fcdc6fe0822293a264f"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f4c8222ef6d9036-FRA
x-amz-cf-id
0tcmJm7Sb8aO7UsTfAKe-TbsYlu_59B_tXKyFj7Wfg0aVphozjcmtw==
expires
Sat, 19 Aug 2023 00:54:37 GMT
cs_pin.png
lpmedia.servefilesonly.com/img/_btns/
16 KB
16 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/cs_pin.png
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7903b071dafe2d555f5a01532fa59f7d1d4c8b3f929f24de11515cc14a4e8216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
cf-cache-status
HIT
last-modified
Mon, 07 Aug 2023 08:47:38 GMT
server
cloudflare
age
277354
etag
"64d0afaa-4027"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f4c8222ef699036-FRA
content-length
16423
expires
Sat, 19 Aug 2023 00:54:37 GMT
cs_radar.png
lpmedia.servefilesonly.com/img/_btns/
40 KB
40 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/cs_radar.png
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45695241355bbc684a07bfdba349dafd1f801d55c0b096f53d69167c8171f247

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 09:40:04 GMT
server
cloudflare
age
213213
etag
"64d20d74-a167"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f4c8222ef6a9036-FRA
content-length
41319
expires
Sat, 19 Aug 2023 00:54:37 GMT
cs_chat.png
lpmedia.servefilesonly.com/img/_btns/
17 KB
17 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/cs_chat.png
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ff53713ed5cdad88849e76df0ed8e86e27e38a14d8873d21aa9a02a75222155

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Jul 2023 09:01:06 GMT
server
cloudflare
age
76706
etag
"64abc8d2-428f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f4c8222ef6b9036-FRA
content-length
17039
expires
Sat, 19 Aug 2023 00:54:37 GMT
cs_heart.png
lpmedia.servefilesonly.com/img/_btns/
16 KB
16 KB
Image
General
Full URL
https://lpmedia.servefilesonly.com/img/_btns/cs_heart.png
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b195e09480a9fe12e5f3c9f692a40cc7c115edb6b2736b294203bd08be1ad3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
cf-cache-status
HIT
last-modified
Thu, 03 Aug 2023 08:03:46 GMT
server
cloudflare
age
475994
etag
"64cb5f62-3f7c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f4c8222ef6c9036-FRA
content-length
16252
expires
Sat, 19 Aug 2023 00:54:37 GMT
9d621dbb-0635-4dcf-a502-37129e2a242e_woman.jpg
imedia.servefilesonly.com/
64 KB
64 KB
Image
General
Full URL
https://imedia.servefilesonly.com/9d621dbb-0635-4dcf-a502-37129e2a242e_woman.jpg
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
893b340da6152776a0986be9b6b510321d839cc78f95b20f85add943fdab2dd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
76706
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
content-length
65254
cf-bgj
h2pri
last-modified
Thu, 15 Oct 2020 02:11:18 GMT
server
cloudflare
etag
"df323b0e3ce9579acd0c85fe539f6279"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f4c8222ef709036-FRA
x-amz-cf-id
VZYbWQ5MS9jHzCe8pOfLvxqqfMzSxbCrUjNYHhUuxprmt2WDggFEnw==
expires
Sat, 19 Aug 2023 00:54:37 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 18:15:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Aug 2024 18:15:29 GMT
validation.js
lpmedia.servefilesonly.com/js/helpers/
8 KB
3 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/js/helpers/validation.js?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b56914c53473fc49765ab22a85fed52ae193fe32e7c469f1fdc0aad51186d5ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 09:01:22 GMT
server
cloudflare
age
59104
cf-polished
origSize=11311
etag
W/"64abc8e2-2c2f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c8222df5f9036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
form_helper.js
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/
3 KB
1 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form_helper.js?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e75ae93db20aa0df330f606a6f4a2cb92356595cd8361bf65c0eac44148afa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 09:01:23 GMT
server
cloudflare
age
59104
cf-polished
origSize=5565
etag
W/"64abc8e3-15bd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c8222ef629036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
form.js
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/
4 KB
1 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/widgets/registrationFormBuilder/form.js?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eb4a296c276e5d5917e7d360e2c8fe49913fe2d7932011b71232fb2acb63f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 21 Jul 2023 07:26:46 GMT
server
cloudflare
age
59104
cf-polished
origSize=6451
etag
W/"64ba3336-1933"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c8222ef639036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
step.js
lpmedia.servefilesonly.com/widgets/registrationFormBuilder/
2 KB
793 B
Script
General
Full URL
https://lpmedia.servefilesonly.com/widgets/registrationFormBuilder/step.js?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de73d66aa453ef904f76ad9ec2be146492ccc25b7f5bcd81be3b1e04b429a54f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 09:01:23 GMT
server
cloudflare
age
59104
cf-polished
origSize=2920
etag
W/"64abc8e3-b68"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c8222ef649036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
login_form.js
lpmedia.servefilesonly.com/widgets/loginFormBuilder/
4 KB
1 KB
Script
General
Full URL
https://lpmedia.servefilesonly.com/widgets/loginFormBuilder/login_form.js?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe063b5f7fa72c9263d8f48efa0cdaf098b6e04b323fd6a3eade055bedcab884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 09:01:23 GMT
server
cloudflare
age
59104
cf-polished
origSize=6012
etag
W/"64abc8e3-177c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c8222ef669036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
popwin.js
lpmedia.servefilesonly.com/js/
854 B
585 B
Script
General
Full URL
https://lpmedia.servefilesonly.com/js/popwin.js?1108826
Requested by
Host: www.casualdating.com
URL: https://www.casualdating.com/landing/cs2000?tpcampid=b7c7b51b-9850-4419-87a7-f979b6760e67&hit_id=5835c613-75b1-4501-aa66-59e658b674ef&tp_redirect_id=5835c613-75b1-4501-aa66-59e658b674ef&tag=5835c613-75b1-4501-aa66-59e658b674ef&clickId=5835c613-75b1-4501-aa66-59e658b674ef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 10 Jul 2023 09:01:22 GMT
server
cloudflare
age
59134
cf-polished
origSize=1177
etag
W/"64abc8e2-499"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c8222ef679036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
mobirise-icons.css
lpmedia.servefilesonly.com/style/plugins/
6 KB
1 KB
Stylesheet
General
Full URL
https://lpmedia.servefilesonly.com/style/plugins/mobirise-icons.css
Requested by
Host: lpmedia.servefilesonly.com
URL: https://lpmedia.servefilesonly.com/style/templates/CasualDating/style.css?1108826
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1170971e2b37396f474bd7109520f9b80ac6ee14042120868473367a59a9ef0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://lpmedia.servefilesonly.com/style/templates/CasualDating/style.css?1108826
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 08 Aug 2023 09:40:55 GMT
server
cloudflare
age
189158
cf-polished
origSize=7626
etag
W/"64d20da7-1dca"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f4c82224f1a9036-FRA
expires
Sat, 19 Aug 2023 00:54:37 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casualdating.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 03:38:46 GMT
x-content-type-options
nosniff
age
76551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Aug 2024 03:38:46 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casualdating.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 02:30:15 GMT
x-content-type-options
nosniff
age
512662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 02:30:15 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
284 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2463
etag
W/"7f9669464fe15e6a516c0eb693b26dbb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7f4c82239ae82c49-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Mon, 14 Aug 2023 00:54:37 GMT
web
onesignal.com/api/v1/sync/5eb842e6-fc0b-40e6-82b5-3fcbbaf2df69/
3 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/5eb842e6-fc0b-40e6-82b5-3fcbbaf2df69/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e1ed1f2ef5c8d592d73b00c9b1d2370625c3cf272ac6e0cb7c8d89e0e46c43
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1332
cf-polished
origSize=3387
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
d034354b-d6f8-4722-a093-70af7fee4b9c
x-runtime
0.038068
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"f6f268b379bb4f550cfc6e23f2af1c1f"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
7f4c82244b622c49-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 11 Aug 2023 01:54:37 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
2466
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
7f4c8224ad229b9e-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sun, 10 Sep 2023 00:54:37 GMT
icon
onesignal.com/api/v1/apps/5eb842e6-fc0b-40e6-82b5-3fcbbaf2df69/
184 B
757 B
Fetch
General
Full URL
https://onesignal.com/api/v1/apps/5eb842e6-fc0b-40e6-82b5-3fcbbaf2df69/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
066998c672b918384aa44b0894e1b0ff8e4670040c5394adb00cdb1cc4daafa9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 00:54:37 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
7e987781-2be3-4d3b-be66-3a3f86a471b5
x-runtime
0.017097
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"066998c672b918384aa44b0894e1b0ff"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
7f4c8224ed854dc6-FRA
access-control-allow-headers
SDK-Version
6036ad06-59e6-417a-a441-c6755c11c19f
img.onesignal.com/permanent/
7 KB
8 KB
Image
General
Full URL
https://img.onesignal.com/permanent/6036ad06-59e6-417a-a441-c6755c11c19f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26626897e533b99491a5f69051350ea0fe8e5ff6b808197b06e7aaeeb41393c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casualdating.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-goog-encryption-kms-key-name
projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date
Fri, 11 Aug 2023 00:54:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains
cf-cache-status
REVALIDATED
x-guploader-uploadid
ADPycdsZ0U1Lb8AJAc_bplQlGkhm3GiV1euROgdobNyKPu6Dnml8noo7p5AWCc8YjNjcUyKS2u1Ez1_9BAmlCpWXxiRHUw
x-goog-meta-x-goog-source-etag
"4ca372a09b7a2528ece9018ca438bb2b"
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
7471
pragma
no-cache
last-modified
Tue, 14 Feb 2023 03:26:17 GMT
server
cloudflare
etag
"-CID24baIlP0CEAE="
vary
Origin, Accept-Encoding
x-goog-generation
1676345177832192
content-type
application/octet-stream
x-goog-hash
crc32c=aFtu6g==, md5=TKNyoJt6JSjs6QGMpDi7Kw==
cache-control
public, max-age=2678400
x-goog-meta-cache-control
public, maxage=604800
x-goog-stored-content-length
7471
accept-ranges
bytes
cf-ray
7f4c82255bf72c49-FRA
expires
Mon, 11 Sep 2023 00:54:37 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| OneSignal function| $ function| jQuery function| Validator object| x number| j number| ll object| selElmnt object| a object| b object| c function| closeAllSelect function| goToStep function| countdownToNextStep function| activeProgressBar object| $btnOpenLogin object| $btnCloseLogin object| $loginFormHolder object| $errors object| $formLogin boolean| iDates function| loginFormAddRequiredError function| submitHttpRequest object| Popwin function| resetImage function| insertParamsToURL number| __oneSignalSdkLoadCount function| __jp0

7 Cookies

Domain/Path Name / Value
.more-2-flirt.com/ Name: __cf_bm
Value: qVtUtVLJPHJxKpB59aMxx3y6ePySG0erpekxmJmId5w-1691715275-0-AVTrJGRAfz5ab0A377BqmzaqypcfgRWYPgZEAiPqvM+z2QdJiFsKDqO3IkuSldgrRbS1kBVAB1vlazbvqDAStSs=
www.more-2-flirt.com/ Name: XSRF-TOKEN
Value: eyJpdiI6Imxza2ZONjhOUmVnRUJmK1d3NDBHOEE9PSIsInZhbHVlIjoiS2FoWVVsQWdZaXN5dWFXbFdabUxqVlNJbkxvS0xnbHVGZE5oc0VHcHB2N3FKN016blQ0REptK1BzbGNpWnhjbXJUZ3g2WWIrTXZEZmxHRiszQjVzUkxKSjVnRGxkd3ZaQ3pOWnkydm5QbExhQUw3UlIyZXd4NFBoRlNzd0xSc3UiLCJtYWMiOiJjNzc1Njc0NTE4NWM3YmM3YTEwZDc2OTMzNzY1NDQzN2NhNjk3ZGYwMzM0MmYwYjMzOTJkOTJlZGZlNTc3YjVlIiwidGFnIjoiIn0%3D
www.more-2-flirt.com/ Name: kodama_session
Value: eyJpdiI6IjBFdUd3OXVMbnB1QVVkL0JWR0xuL3c9PSIsInZhbHVlIjoiWEkzZnJWMk1hZlZDZ0JzVFByL0ZDSG94QjNwSzhvRExVZ2x6ckVqU01BUlZGRm0rbEhSNEFqK0JZQzR6ZkZOYVA4V0VNZGtzRlNnZ2Y1aVpwTHZmMkJSaEJtcTM2THNjWjVXUTBFKzhNNFMyazhRVEIxMnhtRWxvN1VEbjZYSGYiLCJtYWMiOiIwMjZmYmNiNzQxYjhiYTY2NTNjMDZmYWVmZDRjNWUwMTQ5MWM2ODUxN2U2ZjJmZThiYWRjZTIwMjNmMmQzZWVlIiwidGFnIjoiIn0%3D
www.casualdating.com/ Name: PHPSESSID
Value: ug54qc1q0fg5peqbjd3amaftp5
.casualdating.com/ Name: __cf_bm
Value: RejCuFdxKi4wNw9KfFc_0QruGfWmZMmVC8eIWhwEAac-1691715276-0-AYMZaYh+Ks/pr2Kb/v+8gL8i4bqWm8czgzAZBMi/zpLzP8nQ3if/0ktU3uT7zDWqrrrRkQ7kpkTJtpgscXZkWB8=
.servefilesonly.com/ Name: __cf_bm
Value: YtG9KQvew54DCc57cfHepfx588lACzUB83ohuaqeKSw-1691715277-0-AciophmZ4Li5xWPBJu7jAzt7OZbvvIybXTNUfgTCysC+aojwCegwzIhKdhZLImHP2RDbW9qvE9HtduAduupa9hY=
.onesignal.com/ Name: __cf_bm
Value: rTkpv3vnY8EWn8u3DsTJUuRq4vMx9MkxuKCr6gH_kug-1691715277-0-AasBgIDJvczc/FsfU3+adQ1YFekaDp81tOJ9nGQGOsdylJHqP1fssYtGEzDZ8SKUTvfBoZNnMErTnYaViQJu0Jk=

1 Console Messages

Source Level URL
Text
network error URL: https://benefits.more-2-flirt.com/amateurx.com/2/406e9b36-2e50-4bcd-8d99-6881799dfad8/register.php?registrationStrategy=TARGET_DOMAIN_FIRST&searchGender=FEMALE&usePseudoSuggestions=1&channel=CRM&isBdtSnt=true&xsignup=free&listId=236&linkGroup=5c1909e754a15ddbf30c676653ca9a6cff4f395c&username=csaszoke&password=b9a083c6&email=csaszoke%40hotmail.com&gender=MALE&subPublisher=CRMTOOL_12369&source=CRMTOOL_12369_EMAIL_2863&countryCode=DE&user-geoip=DE&landingUrl=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&httpReferrer=http%3A%2F%2Famateurx.com%3FisBdtSnt%3Dtrue%26targetdomain%3Damateurx.com%26project%3DAMATEURCOMMUNITY%26project_subtype%3DNG%26user_id%3D14-42394879%26subPublisher%3DCRMTOOL_12369%26trafficType%3Dcrm-email-amateurcommunity%26cp%3D19192z16434%26deeplink_type%3Dsetcard%26deeplink_id%3DKia_Rey%26crmtool%3D1%26pid%3DCRM-INT&xref=%2BfuE29Jyd4dVQ1dlUXBPSnNSTUFkQS9oTjdBMnJ1OWpFTlZOR09sbGpkOHNVNjNKVXU5LzF2OEJwV1p0d2pjRStBUk9ZY3dWQnBwZldCNGYrRmZVV09vRWZpcTEvcTR2b2pSZURIUjU0S2d0&trk=nft5597(Line 109)
Message:
WebSocket connection to 'wss://benefits.more-2-flirt.com/amateurx.com/2/406e9b36-2e50-4bcd-8d99-6881799dfad8/register.php/ws' failed: Error during WebSocket handshake: Unexpected response code: 200

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
benefits.more-2-flirt.com
cdn.onesignal.com
fonts.googleapis.com
fonts.gstatic.com
imedia.servefilesonly.com
img.onesignal.com
lpmedia.servefilesonly.com
maxcdn.bootstrapcdn.com
onesignal.com
www.casualdating.com
www.more-2-flirt.com
2606:4700::6812:a95
2606:4700::6812:b60
2606:4700::6812:bcf
2606:4700::6812:d63b
2606:4700::6812:e34
2a00:1450:4001:80b::200a
2a00:1450:4001:811::2003
2a00:1450:4001:831::200a
066998c672b918384aa44b0894e1b0ff8e4670040c5394adb00cdb1cc4daafa9
10f46a9e64c756a7af5ec1e9793f711be5c81aa8b473edd28f6a0e419cfd0299
1170971e2b37396f474bd7109520f9b80ac6ee14042120868473367a59a9ef0d
1eb4a296c276e5d5917e7d360e2c8fe49913fe2d7932011b71232fb2acb63f3f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2d23d373e1ff2ed8e3f53f96646d506ad84e2ebd671c646952fc98dd797aeb11
3f201d1cae9d6bc7ffbaf6be222bc7c6a158617a8e0a68caa660223e1e3028bc
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
45695241355bbc684a07bfdba349dafd1f801d55c0b096f53d69167c8171f247
4b195e09480a9fe12e5f3c9f692a40cc7c115edb6b2736b294203bd08be1ad3c
4e75ae93db20aa0df330f606a6f4a2cb92356595cd8361bf65c0eac44148afa8
74c1e06fd5b2af72743285f10bcd8d3b3de2c255a91421c28e3a73b152790b24
7903b071dafe2d555f5a01532fa59f7d1d4c8b3f929f24de11515cc14a4e8216
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ff53713ed5cdad88849e76df0ed8e86e27e38a14d8873d21aa9a02a75222155
81557d4bc0cb369af34b0101f8dfda3db5c8b80e4f1f3a01f95f383801d92b28
83bb47871b3895cd8f4bf5da67037710b6d9a9e1fab80d03b579cd83a448fe23
85ed19c45643ea4fbc93a3dfcb9f9f659525cf170dfec79d20f79b6316090942
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
893b340da6152776a0986be9b6b510321d839cc78f95b20f85add943fdab2dd9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a87deb4e749e902bea450372dcf0cc2c176441e8fb0361db64dda1069c6d12e5
af20ecf90d909e4e11697221b69426777e9570321c28455ff39ed4e421fcb181
b26626897e533b99491a5f69051350ea0fe8e5ff6b808197b06e7aaeeb41393c
b56914c53473fc49765ab22a85fed52ae193fe32e7c469f1fdc0aad51186d5ce
bab81d0812289e256067b2765c4419414a192c0b212418fe61aab59176f120a3
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cccb69e96aeee231ed4b612c090d249939410e8d7f19a200f19c0511aca008cc
ceb58acc54679268926472a6a05930c84036b8b1ba18be1a33d10e1838382f7b
cfb1111dc6eff14757577d1fff2c680537d64775c9822a5ac75acee83fc0f1f8
d6a791a12ae0fcbff0592253d9443f531223d6fb1b980ffaa1917e945026f769
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de73d66aa453ef904f76ad9ec2be146492ccc25b7f5bcd81be3b1e04b429a54f
e09db25dd88c745dc69bcea30236bf76d9c757baf150845157bc03d48b4bb1f9
e886f4585995fa5552c122db136ab1ce601b49871a173e543cfdbc8ce511f8e0
f2ab5804f45db76be0c7053dc81e2e8ca5c5738890896449bdebbf8621a391f5
f9e1ed1f2ef5c8d592d73b00c9b1d2370625c3cf272ac6e0cb7c8d89e0e46c43
fe063b5f7fa72c9263d8f48efa0cdaf098b6e04b323fd6a3eade055bedcab884