Report - magictrack1.com/click.php?key=bq66i56e5tp1mhsbll0b&SUBID=811978200832806912&zoneid=7304530

Report Overview

Submitted URL
magictrack1.com/click.php?key=bq66i56e5tp1mhsbll0b&SUBID=811978200832806912&zoneid=7304530
IP
188.40.69.165
ASN
#24940 Hetzner Online GmbH
Submitted
2024-05-08 15:39:32
Access
public
Website Title
Click to continue watching
Final URL
jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
jaupteeglo.com	unknown	unknown	No data	No data	6.5 kB	101 kB	104.21.87.225
jouteetu.net	260109	2021-07-08	2021-07-15	2024-05-07	1.3 kB	1.9 kB	139.45.197.251
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-05-07	1.0 kB	1.1 kB	139.45.197.250
magictrack1.com	837686	2021-08-30	2021-08-30	2024-03-12	544 B	622 B	188.40.69.165
static.jaupteeglo.com	unknown	unknown	No data	No data	544 B	7.8 kB	104.21.87.225
littlecdn.com	11785	2019-06-04	2019-06-04	2024-05-07	473 B	2.9 kB	104.22.24.116
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-06	910 B	1.5 kB	139.45.195.8

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-08	medium	jaupteeglo.com	Sinkholed
2024-05-08	medium	jaupteeglo.com	Sinkholed
2024-05-08	medium	jaupteeglo.com	Sinkholed
2024-05-08	medium	amunfezanttor.com	Sinkholed
2024-05-08	medium	amunfezanttor.com	Sinkholed
2024-05-08	medium	jaupteeglo.com	Sinkholed
2024-05-08	medium	jaupteeglo.com	Sinkholed
2024-05-08	medium	jaupteeglo.com	Sinkholed
2024-05-08	medium	jaupteeglo.com	Sinkholed
2024-05-08	medium	jaupteeglo.com	Sinkholed
2024-05-08	medium	jaupteeglo.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	86 B	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash fc2fe2ac4fcf0b74f920a8a08d810c5f 21e79443a24e10efb1d1c069e7fe52093457f850 27036107d5421c883e7b4f83263eaaaead9b7eee69ca09fe63cafb0871a38778 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	390 B	2024-01-23	2024-05-19
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-23 11:20:02 Last Seen2024-05-19 21:07:54 Times Seen2299 Hash 5247fca34d34a05ed1f8838aeba83b47 564b1f3eacda75db2aa6b35b218bedb8a0388cd2 6c3667edbc99573fa96be6a762d2d1a3cbf7269e3f40031b03f3766a5f6cd8ba Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	548 B	2024-04-18	2024-05-19
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 22:14:33 Last Seen2024-05-19 21:07:54 Times Seen280 Hash 6c1a77038dcd135252bab3b9e3303813 a41463947ff0faeba9b74957b1e660d5c48bea1b bcdb63ed672335accac8933777b08db48dceae4645aeb9c4d4d81d429a27787f Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	1.0 kB	2023-09-15	2024-05-19
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-15 06:48:32 Last Seen2024-05-19 21:07:54 Times Seen5405 Hash 1e000d88343060c761e3d7ae644a8732 98f67005a3b038378596137e93681310c394d980 cea17ebf90b967d519365b4f2c3a89f73e6b70003e81841d6b8696df4304210e Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	2.9 kB	2024-02-12	2024-05-19
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-12 03:36:07 Last Seen2024-05-19 11:02:01 Times Seen38 Hash fa2fface3b7194bd7292ed48ab49d486 e3c90429161fbbd3f63af43178d8db179bde8396 7974f2a6cd4dce0727912f5b506db2319ea1c44a31128e71dd8e2e9000f53dfc Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	321 B	2024-03-16	2024-05-19
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-16 20:53:06 Last Seen2024-05-19 21:07:54 Times Seen223 Hash 7871eb351b7621935fa9c7235ea23fec dc9e9141d124263e37f8f36a2a9a3a04fe48e34a 35a2fe87f3d74d7791097c7670e83fbd42c90b97cc393527309235d358809683 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	97 B	2024-03-16	2024-05-19
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-16 20:53:06 Last Seen2024-05-19 21:07:54 Times Seen223 Hash 77b5a2581e051e76ee3c38a50a873548 029ab99e3748ace3d701b0d8e22f2eca860ff701 6cdef993f9cba362e089f1dc186ebd08a995de0fdb582440ba0d892f34325c48 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	2.1 kB	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash 3ae0266b481b5e538832ec6257d63c1c 4089ddbcd36aa3f0087704a0a5246092f6bac7b6 04e2b3defb241bc75947b6a7d7c21a4a7d501f58bd4efc5b25f45716f688c8ab Loading...

	jaupteeglo.com/pfe/current/micro.tag.min.js?z=7015928&ymid=7304530&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3339&var_4=812097820494148469	37 kB	2024-04-25	2024-05-15
Pretty URL jaupteeglo.com/pfe/current/micro.tag.min.js?z=7015928&ymid=7304530&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3339&var_4=812097820494148469 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 13:01:48 Last Seen2024-05-15 20:42:51 Times Seen2522 Hash 32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	38 B	2023-03-13	2024-05-19
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 22:51:58 Last Seen2024-05-19 21:07:54 Times Seen5516 Hash 3ea1379d18e4ec6bccefeba76a1b33b4 90afb068cee6917494ddd820bcb2fe44de7e5e43 15c832dee58f1c08fb6bf51935a10f95cb0482d19441cefbb469a82278e54bae Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	11 kB	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash e446b17c8e7523f2b4f85f4c63e4abcf 0470e4c27698d9ab40cc8f8e250991bbf93757d7 39e400bb9a3f3f0f4f103947934263217cd76a7c5988fe10d3b2e1ef5a5eb71f Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	3.5 kB	2024-04-06	2024-05-19
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 22:19:16 Last Seen2024-05-19 12:30:28 Times Seen99 Hash e5380ae0a235fbdc5e33afdb4af4acd5 dba073f817c4f31269e29c04f4055306aadec631 696253f67e5035923d4e83bd3f49f34e3ccfdf4bdcb879b955f7707ae166520f Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	471 B	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash 07c94bfc41caf6583de45421c1a5e50f eae1ec2cfbdb094cf265060c6d40d6d5a820d6ba 9824779248e3aee6cf0237293032bbec3395bbf86a728689a9e0d1d2407beae7 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	432 B	2023-08-15	2024-05-19
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-15 17:07:57 Last Seen2024-05-19 21:07:54 Times Seen5424 Hash a68df917a9d58006028bbbc7b6f30aa0 8412b7650e9351c4826eee83dc944ab8e7a5a660 003c5bfe078f1901b11f14e32f824a1696e54b3a72cd7462395986063f0cd571 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	3.9 kB	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash 559f9112fcba67c836a712030ac9c2f3 36fb6932682a76dc63ff205d5cd08959a611e381 40bc8152de527535da6226af72f369140a15365bc11a3b65b7817cb7d55754ab Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	5.1 kB	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash aeadba84cd0bf1d8d1caf3cd01e26ee8 9687f5de17fd8bfb9a9e05a33d5d6e05629658e8 a453e547f19990f6bab29847e243bad219984f79f2d3ee133a8a87b0e2e978c3 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	4.0 kB	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash 54f7e58e6010808b952768e2757301c7 ba9cd8b9e8451f984c1895ff1eaf27f8a51b5a1d 47d264d9a151634aef7e747f593b3c24b1447a87c620cc2c4f1a998cfa4c547e Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	3.1 kB	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash b7eb75f0cacc5deb8d67278b60ca0419 fd64f44b01bd1e9315d458830170bbaaf08f9fef a8771728eca9996738c595e71b0fecf1e4dcc9b015df6b3ca5fc9d8ee23285ec Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	2.7 kB	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash f73d6f4c74192ecdab7e2239edcb17eb a7292c8813b0716f7e9f33250913748607341aa6 3777de95d0a4f8176ff5530e90e45794a52b9c0f9e89b75f523219d196aefd9c Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d	2.1 kB	2024-05-08	2024-05-08
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 17:39:40 Last Seen2024-05-08 17:39:40 Times Seen1 Hash dbd999a3efac697df45bcb856ec20f1e 76c669f58d1ded7c5dec943fa42fff92d54911af a9a79b31f36db00c90b4626799ce0b8a67c11f8e35e54be75b0de5d76548f9b4 Loading...

HTTP Transactions (18)

URL IP Response Size

magictrack1.com/click.php?key=bq66i56e5tp1mhsbll0b&SUBID=811978200832806912&zoneid=7304530

188.40.69.165

302 Found

0 B

URL User Request GET HTTP/1.1
magictrack1.com/click.php?key=bq66i56e5tp1mhsbll0b&SUBID=811978200832806912&zoneid=7304530
IP
188.40.69.165:443
ASN
#24940 Hetzner Online GmbH

Certificate
IssuerLet's Encrypt
Subjectmagictrack1.com
Fingerprint51:DE:36:05:A3:39:B3:8A:84:18:FB:F8:88:53:93:77:79:D4:01:1A
ValiditySun, 05 May 2024 08:08:22 GMT - Sat, 03 Aug 2024 08:08:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click.php?key=bq66i56e5tp1mhsbll0b&SUBID=811978200832806912&zoneid=7304530 HTTP/1.1
Host: magictrack1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Wed, 08 May 2024 15:39:08 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=fvxiduuq8n; expires=Thu, 09-May-2024 15:39:08 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=fvxiduuq8n-fvxiduuq8n-tw8p-0-b4rn-ocx9-ocsy-93deed; expires=Thu, 09-May-2024 15:39:08 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Strict-Transport-Security: max-age=31536000

static.jaupteeglo.com/templates/_assets/sounds/blip1/default.mp3

104.21.87.225

206 Partial Content

6.7 kB

URL GET HTTP/3
static.jaupteeglo.com/templates/_assets/sounds/blip1/default.mp3
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
Size
6.7 kB (6712 bytes)
Hash
6422f23e1751d74410347e02c0210a60
0e3e65be6b5fbb76f6a52191e973bd37368be204
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/_assets/sounds/blip1/default.mp3 HTTP/1.1
Host: static.jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Wed, 08 May 2024 15:39:09 GMT
content-type: audio/mpeg
content-length: 6712
last-modified: Wed, 08 May 2024 13:30:45 GMT
vary: Accept-Encoding
etag: "663b7e85-1a38"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=86400
cf-cache-status: HIT
age: 4168
content-range: bytes 0-6711/6712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bj2yQLMGIDKJ2nZH8lhGsVKDCT7Prl6jeXAhc5rHDMINdiTL%2FornY33KN%2FdJR%2B4MVUa10G4OF%2BUFLJ1qLn5NmXQIJsMbr%2BGM7Ssb3QPWoW4dDEOY4mqYhu34KWttSSudU47JZRSuMfw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a8a768aceb527-OSL
alt-svc: h3=":443"; ma=86400

littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.6

104.22.24.116

200 OK

2.2 kB

URL GET HTTP/2
littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.6
IP
104.22.24.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectlittlecdn.com
Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A
ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT

File type
assembler source, ASCII text
Size
2.2 kB (2180 bytes)
Hash
77800b67413ed2d93cda5fbffdee9c80
e4c0cc617a79bc021ab2b114d76497dfc10f45df
df72ad7033ec4e39d4cd75b51d6600837e5f46af3bb31fed01bb07aabb61cede

HTTP Headers

GET /apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.6 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:39:09 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 13:30:45 GMT
vary: Accept-Encoding
etag: W/"663b7e85-1af3"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 2493
server: cloudflare
cf-ray: 880a8a76799c712d-OSL
content-encoding: br
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=86499c559bd2486805021fc1e9bdd91e

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=86499c559bd2486805021fc1e9bdd91e
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
1a80800798020479e5e20dbb551a7811
f048a6ff5f42a5b91ccf3672906acc8ec67dec23
2cc3227e5c2617bbc4671d9c4d38f135392c28bc4df45f1caa55e1993a98366b

HTTP Headers

GET /gid.js?userId=86499c559bd2486805021fc1e9bdd91e HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=86499c559bd2486805021fc1e9bdd91e; expires=Thu, 08 May 2025 15:39:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
709b083e824bcb4c0b6d9725335b2029
86467c950d3cab758ac6617bceab44d453f6602f
37eedcc2671f7ecb650d1e657b0de754ab78fffc415a857e57e65ddddbbf99fb

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=080056a27ba94bccff7510fac1eb5e05; expires=Thu, 08 May 2025 15:39:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

jaupteeglo.com/rotate?zz=6355835&var=7078316&ymid=7304530&uid=080056a27ba94bccff7510fac1eb5e05&var_4=37c01fvxiduuq8n48d&os_version=x86.64

104.21.87.225

200 OK

533 B

URL GET HTTP/3
jaupteeglo.com/rotate?zz=6355835&var=7078316&ymid=7304530&uid=080056a27ba94bccff7510fac1eb5e05&var_4=37c01fvxiduuq8n48d&os_version=x86.64
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
JSON text data
Size
533 B (533 bytes)
Hash
bec83805615322e2bb32f305d879edc8
29ed661e9c8edb150422a6d04c1f45f3ca00d87b
c258064c745ee1fd0e59d9cda6980f17588d87fb372a92b30116bfc198535c57

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rotate?zz=6355835&var=7078316&ymid=7304530&uid=080056a27ba94bccff7510fac1eb5e05&var_4=37c01fvxiduuq8n48d&os_version=x86.64 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
DNT: 1
Connection: keep-alive
Cookie: reverse=574ZGtzEVj2HzFdx3CHhjMyrcDdv8OjCyRvvdAfPW2U; OAID=86499c559bd2486805021fc1e9bdd91e; oaidts=1715182748; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 3f5ab608538d96712dcc3e4eea38e1f6
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-origin: https://jaupteeglo.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=080056a27ba94bccff7510fac1eb5e05; expires=Thu, 08 May 2025 15:39:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2L%2BcShiyjozpNYRjEmgPypq0xMJhEdJpwyF%2FsPBroTX8jE%2BMkJMf%2FpERlmdUOWEQJ3d9qNyMYVmXKJfPr%2B9s8sfXDqxr0gZXNozWVx8Mo3fS9ycEq10B%2B3iM4l%2FKFzURJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a8a77cc9bb527-OSL
alt-svc: h3=":443"; ma=86400

jaupteeglo.com/zone?&pub=0&zone_id=7015928&is_mobile=false&domain=jaupteeglo.com&var=7078316&ymid=7304530&var_3=20323986_3339&var_4=812097820494148469&dsig=&tg=1&sw=3.1.504&trace_id=b890219b-c299-4740-9491-9c3549bf191d&action=prerequest

104.21.87.225

200 OK

0 B

URL POST HTTP/3
jaupteeglo.com/zone?&pub=0&zone_id=7015928&is_mobile=false&domain=jaupteeglo.com&var=7078316&ymid=7304530&var_3=20323986_3339&var_4=812097820494148469&dsig=&tg=1&sw=3.1.504&trace_id=b890219b-c299-4740-9491-9c3549bf191d&action=prerequest
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=7015928&is_mobile=false&domain=jaupteeglo.com&var=7078316&ymid=7304530&var_3=20323986_3339&var_4=812097820494148469&dsig=&tg=1&sw=3.1.504&trace_id=b890219b-c299-4740-9491-9c3549bf191d&action=prerequest HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Cookie: reverse=574ZGtzEVj2HzFdx3CHhjMyrcDdv8OjCyRvvdAfPW2U; OAID=080056a27ba94bccff7510fac1eb5e05; oaidts=1715182748; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 15:39:09 GMT
content-length: 0
x-trace-id: 462b1d3bcd88bb9416f7a1a67ca652bd
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9HBkwHq9HI3Lp5PovSCC7WK34wE4I1AXkdrxVWxceE71QYcR45%2BShrBBeY%2FgoOLQfnwjjVKN%2F32oWUty%2Bocb1uyeLYo7Q2vTIUfT%2FbGigffITBN22I4Oxtg38JUPqLIxYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a8a794f10b527-OSL
alt-svc: h3=":443"; ma=86400

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 416
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: fdaee09e4a245939f15a5d4b9e768549
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 418
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: dae07eecb7bca08b7f40a2846a81d9e5
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 419
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 207d259bd473ea393b1eb53dbaa9d869
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jaupteeglo.com/
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:39:09 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type
JSON text data
Size
94 B (94 bytes)
Hash
b60ea28c32daea8cd5b98ea60b6f686d
d67cdc34abc10fd3c9f62f2c0c1b44cced3fd320
40bbf1021034c690baaf1fd9bdae474368445e4be38ee04f78f743dc473e9bbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/
Content-Type: application/json
Content-Length: 1450
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jaupteeglo.com/track-impression-applab?z=7078316&b=20323986&ymid=37c01fvxiduuq8n48d&var=7304530&var_3=20323986_3339&redirect=false&redirectUrl=https%3A%2F%2Ftoplaying.pro%2Fyz992c%3Fexternal_id%3D%24%7BSUBID%7D%26source%3D7078316_7304530%26ad_campaign_id%3Dcryptocpszd%26land_state%3Dbefore_render%26land_id%3DJ1mCFxLYUjKrC3y%26land_generation_time%3D2024-05-08_10%3A39%3A08%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D86499c559bd2486805021fc1e9bdd91e%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64

104.21.87.225

200 OK

3.9 kB

URL GET HTTP/3
jaupteeglo.com/track-impression-applab?z=7078316&b=20323986&ymid=37c01fvxiduuq8n48d&var=7304530&var_3=20323986_3339&redirect=false&redirectUrl=https%3A%2F%2Ftoplaying.pro%2Fyz992c%3Fexternal_id%3D%24%7BSUBID%7D%26source%3D7078316_7304530%26ad_campaign_id%3Dcryptocpszd%26land_state%3Dbefore_render%26land_id%3DJ1mCFxLYUjKrC3y%26land_generation_time%3D2024-05-08_10%3A39%3A08%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D86499c559bd2486805021fc1e9bdd91e%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
JSON text data
Size
3.9 kB (3893 bytes)
Hash
5693337a56e7394ba442334bfd836a58
95670ae033d7bf420ca80a3ab202f64af5520284
0621d65020e5083441198a53de68c1e18976a2827614b5465bc0dc4994799f24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /track-impression-applab?z=7078316&b=20323986&ymid=37c01fvxiduuq8n48d&var=7304530&var_3=20323986_3339&redirect=false&redirectUrl=https%3A%2F%2Ftoplaying.pro%2Fyz992c%3Fexternal_id%3D%24%7BSUBID%7D%26source%3D7078316_7304530%26ad_campaign_id%3Dcryptocpszd%26land_state%3Dbefore_render%26land_id%3DJ1mCFxLYUjKrC3y%26land_generation_time%3D2024-05-08_10%3A39%3A08%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D86499c559bd2486805021fc1e9bdd91e%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
DNT: 1
Connection: keep-alive
Cookie: reverse=574ZGtzEVj2HzFdx3CHhjMyrcDdv8OjCyRvvdAfPW2U; OAID=86499c559bd2486805021fc1e9bdd91e; oaidts=1715182748; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 42291065ae92d8f93817750ecbd56354
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cAjHiSbixmvtZhVjP8%2BRto2uGLAJQYmqTbSPZSX7UvF7XCM6%2FoYbIV3YPQwwCXT99t1Lwu1WuY9ofwM%2FTkjYS4UyRbfvd7dKC1SXZ5Sc8UhFTiw1%2F0PSFKqhdb6nLRQv8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a8a77cc97b527-OSL
alt-svc: h3=":443"; ma=86400

jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d

104.21.87.225

200 OK

50 kB

URL User Request GET HTTP/2
jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
HTML document, ASCII text, with very long lines (3300), with CRLF, LF line terminators
Size
50 kB (49898 bytes)
Hash
37ffb85c46cd9acaabf8cd7a20067d3f
798271cf6a379412dc9034bb68c23cb361b6c168
db672306e711819f92d19df2e9fb6875cf2a36a86f44319dc957c780cc49a97e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 15:39:08 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: reverse=574ZGtzEVj2HzFdx3CHhjMyrcDdv8OjCyRvvdAfPW2U; expires=Wed, 08-May-2024 16:39:08 GMT; Max-Age=3600; path=/
OAID=86499c559bd2486805021fc1e9bdd91e; expires=Thu, 14-Sep-2079 07:18:16 GMT; Max-Age=1746718748; path=/
oaidts=1715182748; expires=Thu, 14-Sep-2079 07:18:16 GMT; Max-Age=1746718748; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2FSQ74DBGJpx%2BAJ5yuPhOeTjNq96wyVUa7BcZGgNeX52iymn3zGcSR4hE08ysHBYEK8%2BzrjE4LzsOuciNWDw%2FdVHPcEc1in2%2B%2F60AbQ3bGYhl7ayU%2BFXuvGqiITqbIozrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a8a73a8b056c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d&mprtr=1&os_version=x86.64

104.21.87.225

200 OK

2 B

URL POST HTTP/3
jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d&mprtr=1&os_version=x86.64
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d&mprtr=1&os_version=x86.64 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Cookie: reverse=574ZGtzEVj2HzFdx3CHhjMyrcDdv8OjCyRvvdAfPW2U; OAID=86499c559bd2486805021fc1e9bdd91e; oaidts=1715182748; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CD03H0RjPWT7wdgAz6WkNH5uAZ5NUmUghIBqn8DwPpLlp1CC3qpxBpFrAslC7iaE%2BQFxtzj%2Bxom0R99ynyuBxixkaffKD52yrDKv%2FLCLfVc3PJRS6KaV%2FrudLNyz%2BW29Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a8a77bc7ab527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jaupteeglo.com/favicon.ico

104.21.87.225

204 No Content

0 B

URL GET HTTP/3
jaupteeglo.com/favicon.ico
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Cookie: reverse=574ZGtzEVj2HzFdx3CHhjMyrcDdv8OjCyRvvdAfPW2U; OAID=080056a27ba94bccff7510fac1eb5e05; oaidts=1715182748; syncedCookie=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Wed, 08 May 2024 15:39:09 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
age: 4247
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FEzo%2By%2B2yJK9Ars5RY8Jwg51tEXnS1YrZCsGWCLiRWIh0id2Evo3iEQeh2Aw%2F46xqMZ9zFPFZMGv7N%2FIDMucQgus5f3sj9kZvUi4fyK2TX0kkGCJMLLUdJHNExnsKD22vA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880a8a787dc3b527-OSL
alt-svc: h3=":443"; ma=86400

jaupteeglo.com/pfe/current/micro.tag.min.js?z=7015928&ymid=7304530&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3339&var_4=812097820494148469

104.21.87.225

200 OK

37 kB

URL GET HTTP/3
jaupteeglo.com/pfe/current/micro.tag.min.js?z=7015928&ymid=7304530&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3339&var_4=812097820494148469
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
JavaScript source, ASCII text, with very long lines (37142), with no line terminators
Size
37 kB (37142 bytes)
Hash
32d6dbd00a639e2cd10d1704b9159bd5
0dab4c95675393f1d0e13d20f13d80ee12e41d95
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=7015928&ymid=7304530&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3339&var_4=812097820494148469 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Cookie: reverse=574ZGtzEVj2HzFdx3CHhjMyrcDdv8OjCyRvvdAfPW2U; OAID=080056a27ba94bccff7510fac1eb5e05; oaidts=1715182748; syncedCookie=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=86400
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4PsOQ%2Fkz3syoqHlUpW97M4TRXOFDCXrkOKeU07r2OG6Q8rVsJC1Ick%2BnYsO8adqeVTqjuIEoGDkRSlN%2FGVMo7cBhVOO5S0jZNskQO72TLweQ%2FkMw783m0cCTDYBsVtu5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a8a787dd5b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jaupteeglo.com/sw-check-permissions/7015928?var=7078316&var_3=20323986_3339&var_4=812097820494148469&ymid=7304530&uhd=1&zoneId=7015928

104.21.87.225

200 OK

1.3 kB

URL GET HTTP/3
jaupteeglo.com/sw-check-permissions/7015928?var=7078316&var_3=20323986_3339&var_4=812097820494148469&ymid=7304530&uhd=1&zoneId=7015928
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
ASCII text, with very long lines (1418), with no line terminators
Size
1.3 kB (1334 bytes)
Hash
23730b93b5988e91fbef3d696a3fd3e3
b8ec5ac0226c950b0a4a0f6937b13f4bd48921d5
20293c4fddf7d483db0e1f9c5b25ba5e4bb13c40d0504eb38c0c516b43bc294d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw-check-permissions/7015928?var=7078316&var_3=20323986_3339&var_4=812097820494148469&ymid=7304530&uhd=1&zoneId=7015928 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=37c01fvxiduuq8n48d&campid=3339&var=7304530&ymid=37c01fvxiduuq8n48d
Cookie: reverse=574ZGtzEVj2HzFdx3CHhjMyrcDdv8OjCyRvvdAfPW2U; OAID=080056a27ba94bccff7510fac1eb5e05; oaidts=1715182748; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 08 May 2024 15:39:09 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4JUXykavIc57v73GSowlwEXpPFQpOArk5tDsxUXee4wjqZVH1j6Qej%2F5qGbj4mw9HBxlV6QtEm1BWpKsE8s2gm1EDTEaGSwPQvV75Dc2ihUmamX8w9JBDyBr8UezObcyqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880a8a793eefb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML