casual-flings.com
Open in
urlscan Pro
2606:4700:3030::ac43:898d
Public Scan
Submitted URL: https://wbdnhmo.com/46206?r=30200
Effective URL: https://casual-flings.com/9f12ek/?utm_campaign=148&data3=5&data4=&email=&no_pop=1&cep=gwcQjTlrolBnjBiCrc9Z5_2sVBqS11is40Bs...
Submission: On July 26 via manual from CA — Scanned from CA
Effective URL: https://casual-flings.com/9f12ek/?utm_campaign=148&data3=5&data4=&email=&no_pop=1&cep=gwcQjTlrolBnjBiCrc9Z5_2sVBqS11is40Bs...
Submission: On July 26 via manual from CA — Scanned from CA
Summary
This website contacted 8 IPs
in 2 countries
across 10 domains to perform 13 HTTP transactions.
The main IP is 2606:4700:3030::ac43:898d, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is casual-flings.com.
TLS certificate: Issued by GTS CA 1P5 on July 20th 2023. Valid for: 3 months.
This is the only time casual-flings.com was scanned on urlscan.io!
TLS certificate: Issued by GTS CA 1P5 on July 20th 2023. Valid for: 3 months.
This is the only time casual-flings.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 168.119.251.40 168.119.251.40 | 24940 (HETZNER-AS) (HETZNER-AS) | |
| 1 1 | 2606:4700:303... 2606:4700:3034::ac43:95b8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 1 | 2606:4700:303... 2606:4700:3036::ac43:df78 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 4 | 2606:4700:303... 2606:4700:3030::ac43:898d | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700::68... 2606:4700::6811:180e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2606:4700:303... 2606:4700:3032::6815:3802 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 209.95.52.178 209.95.52.178 | 32780 (HOSTINGSE...) (HOSTINGSERVICES-INC) | |
| 2 | 2606:4700:e4:... 2606:4700:e4::ac40:a21c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700:303... 2606:4700:3032::6815:5563 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700:303... 2606:4700:3033::6815:3af2 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 13 | 8 |
1
168.119.251.40
(Germany)
ASN24940 (HETZNER-AS, DE)
PTR: static.40.251.119.168.clients.your-server.de
ASN24940 (HETZNER-AS, DE)
PTR: static.40.251.119.168.clients.your-server.de
| wbdnhmo.com |
1
209.95.52.178
(New York, United States)
ASN32780 (HOSTINGSERVICES-INC, US)
PTR: mail.traviskot45.tribeoftwo.com
ASN32780 (HOSTINGSERVICES-INC, US)
PTR: mail.traviskot45.tribeoftwo.com
| zeniocloud.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 4 |
casual-flings.com
casual-flings.com |
2 MB |
| 2 |
api-push.com
app.api-push.com |
1 KB |
| 2 |
cdn-static3.com
cdn-static3.com — Cisco Umbrella Rank: 377374 |
13 KB |
| 1 |
cdnjam.com
i.cdnjam.com — Cisco Umbrella Rank: 379517 |
36 KB |
| 1 |
alexatracker.com
alexatracker.com — Cisco Umbrella Rank: 334874 |
682 B |
| 1 |
zeniocloud.com
zeniocloud.com — Cisco Umbrella Rank: 526082 |
581 B |
| 1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 261 |
28 KB |
| 1 |
hookuptrack.com
1 redirects
hookuptrack.com |
2 KB |
| 1 |
rwttrack.com
1 redirects
tracking.rwttrack.com |
705 B |
| 1 |
wbdnhmo.com
wbdnhmo.com |
1 KB |
| 13 | 10 |
| Domain | Requested by | |
|---|---|---|
| 4 | casual-flings.com |
wbdnhmo.com
casual-flings.com |
| 2 | app.api-push.com |
cdn-static3.com
|
| 2 | cdn-static3.com |
casual-flings.com
cdn-static3.com |
| 1 | i.cdnjam.com | |
| 1 | alexatracker.com |
zeniocloud.com
|
| 1 | zeniocloud.com |
casual-flings.com
|
| 1 | cdnjs.cloudflare.com |
casual-flings.com
|
| 1 | hookuptrack.com | 1 redirects |
| 1 | tracking.rwttrack.com | 1 redirects |
| 1 | wbdnhmo.com | |
| 13 | 10 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| a.7amz.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| wbdnhmo.com R3 |
2023-07-21 - 2023-10-19 |
3 months | crt.sh |
| casual-flings.com GTS CA 1P5 |
2023-07-20 - 2023-10-18 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
| cdn-static3.com GTS CA 1P5 |
2023-07-18 - 2023-10-16 |
3 months | crt.sh |
| zeniocloud.com R3 |
2023-07-09 - 2023-10-07 |
3 months | crt.sh |
| api-push.com GTS CA 1P5 |
2023-06-19 - 2023-09-17 |
3 months | crt.sh |
| alexatracker.com GTS CA 1P5 |
2023-05-30 - 2023-08-28 |
3 months | crt.sh |
| cdnjam.com GTS CA 1P5 |
2023-06-14 - 2023-09-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://casual-flings.com/9f12ek/?utm_campaign=148&data3=5&data4=&email=&no_pop=1&cep=gwcQjTlrolBnjBiCrc9Z5_2sVBqS11is40BspCeTkRQ4MAo7VO3FGpiJ8jE7k7cN3R1wYD53LiCea2f2tj-ApV7KhTq0qIHl5_j8PkWKj_K_aWJoRj60xwDZ8V9U3p9tyx_wXl0Sgjto396bUwGCkzKPjtAzoSRm24O7LeFl4xAZtUrY_lh-iokxnouitfGefucZ0rYnsgjP_7hnHmpM5tkl1stYVyYBbrsy5s3meOWBkWGFNCYLPuiYN0Tqb8W8gOpNdnRXBAlzF9qBBX9GfCNqIdAvr5tDEn-PdUUTbi1siUx_VYq87cn0zhWG3iIjWEYoKg0w9T4zYEdxbG3ZWFFin_FbwiDgzxLd5mtKv2Ls6GyPCFRZqv3ifyEdeVkS8ya7CqClq67nPgajvWBebmrWAiet3o_7kxDi-8O72ct19Ly6u1FpF40eZ9SUofYFEDSgUMCR3PtkTnQ4RBDc-VSnn1aoEzEmAxFpkExaxo-l39RLQRhdqWtIXeJSvZd3tFEWlNLYgZ5f9MPa5UqmeSLdYrz7VssQZXQFo-29OeU&lptoken=1659908c340d93881526&pub_id=148&campaign=5&referer=&source=30200&sub_source=&p1=018990902d7b7ae2810e56d21a0a82&revenue=%7Brevenue%7D&clickid=64c0a7fb15ed5f0348e4df6e
Frame ID: CAD7CE52CF944BCE77EBEEDD4965F09C
Requests: 12 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://wbdnhmo.com/46206?r=30200 Page URL
-
https://tracking.rwttrack.com/click?campaign_id=5&pub_id=148&p1=018990902d7b7ae2810e56d21a0a82&source=30200
HTTP 302
https://hookuptrack.com/279171c4-2559-4b73-8f7f-3a769462c852?pub_id=148&campaign=5&referer=&source=3... HTTP 302
https://casual-flings.com/9f12ek/?utm_campaign=148&data3=5&data4=&email=&no_pop=1&cep=gwcQjTlrolBnjBiC... Page URL
Detected technologies
React
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <[^>]+data-react
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
URL: https://a.7amz.com/loader?a=432&s=111&t=78&p=5
Title: Live Girls
Title: Live Girls
Search URL Search Domain Scan URL
URL: https://a.7amz.com/loader?a=431&s=111&t=78&p=5
Title: Free Cams
Title: Free Cams
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://wbdnhmo.com/46206?r=30200 Page URL
-
https://tracking.rwttrack.com/click?campaign_id=5&pub_id=148&p1=018990902d7b7ae2810e56d21a0a82&source=30200
HTTP 302
https://hookuptrack.com/279171c4-2559-4b73-8f7f-3a769462c852?pub_id=148&campaign=5&referer=&source=30200&sub_source=&p1=018990902d7b7ae2810e56d21a0a82&revenue={revenue}&clickid=64c0a7fb15ed5f0348e4df6e HTTP 302
https://casual-flings.com/9f12ek/?utm_campaign=148&data3=5&data4=&email=&no_pop=1&cep=gwcQjTlrolBnjBiCrc9Z5_2sVBqS11is40BspCeTkRQ4MAo7VO3FGpiJ8jE7k7cN3R1wYD53LiCea2f2tj-ApV7KhTq0qIHl5_j8PkWKj_K_aWJoRj60xwDZ8V9U3p9tyx_wXl0Sgjto396bUwGCkzKPjtAzoSRm24O7LeFl4xAZtUrY_lh-iokxnouitfGefucZ0rYnsgjP_7hnHmpM5tkl1stYVyYBbrsy5s3meOWBkWGFNCYLPuiYN0Tqb8W8gOpNdnRXBAlzF9qBBX9GfCNqIdAvr5tDEn-PdUUTbi1siUx_VYq87cn0zhWG3iIjWEYoKg0w9T4zYEdxbG3ZWFFin_FbwiDgzxLd5mtKv2Ls6GyPCFRZqv3ifyEdeVkS8ya7CqClq67nPgajvWBebmrWAiet3o_7kxDi-8O72ct19Ly6u1FpF40eZ9SUofYFEDSgUMCR3PtkTnQ4RBDc-VSnn1aoEzEmAxFpkExaxo-l39RLQRhdqWtIXeJSvZd3tFEWlNLYgZ5f9MPa5UqmeSLdYrz7VssQZXQFo-29OeU&lptoken=1659908c340d93881526&pub_id=148&campaign=5&referer=&source=30200&sub_source=&p1=018990902d7b7ae2810e56d21a0a82&revenue=%7Brevenue%7D&clickid=64c0a7fb15ed5f0348e4df6e Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
46206
wbdnhmo.com/ |
732 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
/
casual-flings.com/9f12ek/ Redirect Chain
|
14 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
styles.css
casual-flings.com/9f12ek/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/ |
86 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
scripts.js
casual-flings.com/9f12ek/js/ |
978 B 785 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
push.min.js
cdn-static3.com/cdn/ |
35 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gAIA.js
zeniocloud.com/ |
602 B 581 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
21517389.gif
casual-flings.com/9f12ek/images/ |
2 MB 2 MB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
get-keys
app.api-push.com/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
get-keys
app.api-push.com/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gAIA.js
alexatracker.com/jscode/ |
0 682 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
style_5.css
cdn-static3.com/cdn/templates/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Icon-Push-dark5.png
i.cdnjam.com/push/c8/ |
35 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| _0xc354 object| WPush6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| wbdnhmo.com/ | Name: 46206 Value: 01899090-2d7b-7ae2-810e-56d21a0a824b |
|
| tracking.rwttrack.com/ | Name: sess_632c71e166c14e66c34b0c42 Value: 643e97848bf1eb1bfd2db730 |
|
| .hookuptrack.com/ | Name: 279171c4-2559-4b73-8f7f-3a769462c852-v4 Value: 35fLRp1u-tbmz_Pf8HqdHkD2y8PHHdjtxkubAPbN9rQ |
|
| .hookuptrack.com/ | Name: cep-v4 Value: u_4ThE7rYld7p9MCPA9TffY17O3CaqEWBp5cTWRRhZEbB6eGtllymXYB_68RfseOAUymgnSFcdNfslhCDyZhApLQ2LqL00WbiA30hWFcGm6LdKEF2KvDaB3Xmwq8XswHeVCyqm5Dv8O6x_y9kXUxqlSQ-v--7ArRRm3RJ8iGXNM9wOeRV4sM6cCTdEl2Tr4DlsF4ErB090cK35JyLYqQP_0pcGuVCQvHWh1hNcy3J58n8Gp1eTWMBivo5kqC-x7us41tTjaj5mK9iO1Nd_gN8Eivdbh80Dthti9AWxw11-3qZRUSKGFIQpMCZTOrXHLLD2VRFGtpbEm9hSpNK1jdPBzE933FD6CcTt-en3acGVr67DM8KfAP4bAXP2Ar_9-5wqiNISt-AmzvsgDVDwq0LLUC50bREqdkDk_UaV9J85wOD44sqlUSy6fVklaLwb9q198csvBx7D73CwAFo2tdQYuAQ56VPP4Xf_lG6hI1ZBMVHMcFUuMJM7OXVdLu-KRZAjODdmWVFvNe3xTcwMUTLdKuUieIrHRr3dhu6mrG_ms |
|
| casual-flings.com/ | Name: wl Value: %7B%22attributes%22%3A%7B%22ttl%22%3Anull%2C%22value%22%3A%22a%3A15%3A%7Bs%3A8%3A%5C%22campaign%5C%22%3Bs%3A1%3A%5C%225%5C%22%3Bs%3A3%3A%5C%22cep%5C%22%3Bs%3A555%3A%5C%22gwcQjTlrolBnjBiCrc9Z5_2sVBqS11is40BspCeTkRQ4MAo7VO3FGpiJ8jE7k7cN3R1wYD53LiCea2f2tj-ApV7KhTq0qIHl5_j8PkWKj_K_aWJoRj60xwDZ8V9U3p9tyx_wXl0Sgjto396bUwGCkzKPjtAzoSRm24O7LeFl4xAZtUrY_lh-iokxnouitfGefucZ0rYnsgjP_7hnHmpM5tkl1stYVyYBbrsy5s3meOWBkWGFNCYLPuiYN0Tqb8W8gOpNdnRXBAlzF9qBBX9GfCNqIdAvr5tDEn-PdUUTbi1siUx_VYq87cn0zhWG3iIjWEYoKg0w9T4zYEdxbG3ZWFFin_FbwiDgzxLd5mtKv2Ls6GyPCFRZqv3ifyEdeVkS8ya7CqClq67nPgajvWBebmrWAiet3o_7kxDi-8O72ct19Ly6u1FpF40eZ9SUofYFEDSgUMCR3PtkTnQ4RBDc-VSnn1aoEzEmAxFpkExaxo-l39RLQRhdqWtIXeJSvZd3tFEWlNLYgZ5f9MPa5UqmeSLdYrz7VssQZXQFo-29OeU%5C%22%3Bs%3A7%3A%5C%22clickid%5C%22%3Bs%3A24%3A%5C%2264c0a7fb15ed5f0348e4df6e%5C%22%3Bs%3A5%3A%5C%22data3%5C%22%3Bs%3A1%3A%5C%225%5C%22%3Bs%3A5%3A%5C%22data4%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A5%3A%5C%22email%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A7%3A%5C%22lptoken%5C%22%3Bs%3A20%3A%5C%221659908c340d93881526%5C%22%3Bs%3A6%3A%5C%22no_pop%5C%22%3Bs%3A1%3A%5C%221%5C%22%3Bs%3A2%3A%5C%22p1%5C%22%3Bs%3A30%3A%5C%22018990902d7b7ae2810e56d21a0a82%5C%22%3Bs%3A6%3A%5C%22pub_id%5C%22%3Bs%3A3%3A%5C%22148%5C%22%3Bs%3A7%3A%5C%22referer%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A7%3A%5C%22revenue%5C%22%3Bs%3A9%3A%5C%22%7Brevenue%7D%5C%22%3Bs%3A6%3A%5C%22source%5C%22%3Bs%3A5%3A%5C%2230200%5C%22%3Bs%3A10%3A%5C%22sub_source%5C%22%3Bs%3A0%3A%5C%22%5C%22%3Bs%3A12%3A%5C%22utm_campaign%5C%22%3Bs%3A3%3A%5C%22148%5C%22%3B%7D%22%7D%7D |
|
| alexatracker.com/ | Name: trbarid Value: 1e2f71b37045a17f00763ed5eff804a6d42de6c8f8046cdc4eb0989798fda563a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A5824862535748200444%3B%7D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alexatracker.com
app.api-push.com
casual-flings.com
cdn-static3.com
cdnjs.cloudflare.com
hookuptrack.com
i.cdnjam.com
tracking.rwttrack.com
wbdnhmo.com
zeniocloud.com
168.119.251.40
209.95.52.178
2606:4700:3030::ac43:898d
2606:4700:3032::6815:3802
2606:4700:3032::6815:5563
2606:4700:3033::6815:3af2
2606:4700:3034::ac43:95b8
2606:4700:3036::ac43:df78
2606:4700::6811:180e
2606:4700:e4::ac40:a21c
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
2dac93602a4e47e156b8b54455dfdcd7a7a4901ab33f2a0c2c416a395e1ebda5
3e3271683e2f8077cb9de816cc38ff8cfb74700a02867315342883615bd1195b
437ba2c2a23438101675ba9d3d78cd853833587138c17d086039dc6389717436
53c5ccd06c70415181c5b3a63dc10cb9375b99eb8f0794343b680ae550d6eb61
56362262394b9102057c04fb12de22d3f247634119c54d19c56c2f9510757754
64c7cf860c8431d6eeb0bcbb4f5ea97aed035be191c1a0c3de21228df34878f0
b44c2e3c20f62ea641bf1da90f6ec3fdc53d73df22854c51cff685fae8d8f9b2
c92b2535f25292f00ca05a3d5343cd1c981affe4bd5e04f3825755448d32d5d1
d9478e6f9a7228b25bf15d5ab3e3dff75be603dc9d123177548beadc06423218
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855