| shaudaunsoam.com/js/_each-land-config.3299fec3.js | 104.21.58.91 | 200 OK | 21 kB |
URL GET HTTP/3shaudaunsoam.com/js/_each-land-config.3299fec3.js IP104.21.58.91:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash0ba3468fb169d838d511e11b5b33eaef fb53785cd4dcc6e5cf0fcebfcafed46a3968cbe9 6de414b4180a6f11c4f5a9ba570d5e97ac8e596b1f9c1bb86872a11ecd416384
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_each-land-config.3299fec3.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=72043
etag: W/"662b7652-1196b"
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IioxuoNoHzVeEZNrfZ25IG13aUX72b3Cy6z1ezbwHxy6G0p4LkD97yNDuRARKvpEKRb2RtHMOFtk7b4C2lGNcUQ%2BHeL7H1PVbv5dRX4EP16QSZnxEIp%2FgWdBEF95pEBb0XCh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afd73e3256ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:35 GMT
content-length: 0
access-control-allow-origin: https://shaudaunsoam.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 726
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: ae94adb5a4121534380eea52dcb8f9a3
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://shaudaunsoam.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| offpichuan.com/track?offer_id=3983&z=7296273&request_var=12026&variable2=13698v8g00084&oaid=991tko0np6rnt2k3ew4lsyt0ekmjey4l | 139.45.197.237 | | 211 B |
URL offpichuan.com/track?offer_id=3983&z=7296273&request_var=12026&variable2=13698v8g00084&oaid=991tko0np6rnt2k3ew4lsyt0ekmjey4l IP139.45.197.237:0
Hash47f1d99afbd8130299b07a2f2abb02da b80a311e4afe638a9691dbf6ea790fc509be4add 57adee60ca2537a39f84b915604e473ac5da108d195cdce1f3b93fc37593f046
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?offer_id=3983&z=7296273&request_var=12026&variable2=13698v8g00084&oaid=991tko0np6rnt2k3ew4lsyt0ekmjey4l HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/json
content-length: 211
x-trace-id: b9110f6bb15d6fae21151c9df833f2c0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://shaudaunsoam.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| shaudaunsoam.com/img/comments/person-sweep-1.webp | 104.21.58.91 | | 862 B |
URL shaudaunsoam.com/img/comments/person-sweep-1.webp IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x52, Scaling: [none]x[none], YUV color, decoders should clamp Hash384118eb5e49870ad443d90051c692cb 35a73704dcf55b3232f2e9cfc333ff2ecfdcc19f 1ae21006f04f15e16a8057644615cdf8a8a9b39db706f53ba9a925327a6a1635
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-1.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 862
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-35e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCYsEyYFhKEUY5NHKYycxyOVEb%2BLn2WKGcXKNm8iRVYMfH4ZIi2%2Fcf%2BK%2F6c%2BqopCS1Sdut%2FK4IuPQ%2FgN0tV%2BNToaJZH6fwiWWKGDWHFf1LsJil9lhbVCqxJDBQn51VBmF7aD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdbebad56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/comments/person-sweep-2.webp | 104.21.58.91 | | 538 B |
URL shaudaunsoam.com/img/comments/person-sweep-2.webp IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashe4d97f0d392aca4fa78b0928438d0168 55f713d8826a9a65e11fddf4c5fa4ea5939953b2 7058be64334990621fbc8cc06782aac5116c6e8a6d7700d892cb8b36f06c5866
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-2.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 538
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-21a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3VQdT7QVWbuHJvwHihDLuWR423U%2Fl2Fa1QLV9USeXJ2xE5%2FSFIE06PDdybB1bPpv7x7Pk9hd%2Bw3WkckyWdlpwCVXWlu0BNufa0QPN%2F2%2FOhqktFGfESyE8RRahi5hjXzQGp6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdbfbae56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/comments/person-sweep-3.webp | 104.21.58.91 | | 582 B |
URL shaudaunsoam.com/img/comments/person-sweep-3.webp IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash8347ebfbfa18beba17d356a3dbacb100 f1d66a05e07953cea27fe277e72a495a8e3de2e7 318e494a7bcf7cb28173e54feebeb44ba93b4c17a423c7036d2fcac40e4db6cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-3.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 582
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-246"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2573
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WN%2BeW1ndY2Ezh79eHUrgEWih76Xx7tndGSaAo60yGUG628dy9WgLDS9gsn3WvomyrxTEl9OzGpKeikBFopCil74bhpLUmPZTLm%2FFVF%2FNAuMmYjAvlYvB0rItXy8Z22zMNTG%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdbfbaf56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/css/sweeps-survey.f5ae42b0.css | 104.21.58.91 | | 36 kB |
URL shaudaunsoam.com/css/sweeps-survey.f5ae42b0.css IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash895c99e8dc2cac2fe41b6e4623314c0e aa530776c5425e3f15a8ad66ee1bc43840172ac6 bb88f272fbb80a919f86655f6cffff6d8419f09b60e279c9727d904f16d73d9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/sweeps-survey.f5ae42b0.css HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=93694
etag: W/"662b7650-16dfe"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hN6Emk1Yr6XlJUP6Fj83yaTf%2BC6VNWQAylC0V6iwFy0v3v%2BsIb0qd5MpqyFS5ElvIlGsYxLCxVUCW4V3AZacK2hnpMXTY28K6QGGpTNplksRxY1ayptro29xoFW9imG5Oz%2FE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afd74e3b56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/js/sweeps-survey.724f05c4.js | 104.21.58.91 | | 3.1 kB |
URL shaudaunsoam.com/js/sweeps-survey.724f05c4.js IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (5840), with no line terminators Hashafcbdd30c40158232aa9fd35cadd736d 182fca86a5225bb13e7bef3900f162997ee3688a 9f2d46ca99b67007947391db6e07142120b0ed2d0a4746f0ad3f1edc7c75c9e3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/sweeps-survey.724f05c4.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-16d0"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5FwJccIueUnO6kS01A0Jcj2CXt8PfYAivsZbg7eeI017nSMBT0Et27qPQORZzlg6F%2FvccHGPDqHY2VcTcQC%2B7u%2FiBvyL9bzRmnnNhUriF8uQwdpHysdA0LJRJwN4ovqNZdyw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afd73e3656ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/pfe/current/micro.tag.min.js?z=6163354&sw=/sw/sw6163354.js&var=7296273&var_3=null&var_4=null&ymid=12026&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 | 104.21.58.91 | | 11 kB |
URL shaudaunsoam.com/pfe/current/micro.tag.min.js?z=6163354&sw=/sw/sw6163354.js&var=7296273&var_3=null&var_4=null&ymid=12026&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (27174), with no line terminators Hash75c26ccd65e96e912725399ff3ce66e9 d300939979d2048844dc5ac80c51ed8121126f4e c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=6163354&sw=/sw/sw6163354.js&var=7296273&var_3=null&var_4=null&ymid=12026&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-6a26"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mTCyDxKjrpsOJ29neIK6ZKCTlAgJR72hyj6CDNZrkqFnCm5ORY5XcmsaZjFVDzcRc5R0DFL6dUNvqp8gk4JTZvmFaD5hsuXv%2BQ2RM%2BbFnRSCC%2FsfA4Xy%2FujqHyyZNwD15W85"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afd9f94d56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/js/SurveyContainer.e2959212.js | 104.21.58.91 | | 15 kB |
URL shaudaunsoam.com/js/SurveyContainer.e2959212.js IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (57082), with no line terminators Hash0df7a0f05192a1af311ce45d48639a89 df29dce5914578a52af5f516ccd18d289d808951 4cde10689c1ef6c2f58585483fae6d656ccfa1d16cc282dcfbe6cb89700ae2dc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/SurveyContainer.e2959212.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=57085
etag: W/"662b7651-defd"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2usbtOtJHbpx%2BVsjfsAGtpvv6gS4DkAMb867QntvLNF%2BL2mQqO6t6WhtwZ%2BT21fmVFm%2BzlnZ8j7vZbp6WFuiT%2Flu%2BLFazoM9cRFusb8hizlzpbGiE%2B2Nf2%2BuWghRkb9Vu6O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afda29a456ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/comments/person-sweep-8.webp | 104.21.58.91 | | 696 B |
URL shaudaunsoam.com/img/comments/person-sweep-8.webp IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash6a6742fef0cd1bd74f6da94e9fb833e1 ccaae2ff48574bbb04072b2efc5864b9177017a5 96bf5ed5aa8149269a215cf19a17889c762b8cddb2fe36229849c8379c2d4aa6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-8.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 696
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-2b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2572
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zd2YrImLBnKAiZ8LBkvVx0ukER2LhazB749o1CQAkSUV6emJ1NpSDyeNnSBCpfsPNbmJGw1iYYCDp3jJAdRovP%2B1xunoTls5z72f9QuHgoCpZFdMp7UJjrYxeWx7YFel7fQl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdbfbb956ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/comments/person-sweep-9.webp | 104.21.58.91 | | 818 B |
URL shaudaunsoam.com/img/comments/person-sweep-9.webp IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hasha61b1f29004e5a54130bc57051a49c0d 7f60eef07e311b3598895343111d90282a002ea0 b3de11ad2ace70aa9786af4a9e65db774466fe25aca16e16dabdfa7ec76b0a53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-9.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 818
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-332"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2572
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SqnS5IDXNAoaOhe8baJy%2F3PKnebKuC2%2Ff9IxcXLeLmyowwBE2OtMz3gDls10W6JoOOZ3lViaLv%2Fo9HZlCI6WWTaYAcXCCiFIcMdLnVafRuBiiHBXzd01cwxt1ZEfu7Ds9YWL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdbfbba56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/comments/person-sweep-10.webp | 104.21.58.91 | 200 OK | 572 B |
URL GET HTTP/3shaudaunsoam.com/img/comments/person-sweep-10.webp IP104.21.58.91:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash206819c13484a7a818f1e4499be3704e ada2f34308d6eaa0d004ed0c732e5a3aa7fda1db f4eed862cbcf8f9ce2bde63cf3e13e73ed3e58ac93ec4bb14301b248c4d58e1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-10.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 572
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-23c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZT6or9IOKbEJFwX84uN5%2FnPERIhROuWbTEAGGDVI5ks%2FvfAEjQ8vPuUdsSTEGQTMoXy9BNNuhhnb%2FavVuYpIQb0RbhOjQJuQbIA8LdwoRvgh9Q%2FX01A8nYsn0wWGv3ZvZ2E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdbfbbb56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/js/_rtc.f86a36d7.js | 104.21.58.91 | | 5.7 kB |
URL shaudaunsoam.com/js/_rtc.f86a36d7.js IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (12222), with no line terminators Hash128d6eec0793a7e02c314d2f6245f260 c9f09311c3f229b770f38d0cc69b422430f1c748 bf1606ac64db254cc565a094e7162a96f31f7e48ddece56fc92c654559e5abb8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_rtc.f86a36d7.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-2fbe"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h9J72HcnJ%2FVuNtYOvANjn3SROBfVplH8idaguXQObx02d9rv39Aewx3vPmMGpSner10rCSIGqwLZqbrclBfotcNv8j7iEgYtf8REGwFeNItczG1Ttu1XLSTQjPHJ5CZsEpZy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afd73e2b56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/comments/person-sweep-12.webp | 104.21.58.91 | | 668 B |
URL shaudaunsoam.com/img/comments/person-sweep-12.webp IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashc57b8a772545ee6e05fedb58c143beb1 6cb5aef79f86275a725cfdd406c7038b24d80aa9 03389ef007f0fd3486a5c71848fd2b67cc05341cf449bcdd34a81a1d4048b090
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-12.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 668
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-29c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CbnuxInYPK2pAJuyWihW8gLL6288Caoislp9zK%2FqvHwnDYAJTYdlmY%2B6GFfCEBbsh%2BhdTBud1lVFHG7bsHj5z9ae1tSdneQAbKC0L4iw0c5hDMCrY0rUJe6anOhFIgfrWUgv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdc0bc156ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/comments/person-sweep-14.webp | 104.21.58.91 | | 626 B |
URL shaudaunsoam.com/img/comments/person-sweep-14.webp IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash7c494127025f1ec09a96c16bf0531a36 0c2f9302c41f99da9fb5eead2c364bdbdf435156 e6443a7cdcc5ee11ece88ce10824fd79851700e4bd3dc6259d1a816182b82e5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-14.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 626
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-272"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2FQ%2BJLRyUbsIOodXHTRaXm4tn3AZyIvDpyGePBrXQMevofaQ3U5X18KiNo2nj9qzdXUx50r94mR1Vx4UT7dv6Xm4MzMYBVYasRU%2BlXcRkOGJMIqi0G7T4VU9TdsFpQPMCj7D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdc0bc556ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/comments/person-sweep-15.webp | 104.21.58.91 | | 576 B |
URL shaudaunsoam.com/img/comments/person-sweep-15.webp IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash6c0726564aa84c5f1161bd0051e0c5e0 6df7e7122e0d007e7ea187c3c35fbc869f8ef8e5 98ff0218f67c0bce5c834a0145c686f56d3a7ca1b948341a3181739da66883b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-15.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 576
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-240"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hziO3GZRasMXLifVRViDbhOAU9x2UPGTfvyU16Ip03foVdwK3vhkDAn9WsnW3hvhQVpiTqscJ%2FVdtycZJi99C61VHfWuO5QnR3eMTTjspmFzaEQ1wRDp2G2IHIS%2FMZr%2B9CbG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdc0bcc56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/js/v-index.mjs.19622407.js | 104.21.58.91 | | 8.6 kB |
URL shaudaunsoam.com/js/v-index.mjs.19622407.js IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (35287), with no line terminators Hash1de1ec2d8e7940b88970d8fbce40ed6d 510aa24127fb8bc3578d9ca4628b2eea5a84ce01 b473156bef833bcfb2e84658093f1ebc1e64011dcba904e26ccb31f1cad8b762
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-index.mjs.19622407.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-89d7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wgfcg6lmoDjEYdPe8esjK5%2FA%2FqH3IOScLY9ZSVe4gIgxsc6a9WZ0H4ey3%2B7H85R%2F%2Fp%2FHdjw8JauDr6gytfhy2e4f17DJSx%2BZ2aW6EbD9A45oF7pkL%2Fj27jStMMa2ySiJtNLH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afda198656ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/comments/person-sweep-16.webp | 104.21.58.91 | 200 OK | 734 B |
URL GET HTTP/3shaudaunsoam.com/img/comments/person-sweep-16.webp IP104.21.58.91:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash0e8c55db8fda61ba2565a293b72e36e1 ef9deaad0f8a71da57252bcf543ea369673d39ff 79b1a144ec7d571b7a155cd2852da72e89b2954affca1448001e3fed2227cb34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-16.webp HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/webp
content-length: 734
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-2de"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wW5wPedGT7CjcRxWkhmHGDvD9%2Fgsuk38bvU9cBra%2BU7lG4eizTFZl8GPEb%2F2egzlyp%2FzwfXaMjfrzIdimQBEP9g0tR7lQcMR%2FOQW4YCnZmiCvD6HTMgfJqfjz4fyPBoRCQZz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdc0bcd56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | | 0 B |
IP139.45.197.248:0
CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:35 GMT
content-length: 0
access-control-allow-origin: https://shaudaunsoam.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:35 GMT
content-length: 0
access-control-allow-origin: https://shaudaunsoam.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| shaudaunsoam.com/js/v-utilities.js.d1112fc4.js | 104.21.58.91 | | 1.3 kB |
URL shaudaunsoam.com/js/v-utilities.js.d1112fc4.js IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (2577), with no line terminators Hash18cb151303391373ec2138ce7f10bd7f c3d6fdc026a675d23ac14beebd3a46e3e72e9dc4 93cc28fc75a9cbc865ed918e1a8d139ecf52c3a7d9a2caef63ed7092f69ee142
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-utilities.js.d1112fc4.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-a11"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gJ%2FtaIfvV8yONsPO%2BPz%2BTM518tYJREOCw4OBEa%2BkxLT80vTIPpR%2FHXn18Vq5LNtL00Gs%2BJXz4TBXOUAcHQxVA3CxsdCpSXxZmuR4H%2Fba7%2B95QkgQekMVtnJwdSmZ5ZE4WAIm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afda299756ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/img/sweep/tokens10k.png | 104.21.58.91 | 200 OK | 82 kB |
URL GET HTTP/3shaudaunsoam.com/img/sweep/tokens10k.png IP104.21.58.91:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typePNG image data, 480 x 500, 8-bit colormap, non-interlaced Hash10337a4976db716ba3b8cad1f0f1f736 788015c74e561249cc5318fc178e564b68bce44d fef211dba7465da86e75019f78dcdf59af496394963b0bc6cc78b02286effe58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/sweep/tokens10k.png HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: image/png
content-length: 82163
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-140f3"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2574
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N7N0nK3%2FoW8bBcBrGd3sahTM%2BFR1SqqjWaNC42TSlV1mRGBXERw56ObkyaWz8mPJoMsujXiGLJdEglU0I15l7tFRldBtm6OyxGmyN5eYSPSzgutVLD552oHUpoFBSCNECLDy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdcecad56ba-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | | 175 B |
IP139.45.197.248:0
CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hasha7fbccd9aed97a405c912f014e54e33d d1f5a4e6a184f566d272fb282c7719dac8da4d38 27abda38a3b61986ba145f4fc9a02407cc4649fb26b3cec1a4bda41b7cba21c3
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 153
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/json; charset=utf-8
content-length: 175
x-trace-id: 725e0231289ad11108028ebafc666d7e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://shaudaunsoam.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| shaudaunsoam.com/pfe/current/stattag.js | 104.21.58.91 | 200 OK | 7.3 kB |
URL GET HTTP/3shaudaunsoam.com/pfe/current/stattag.js IP104.21.58.91:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (19053), with no line terminators Hash3a74216e872211a9c770302bb7d4a63f 7e63556174a7d66eee407218e503ec0aae2c0f9e 03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/stattag.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-4a6d"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2572
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZ2bCx0WPR%2FZJPNmsgZxJC%2BACPL%2F60Dv5Ztn6XW%2F78oynlOJtY9vPwFSMGC%2BI36Vk6UnXt0PCtdDpuRAn4wxjkWAzhxDgwECGO53HyneKy56fp1wspMQrIuH6JI1AnCF1Hmr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afdc9c5e56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 807
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:36 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 2f8935a08d55a62004055e3408b922a2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://shaudaunsoam.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2639
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:36 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 45cc07e03503b7969b0ca3258989ced8
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://shaudaunsoam.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| shaudaunsoam.com/js/v-redux-toolkit.esm.js.fe3487ca.js | 104.21.58.91 | | 6.3 kB |
URL shaudaunsoam.com/js/v-redux-toolkit.esm.js.fe3487ca.js IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (11319), with no line terminators Hash5aa3676547abc9a38889c09e69ca968d d19ea919192e86f97c34c0a5959ad05c52299aec 21648e7ba668a077e403b6bd1a38f05d55d987737b959d57e3b3c53787107eb7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-redux-toolkit.esm.js.fe3487ca.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-2c37"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jSRqmrFNlULo9Oao8700ClZWmqoJ6iqq5N%2FMWAN0QcRIQM8cY4BORUZtm%2BCmuAEdc2qrzB2p%2B2MGhdK%2BOKJOkaVD4Rp%2FAL3uSVyP488FNuk6O1lYWnOyuwuU9vA0eSnNRrxc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afd73e3156ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/js/s-checkLocalStorageAvailable.ts.f2fef93d.js | 104.21.58.91 | | 6.6 kB |
URL shaudaunsoam.com/js/s-checkLocalStorageAvailable.ts.f2fef93d.js IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (330), with no line terminators Hashf23ca32d86f4a0e4179319172a667c74 a68d98bd989ff8804424b8b38f2104f5b562e4b4 0d92eabc50682ed456954a64fdfad12a54b3da489957e9e70479724f5503752f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/s-checkLocalStorageAvailable.ts.f2fef93d.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-14a"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OqyTWol%2BSpHlFBMD7m9z1VgfRIpFkHhs2mIJlx0FFsb7nkM11Q090W2lTnspRyLoIOhq1e5N0rAAtsKGra%2BGTo2NP2GUsHCqEnxe%2BsLE2gJ8x6hK87QpFmMypfQabFrDiLw1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afd73e3056ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/css/SweepHeader.8e7220ee.css | 104.21.58.91 | | 6.5 kB |
URL shaudaunsoam.com/css/SweepHeader.8e7220ee.css IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeASCII text, with very long lines (369), with no line terminators Hashb3e63dbf70b8e4ad7c5ec23726112e15 e083def5d026fb5bc171c3043f714fd5d859f82b be1433fba47a27551a04629ff55f1a1d944922016569342433d79f0200d8959d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/SweepHeader.8e7220ee.css HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=370
etag: W/"662b7650-172"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LWyoy2IGsQDBWdQyR%2Bnl3i3HT6tyN7PcZoTKIumTUH6MHvwbnKJgNwNKvG%2BD8jrRHGY0hD4k4%2Bdd8wALklhS7NBHF76g8PcdLnmezpV%2BdgwiFDW8aigtleLUvi1BFVCx7aGL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afda097556ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/js/v-domparser.js.97173b2e.js | 104.21.58.91 | 200 OK | 9.5 kB |
URL GET HTTP/3shaudaunsoam.com/js/v-domparser.js.97173b2e.js IP104.21.58.91:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (1720), with no line terminators Hash52ca18eed5d7b4a88f79e075608522fb 8332ab1afc8d9c23d127cbc785fb41af81563732 ce352016d1e917abce6b5552ae2fdc941a8998300566b138d04383ae461f0a9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-domparser.js.97173b2e.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-6b8"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnmdgRhkynnB6Qby2diRm8W87D3srGd%2BkaVEW8Jjo7GCoJfT2IzYhvj%2FgqrdSpByXLt1Eye6A9h16nZrThpgkvLKQpn0RJQYpedrf9joyyMM9QCU%2BJAotBx%2FtvmLrqGcOusS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afda299956ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/js/v-html-to-dom.js.ff1ae7e0.js | 104.21.58.91 | | 7.5 kB |
URL shaudaunsoam.com/js/v-html-to-dom.js.ff1ae7e0.js IP104.21.58.91:0
CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeJavaScript source, ASCII text, with very long lines (364), with no line terminators Hashe7384582d95265db33b2a41c0a31f41b b609bec5a8718ab1c9c27a197a15e9a434c36dde c631c08f52c7380fc8f8f0247d68f9171ff8e63d41d7885b992f1374af5a995a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-html-to-dom.js.ff1ae7e0.js HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; syncedCookie=true; oaidts=1715320595; ID=991tko0np6rnt2k3ew4lsyt0ekmjey4l
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-16c"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dYMvo7oTHvj5foGYOFnXbA3cugBTP119eX99S1sZxdwJ9RPd%2FNl3c%2BzjH2lqK2G13fHLZfkV3ixwMK7YawopA82JoOg4sVp8ngZryGNGvnXC%2FH037BSJSuOXzRmgoeFoGrVm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afda299f56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| shaudaunsoam.com/css/_core-survey.d3ac2ee0.css | 104.21.58.91 | 200 OK | 83 B |
URL GET HTTP/3shaudaunsoam.com/css/_core-survey.d3ac2ee0.css IP104.21.58.91:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectshaudaunsoam.com Fingerprint90:70:D4:0B:5E:24:64:5D:7E:4D:A7:DA:D4:3C:30:07:06:8E:2E:65 ValidityMon, 08 Apr 2024 14:02:49 GMT - Sun, 07 Jul 2024 14:02:48 GMT
File typeASCII text, with no line terminators Hash30d726a40ffe74d794b282ca1795b44c b43155653a1b9cc8d257687df9a75e0f204db348 4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/_core-survey.d3ac2ee0.css HTTP/1.1
Host: shaudaunsoam.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 05:56:35 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=84
etag: W/"662b7650-54"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZOhw1bF2eKK6nHKwNhcakmtBybgOs%2FJe%2FZ%2F0awawTImtIyhAzXyfpFWypvLCna8nCIiQOo8je89KhRah50hkFqQ%2F7Uk0mwyB18ggmolo%2B128YQ1I0q%2FGKXw7WfuVk5KKajf7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8817afd74e3a56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5426182&var=7296273&ymid=12026&uid=991tko0np6rnt2k3ew4lsyt0ekmjey4l | 139.45.197.237 | 200 OK | 3.4 kB |
URL GET HTTP/2offpichuan.com/rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5426182&var=7296273&ymid=12026&uid=991tko0np6rnt2k3ew4lsyt0ekmjey4l IP139.45.197.237:443
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3418), with no line terminators Hashdb8111dfe87abf92814f8c0361866db1 14e0132afafcf20fb82e068485fc7b6db097af6d 2efc60179a9b4d6f16313a96142f4602308deb4bd54bd0d89cbd970b195942dd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=4599387;4599749;4702124;5426181;5426173;5428099;5426182&var=7296273&ymid=12026&uid=991tko0np6rnt2k3ew4lsyt0ekmjey4l HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 05:56:36 GMT
content-type: application/javascript
x-trace-id: 28817020c5a34f252f6c3e78452002ce
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
vary: Origin
access-control-allow-origin: https://shaudaunsoam.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=991tko0np6rnt2k3ew4lsyt0ekmjey4l; expires=Sat, 10 May 2025 05:56:36 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=8d4c668c-dd22-475f-8f09-3997ea7a0afa | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=8d4c668c-dd22-475f-8f09-3997ea7a0afa IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://shaudaunsoam.com/sweeps-survey.html?z=7296273&offer_id=3983&var=12026&ymid=13698v8g00084 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=8d4c668c-dd22-475f-8f09-3997ea7a0afa HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1469
Origin: https://shaudaunsoam.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 10 May 2024 05:56:36 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://shaudaunsoam.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|