| glaiftaukru.com/js/_each-land-config.3299fec3.js | 104.21.8.222 | 200 OK | 22 kB |
URL GET HTTP/3glaiftaukru.com/js/_each-land-config.3299fec3.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65452) Hashe50959a36d50199dd1e5357099e71a21 e9bde06c83f10ac6300701792180dc50c298e79b 231a989a44135e73887bfa3a1a56a6205e7e00a00f746976bb4bc0601125ab77
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_each-land-config.3299fec3.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-1196b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7w3Uv09v3iYnxdtv0iOO9yninr21FwYbQXqqlR3BnnUDt0gJjkKO3EyQHy7c9wtb7fWiHi%2FJ%2FtTv3buqPtFFVuSSb9ADjrs3KvPi4E9KFv8rhidpZr7B190mXZbISTmuvR8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f32b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/s-checkLocalStorageAvailable.ts.f2fef93d.js | 104.21.8.222 | 200 OK | 271 B |
URL GET HTTP/3glaiftaukru.com/js/s-checkLocalStorageAvailable.ts.f2fef93d.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (330), with no line terminators Hashf23ca32d86f4a0e4179319172a667c74 a68d98bd989ff8804424b8b38f2104f5b562e4b4 0d92eabc50682ed456954a64fdfad12a54b3da489957e9e70479724f5503752f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/s-checkLocalStorageAvailable.ts.f2fef93d.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-14a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4A5%2B2qEkGBNr1hPMaKD%2FDwxejRSNpyB1oa9%2BPyTWgSVqTzDM4m2cHDYQ16D9deR0lczl2Ck7ec2UXsuoCA2aJ%2FGdDEPyoGIeoCoSN6oQ5RxEC9FpqSThonSkgULbKXkcsfg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f2db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/sweep/tokens10k.png | 104.21.8.222 | 200 OK | 82 kB |
URL GET HTTP/3glaiftaukru.com/img/sweep/tokens10k.png IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typePNG image data, 480 x 500, 8-bit colormap, non-interlaced Hash10337a4976db716ba3b8cad1f0f1f736 788015c74e561249cc5318fc178e564b68bce44d fef211dba7465da86e75019f78dcdf59af496394963b0bc6cc78b02286effe58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/sweep/tokens10k.png HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/png
content-length: 82163
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-140f3"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zOV7A0Ofn8v2172S%2FVMXi6vx%2FOMFQTUojIImA4LRqsRQVTo%2BLJy2JZBBOglZEZxPPk8vWzBZSXHQIikauPqcxqSsKhrcADRtcSB6ptscWxLupRWdS7Vt596snFDRnhQSmJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7106983b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-html-to-dom.js.ff1ae7e0.js | 104.21.8.222 | 200 OK | 765 B |
URL GET HTTP/3glaiftaukru.com/js/v-html-to-dom.js.ff1ae7e0.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (364), with no line terminators Hashe7384582d95265db33b2a41c0a31f41b b609bec5a8718ab1c9c27a197a15e9a434c36dde c631c08f52c7380fc8f8f0247d68f9171ff8e63d41d7885b992f1374af5a995a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-html-to-dom.js.ff1ae7e0.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-16c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TbnAkYl959zz7wtBBZAci4Bwt8F0uZ9Pw3Gr6fjO18LgWjCalvYvKKuFBTNTLIWMlwOIu0pMzP5qCT%2F5st2PzQG6NZyW8H96nF2S87XqXiIpBUfN3HAWpW2U5vFmor1JdkQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7103946b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://glaiftaukru.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:18:08 GMT
content-length: 0
access-control-allow-origin: https://glaiftaukru.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| glaiftaukru.com/img/comments/person-sweep-3.webp | 104.21.8.222 | 200 OK | 582 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-3.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash8347ebfbfa18beba17d356a3dbacb100 f1d66a05e07953cea27fe277e72a495a8e3de2e7 318e494a7bcf7cb28173e54feebeb44ba93b4c17a423c7036d2fcac40e4db6cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-3.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 582
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-246"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TEBKblEmA032ei2wDPwSs8JAh7%2BbOYxAq0mL81ngmE4R5az3BqtAtOZaCm96dQ4FYKBKgVM3KC2JvXFpy7XoOxpAaTd5hJP4bwwZyyWL%2FVfBChQSFUSdNjlpdRduxUJy86c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a60b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-12.webp | 104.21.8.222 | 200 OK | 668 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-12.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashc57b8a772545ee6e05fedb58c143beb1 6cb5aef79f86275a725cfdd406c7038b24d80aa9 03389ef007f0fd3486a5c71848fd2b67cc05341cf449bcdd34a81a1d4048b090
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-12.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 668
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-29c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UuaGIzku6VII0XRErMv%2FuHjZrgY%2Fu9WhkdO2G1RhxzcScv5Q9EGcXS3CtTHV4p2G31JDliKeUWiYsvppmosS7m0AIIWHqkDIbeMlXy7A7a2QvVQIC4fS68Jrnfe3Hmo3kZ0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7115a6bb4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-index.js.da9f7529.js | 104.21.8.222 | 200 OK | 14 kB |
URL GET HTTP/3glaiftaukru.com/js/v-index.js.da9f7529.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (40985), with no line terminators Hash47a5b821c80a532b5e989cf87d451283 c0f9e87128e1d7d634649fb3c7b6c08f714e79bc 2526538666fe9c7811b9afaf71794b4f8cb4f0751f62872e1a0d8c3a6c131f07
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-index.js.da9f7529.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=40988
etag: W/"662b7651-a01c"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSHRQV2b%2FdLFlkP58XQV4RgwilARaqvyr2p0XWFLYZRM7VJpim9GvHkUkIqj4kqmbOYE4kj0mFVppaFMUMko%2FBbXQn%2FJ1EKyDc280PuHM%2B2PW7B4uXJe061%2BuPoUboUSFzY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f23b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-node.js.28d8082c.js | 104.21.8.222 | 200 OK | 2.4 kB |
URL GET HTTP/3glaiftaukru.com/js/v-node.js.28d8082c.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (6251), with no line terminators Hashf61d0e9af048cd71962dcb945f405c63 aefdc99a8057ced201da8aba0640905dd05375d8 1d383bb00e9e3a4d2f58354b41bc0ffc60516bcdcf4486516b8638236b0aeb9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-node.js.28d8082c.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-186b"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XHcS69rmxij4CVYe8y2X6lEQU%2BZn673%2F%2Bcm1QGSPG98u7UzejjZ%2FW5RQ9Aa%2B1KdcxIis6c934aT1cNMCv%2BAkEStpf28TrxF9OVUcQra5RgXc8785o67T4hWOdO8fh429D%2Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7102935b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-constants.js.49317f47.js | 104.21.8.222 | 200 OK | 894 B |
URL GET HTTP/3glaiftaukru.com/js/v-constants.js.49317f47.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeASCII text, with very long lines (600), with no line terminators Hash973e735a355fd5b10428c250e8fd7236 bd3fb14c90e2700400c69b15a84e317d52493bd9 16f1d5ca604ad59b9e5b484b1a0cf2d43eebda055ecee80ac847fbcc4437f0b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-constants.js.49317f47.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-258"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2Fa1vcdF%2FM2C2EBpWLJv5QAFw5xKvxLllULr%2FTNcsUkCrCj8qbVlzF9g%2Bl9H%2Bo6IKGSY9%2Fx7kq767jmRBeRbB4EKEFfHigPJUPHbLgeB1h%2B%2BeBkANJ%2BvnVJyCWgWxt0hcKo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7103947b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-1.webp | 104.21.8.222 | 200 OK | 862 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-1.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x52, Scaling: [none]x[none], YUV color, decoders should clamp Hash384118eb5e49870ad443d90051c692cb 35a73704dcf55b3232f2e9cfc333ff2ecfdcc19f 1ae21006f04f15e16a8057644615cdf8a8a9b39db706f53ba9a925327a6a1635
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-1.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 862
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-35e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4x4kxU2cV2it7jQxuAdX5Z%2BJl%2FTZYrlM%2FCdiDsN8ZyPku%2FRm3aDA8in2ahCkDYLV6xDeZBiOqacBvZMufAJILFuqksfSKor14OGlE5Mv8lBgsA4PpKJwPmfvtY67HC9rNH4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a5eb4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/SurveyContainer.e2959212.js | 104.21.8.222 | 200 OK | 16 kB |
URL GET HTTP/3glaiftaukru.com/js/SurveyContainer.e2959212.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (57082), with no line terminators Hash0df7a0f05192a1af311ce45d48639a89 df29dce5914578a52af5f516ccd18d289d808951 4cde10689c1ef6c2f58585483fae6d656ccfa1d16cc282dcfbe6cb89700ae2dc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/SurveyContainer.e2959212.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=57085
etag: W/"662b7651-defd"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rySqLRnbQIadVa7ZpsswRS41pY8X58zqt1QZ2iI8xBM4SZrfg6f7M%2B1gRGPycMXmnaXIhfzG%2FmksPhUpMaU%2FGQBz82TsnO3UfTsxNrWzKQD80WxaILx0Pd7%2FG%2B%2BsnhAVfdc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7103948b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-5.webp | 104.21.8.222 | 200 OK | 588 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-5.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash25e1107a0e365082ccd6093e0073f05c 7b0d3c741f2bbabbcac99f29bee8cf2f9eaa1841 935ec86b128c0bb7bfafc5915a46c0c3709c47b90509e26e4c994d8ef5587cf2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-5.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 588
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-24c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djg00igk6PHYuA%2Bxfyl%2Btg4Lpt4TV08QUC5vghPGdC01Ow4b9zdfQAXBQtv7vyY45%2FExe1VF%2Br9F5HI%2BPRoKgUBByxh191hDEThlndmGZRgADUZEoqcuVegmkwsy82Jyzxw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a63b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-9.webp | 104.21.8.222 | 200 OK | 818 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-9.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hasha61b1f29004e5a54130bc57051a49c0d 7f60eef07e311b3598895343111d90282a002ea0 b3de11ad2ace70aa9786af4a9e65db774466fe25aca16e16dabdfa7ec76b0a53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-9.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 818
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-332"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hmq5NpBGFN6OiW1QhaMN7OEnwrSPV%2FSrRT8iKyQ%2FrpoinHL5zpTb2Apj2GB4cb1%2Bh27d3vSfcawO82YSnsZ18Bo%2B2h4c1D%2FUNbrw2r6gj%2Bd%2F9SIBtCQFFyjpa%2BitW3QqZuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a68b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 693
Origin: https://glaiftaukru.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 253117abe69f4431a60982c0882e3de6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glaiftaukru.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| glaiftaukru.com/img/comments/person-sweep-10.webp | 104.21.8.222 | 200 OK | 572 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-10.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash206819c13484a7a818f1e4499be3704e ada2f34308d6eaa0d004ed0c732e5a3aa7fda1db f4eed862cbcf8f9ce2bde63cf3e13e73ed3e58ac93ec4bb14301b248c4d58e1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-10.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 572
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-23c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTut3kioLw7%2FR2yb720gE4uOLeJUo3jtvoUnlbp7mL%2FTJgSm%2FOSEFCAjaujXy9J8tlqOPhVC45YqprLe4i6QVSvKQi4V3awOfnuOzMN3u5RQEdUWa2LeM9Vrew0p752YUA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a69b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-15.webp | 104.21.8.222 | 200 OK | 576 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-15.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash6c0726564aa84c5f1161bd0051e0c5e0 6df7e7122e0d007e7ea187c3c35fbc869f8ef8e5 98ff0218f67c0bce5c834a0145c686f56d3a7ca1b948341a3181739da66883b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-15.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 576
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-240"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j0rkdgC0xApTUWrYE4SaA5iGUY8Kvuz1yK6%2BtI6F4TKImefnezfqhHu0JD%2F5ZwFxk0EADqwVz6zwLC3q8New4kdt5qgMvKkY1%2BMrj2E6G8wUBB3tpvXBZfuiPyRkUdDc34w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7115a6fb4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-16.webp | 104.21.8.222 | 200 OK | 734 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-16.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash0e8c55db8fda61ba2565a293b72e36e1 ef9deaad0f8a71da57252bcf543ea369673d39ff 79b1a144ec7d571b7a155cd2852da72e89b2954affca1448001e3fed2227cb34
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-16.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 734
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-2de"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7uDqr3iB6PR14FVQ7m3fOSQcO%2BZCgochPY8haOZYxSMEKuutTtO1B9OTwSoXO%2BdMzIf9b0APwWyPdEyx4kXplgp3VDnvNJ4Id%2FsV7f7VH1DP6aKsOAydu2yeHP3CVMj8cg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7115a76b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-attributes-to-props.js.a2e7cd04.js | 104.21.8.222 | 200 OK | 929 B |
URL GET HTTP/3glaiftaukru.com/js/v-attributes-to-props.js.a2e7cd04.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeASCII text, with very long lines (702), with no line terminators Hasheb57bdb06e45aff1918587283bf415aa 27d660f01e5c888c9d38a6f784ee2f4458d7d89f ecdd5f30b2bd16e4aa0274c6fce3d598419837aa257c285f2e6d18ac5df9ce0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-attributes-to-props.js.a2e7cd04.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-2be"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q4FVcw1rslggBA2iNPX4KGYUumlHDsx5iQywX4TUi1trtc9A5Jp%2FDplc3uyeCqemdL40UaBBaQBlbSpibySFXCflPMDY6Nm0kj7oEYc4%2F2TOccKk%2FMEMhrpGeR3O6hwVaww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7103944b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-13.webp | 104.21.8.222 | 200 OK | 640 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-13.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash8532ec97225298a9c3ae5e393f62e462 fc26fa010830045fa91a16ac9b8c89c45bb35232 9c45568c99b7782b240341ba6729ecacc59d41a8ced9b9846ca4ac51e50c5320
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-13.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 640
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-280"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xs16AYeoyhYsEu0xkzHtRxqd%2FKUhpFT9AClTw5w0o7%2BLnH4lRpDkklxuyjqA7eQd3lAQbf5bjVbYjU%2FuaLAXsP3yQP6VpJi1KWYxOaKxpaACN25F1WTnKg0PmmEJfbeLBik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7115a6cb4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-11.webp | 104.21.8.222 | 200 OK | 502 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-11.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash7ec874233fc75e1ec8df712b7ebbd7d2 cc219fb2b7e6057a8303283023dd1aa09a082455 9bb6b14a5a503d3c52bc6fc2e7c236a90e7971ceb41cb99e5245fcfc39ef328b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-11.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 502
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-1f6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y24cTSWziTEUPc5mrrjyoqRsU%2B9O8bo4xxC7pttDyBcLEHeIC22p2VhSXiGXOOpUk3aVein1kW%2BU34fAQxnvyzaFhJv8I%2BC%2BDRL2Vcoa8thPjDOVi7QMj242tRcRbtIWEA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7115a6ab4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-14.webp | 104.21.8.222 | 200 OK | 626 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-14.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash7c494127025f1ec09a96c16bf0531a36 0c2f9302c41f99da9fb5eead2c364bdbdf435156 e6443a7cdcc5ee11ece88ce10824fd79851700e4bd3dc6259d1a816182b82e5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-14.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 626
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-272"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gunjw%2Bhw1uCssXzEnTWpIxkXY09A1eRLJoyHb0dP9QCxVCr5E%2Ff4raCZuU0CWRn0Mv4jsSSHv7rHba2rTKQv6Gy5nWThtElP0oLcCkDLwf%2BrZ5f%2BPNwRi19w5%2Fy8%2BBqNTZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7115a6eb4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 0 B |
IP139.45.197.248:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://glaiftaukru.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:18:09 GMT
content-length: 0
access-control-allow-origin: https://glaiftaukru.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://glaiftaukru.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:18:09 GMT
content-length: 0
access-control-allow-origin: https://glaiftaukru.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 175 B |
IP139.45.197.248:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hasha7fbccd9aed97a405c912f014e54e33d d1f5a4e6a184f566d272fb282c7719dac8da4d38 27abda38a3b61986ba145f4fc9a02407cc4649fb26b3cec1a4bda41b7cba21c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 153
Origin: https://glaiftaukru.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:18:09 GMT
content-type: application/json; charset=utf-8
content-length: 175
x-trace-id: 4ead3f9dfa5884676139af592df4a69a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glaiftaukru.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 2429
Origin: https://glaiftaukru.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:18:09 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 69e995a95ff7a3b037280f263f648a85
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://glaiftaukru.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=9a2f1abf-535f-444f-996c-3de81d652c88 | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=9a2f1abf-535f-444f-996c-3de81d652c88 IP139.45.195.253:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=9a2f1abf-535f-444f-996c-3de81d652c88 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1349
Origin: https://glaiftaukru.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 04 May 2024 07:18:09 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://glaiftaukru.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| glaiftaukru.com/favicon.ico | 104.21.8.222 | 200 OK | 1.2 kB |
URL GET HTTP/3glaiftaukru.com/favicon.ico IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash668ba1a9fa1890ba16cb8adc28d3dad8 5e35223b2541265114eaf61b9da2556c812fea17 7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:09 GMT
content-type: image/x-icon
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-47e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWz1vJ1yew8IXeB32dul2fRFOfL3cAQ6zvQZmB4jgSflAwuXf%2F5CLG3%2B4F4nxJtuXxMfRfTxVSjWYdkpSqHGmS8aSGuvujfYVqZ5x2X1KoGy2N1rHjlj%2Fuxc2lP%2BL44vsmw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b713bc2fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/_core-survey.1b09882a.js | 104.21.8.222 | 200 OK | 45 kB |
URL GET HTTP/3glaiftaukru.com/js/_core-survey.1b09882a.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators Hash0190c361e1a4f2f7239f497544c5e616 27a6eae98d28880bd36f9024c7bdae0f41623a5c de932ff55d7e505890689d887ac80b2ca7bcfbd491f49445d0314c982bcb99a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_core-survey.1b09882a.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=169676
etag: W/"662b7651-296cc"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KrGR3%2BA8Xd90H5FbUVwW9UirCr12ozjLWmzzwfP4Ie0gI9GKrmiZ3EQYRIUIDJUOKlbB2r8qnx1dy9S%2BVUbYJkL2%2B11hWZ%2BZmFKA42dDX4xLptYieL1EH%2FjL1hGHqNnlMFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f36b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/config/sd/sd-5-en.js?v=10 | 104.21.8.222 | 200 OK | 4.6 kB |
URL GET HTTP/3glaiftaukru.com/js/config/sd/sd-5-en.js?v=10 IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeASCII text, with very long lines (4851), with no line terminators Hash8d34af22a6b8218aed82279232b927c5 f1a7743a6e773bf350e626fbe443597dce8647e8 367930856e79c401dd6207a329f77a0f060bd2884598187a2d4a62dfc3018248
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/sd/sd-5-en.js?v=10 HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-1216"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLDPnITwxpt6eel0zZVRz3fRNSVKtjnKagdhU1aCFGWlL91JvPw31c1HZhiVc%2BYi0LLBdoHEpJptDThbH8HTGMkrJTeNA0WQYVx1mx26H02Mr1Ev5%2F7ShdaFmgH4kCC2JEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70ec839b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/config/dict/cookie-consent-1.json?v=10 | 104.21.8.222 | 200 OK | 6.8 kB |
URL GET HTTP/3glaiftaukru.com/js/config/dict/cookie-consent-1.json?v=10 IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6009), with no line terminators Hash4b2ff958e811a50d2f641818590b443d 6abae297812bb55fad869e953e7fdf7469cbe1ae 9c77a5f3d0028d9ba122ed15728ee7b144619431f8302503a19c5785ddaa06b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOUoOklmIyaIMAwA1L8NpMeq4tsybCVXjiHQ%2BwHh5o554grVtj%2F%2BkEDji2dcE4ln%2Fx%2B2rbFuPkkwrmBLfxSrV38ipTP%2FNGN%2BJbQZBwDSzZ9Wgt9wtqxZx%2BBQkkzY5iZ7j68%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70f186eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/s-storageService.js.bb9f7a22.js | 104.21.8.222 | 200 OK | 2.2 kB |
URL GET HTTP/3glaiftaukru.com/js/s-storageService.js.bb9f7a22.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (2216), with no line terminators Hash803fe057e4762b54a284184815cfb62e e748b6c77988934fe2b458b61a93e35f22cfecbc 0552fbab13dd0597298180b4d1c5e1a8a2ca66e121e3ab892f100366c8d45d3c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/s-storageService.js.bb9f7a22.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-87a"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3t0e%2F0VI3mbx6RN3f13lSGYm7VMqK%2Bzbz5gKCdS%2ByZ7vw5PipNyPa4%2F7%2BAJMzkQZ5CBAsW%2Bdzwf1Wi%2BZ4LAbVMczi4d%2BNa%2Bbeqn9%2BG7I1eCyCUL1qC6JkbDWMLrWjce9nl8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f24b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-redux-toolkit.esm.js.fe3487ca.js | 104.21.8.222 | 200 OK | 11 kB |
URL GET HTTP/3glaiftaukru.com/js/v-redux-toolkit.esm.js.fe3487ca.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (11319), with no line terminators Hash5aa3676547abc9a38889c09e69ca968d d19ea919192e86f97c34c0a5959ad05c52299aec 21648e7ba668a077e403b6bd1a38f05d55d987737b959d57e3b3c53787107eb7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-redux-toolkit.esm.js.fe3487ca.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-2c37"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SDIEP9Z9k1K0WG%2F8wW1JvfIGqMPZ1HTiHr0xVtqIvedS08nkMJUu67wCiZ%2FET%2BBn7UzKnzB7GBg2hmYfEUodZGsr%2BLe%2BN1CDf5OA83i0cCOdXysYr5yNcrc%2B7MjEV32V5R8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f2fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-8.webp | 104.21.8.222 | 200 OK | 696 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-8.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash6a6742fef0cd1bd74f6da94e9fb833e1 ccaae2ff48574bbb04072b2efc5864b9177017a5 96bf5ed5aa8149269a215cf19a17889c762b8cddb2fe36229849c8379c2d4aa6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-8.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 696
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-2b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVlJpsNwIC8IN2pE1%2BbwRccIXzMh4Nf28WK7h90BfNZtaxpLzzJicdcwClcPuZcFI02KCHxV%2Fndjwa0TsVVQBH4x6k8tohyZqyGbaVOldCN5lCIrVi2khn%2FKpRnc8NqqgAs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a67b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/sweeps-survey.html | 104.21.8.222 | 200 OK | 7.9 kB |
URL User Request GET HTTP/2glaiftaukru.com/sweeps-survey.html IP104.21.8.222:443
CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeHTML document, ASCII text, with very long lines (8134), with no line terminators Hashf99d54c9ee3865f982d1099bdc61155f 83955028f7a58acbd0a2199f79ae501d6d3afa56 d122da6bad371a70444aede6db6ac774d49b2f913ef0c9b83a68dc38dfb48379
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sweeps-survey.html HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 07:18:07 GMT
content-type: text/html
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HNGtD8ntDNyeteuNKPXHqlsUV1kdwMD%2Ffn1SpJNMNt26ZO%2FXEvuDidhtW0vzGfd9BchdzrfIx98EGHUt9PPoOcFJs%2FpE0a2OBqmgUc2Gq6hvOZj%2F6wFTEfZveD2vro1c1ws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70b09d356b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=lz9umbmq0u61thc2a6qp07fyxn5kjse1 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=lz9umbmq0u61thc2a6qp07fyxn5kjse1 IP139.45.195.8:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash234589f09388555fc032b223dbc14979 7436e0b5d3ee8a557fea73bc544059489bf97041 d29c28b08b1aed2410afc4cc370c418e469eede5abe14fbe8cc66120f7636e87
GET /gid.js?userId=lz9umbmq0u61thc2a6qp07fyxn5kjse1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://glaiftaukru.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://glaiftaukru.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; expires=Sun, 04 May 2025 07:18:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| glaiftaukru.com/js/config/comments/en-sweep.json | 104.21.8.222 | 200 OK | 4.9 kB |
URL GET HTTP/3glaiftaukru.com/js/config/comments/en-sweep.json IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeASCII text, with very long lines (5602), with no line terminators Hashe365b2a50ff785aa57118984ebc86b5d 0cf187164eaa42ff7e244ba653bbde659feaa5bc 3094a84e8e909474fae4e0db6685d9b407d4493efd9389efe35caf326c95a6f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/comments/en-sweep.json HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-12f9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vrwKOGVsgcbZiUbdBOThMgeBPKFIOna37YDxAYPsY2BTD7pbIB3oul0D10qELxmDVo4LecUY7B610X9QYVSgrQsDBV5CQDYmGTIYLJI0QHvYZa6W4ZaJOLGYOn%2FGH9a6Tl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7101928b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-2.webp | 104.21.8.222 | 200 OK | 538 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-2.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashe4d97f0d392aca4fa78b0928438d0168 55f713d8826a9a65e11fddf4c5fa4ea5939953b2 7058be64334990621fbc8cc06782aac5116c6e8a6d7700d892cb8b36f06c5866
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-2.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 538
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-21a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHcgmxveF4Chl%2BD9eCr4d1O16fvvsUK2raDp9ilhj0g3x%2BcPJrRzK4NawHxyTvp%2B99WBIuDvW%2Bu9qmpwJgi6l8S3V2gaThRn6KHGG4U9CiS4Kqdthm36kqwMRy0BdiZakuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a5fb4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/_rtc.f86a36d7.js | 104.21.8.222 | 200 OK | 12 kB |
URL GET HTTP/3glaiftaukru.com/js/_rtc.f86a36d7.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (12222), with no line terminators Hash128d6eec0793a7e02c314d2f6245f260 c9f09311c3f229b770f38d0cc69b422430f1c748 bf1606ac64db254cc565a094e7162a96f31f7e48ddece56fc92c654559e5abb8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_rtc.f86a36d7.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-2fbe"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bjLMgFxD0we1R3BxV3OyCqym80QnZ%2FxOqrzKkDJHcO4rMgrH1QWgmrI7tsm8xbZdI9u%2FvDbweDrBwNKpSxNYp9i9hw5MT1tBjTJujV9%2BhiFGaJ%2FoClBDxubiuOrQ6l%2FMQ%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f22b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-react-dom.production.min.js.c3329619.js | 104.21.8.222 | 200 OK | 129 kB |
URL GET HTTP/3glaiftaukru.com/js/v-react-dom.production.min.js.c3329619.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size129 kB (129356 bytes) Hashc53e5e3d8c5ca5f1c4edbce65426edfc 36cc2e7e0b893d82bf5f457c7a62374019d0f7aa ed83bf6bc001bd6f841c76b67aedfd3bc02cb28fb5537a1d55804f5ad0515e39
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-react-dom.production.min.js.c3329619.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=129359
etag: W/"662b7650-1f94f"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uHZim%2B7axg24jiQi6wvm8mo3kUWihXCwORCa%2BpS419OkNlnleh6koRgII3bZ8q2N41LNAtUzEmZo9qIvyOVvLJxlvblo9xP7OtE3GvjjWAE93HwDR104mq%2FZ%2FETlBeFC0vY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f35b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-possibleStandardNamesOptimized.js.205abacb.js | 104.21.8.222 | 200 OK | 7.6 kB |
URL GET HTTP/3glaiftaukru.com/js/v-possibleStandardNamesOptimized.js.205abacb.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeASCII text, with very long lines (7923), with no line terminators Hashf80cb2aef29b4a80d135d1a598ce1dfa 0653306df1fd8d8591f84661643825e41684d3f6 43c16ae11cea687efa4ca55dec516b23257c3fcb22c9d3541041f1816aaa7b5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-possibleStandardNamesOptimized.js.205abacb.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-1d99"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HiXrAsEfc0pfk0vKFNmmIIm99Pp712j4dixiGET2h%2FIOZvRlmsZqQAgaL137dXo0bpBhP4ymvu%2FlNYOmDVHbbmUmxBDePle%2Be2oKgw97ZRnZnhG5xtIAyI8oU0Do5q40xMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7102938b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/sweeps-survey.724f05c4.js | 104.21.8.222 | 200 OK | 5.8 kB |
URL GET HTTP/3glaiftaukru.com/js/sweeps-survey.724f05c4.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (6111), with no line terminators Hash8f7b854a31f40bf9be7af8ea81b5f176 bd2ea265c24d6147930a142b34527dcb4d55879e 0f7d320f1c7de2e4777cf2a8c99fb464188c4d196fb82c640f6d1b3d6f592cce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/sweeps-survey.724f05c4.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-16d0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ftmGbymvtGymgjGhlC1Psw26ncaSYmg5GMrx09rVOMhRpq9%2FBBry%2F8zCpOFjxdvjgh9QCpQgSOOvT6xTARg3OH2ET6Bt0F3tO87eY%2B1Wa4vWkGjw4gkzL0WTgYME4kUkohw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f39b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/css/sweeps-survey.f5ae42b0.css | 104.21.8.222 | 200 OK | 94 kB |
URL GET HTTP/3glaiftaukru.com/css/sweeps-survey.f5ae42b0.css IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hash895c99e8dc2cac2fe41b6e4623314c0e aa530776c5425e3f15a8ad66ee1bc43840172ac6 bb88f272fbb80a919f86655f6cffff6d8419f09b60e279c9727d904f16d73d9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/sweeps-survey.f5ae42b0.css HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=93694
etag: W/"662b7650-16dfe"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RYDoCppobK8sQPEsRR%2BkUGrGvwnWzANEGv97q7y2hS0jbStLqCdyHRZuue4%2BeF8gYSFtsCDQHY%2BLoiDTMv7T7Fp3eQsNBjty893fxkvkWXCYFw%2BwND5HDQpeyUMSZL0lPiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d9f44b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/SweepHeader.b279c2bf.js | 104.21.8.222 | 200 OK | 1.0 kB |
URL GET HTTP/3glaiftaukru.com/js/SweepHeader.b279c2bf.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (1037), with no line terminators Hash2e626e379cd279ef9c48f14ab477b511 f2dd393696f57bf5b57f83df9e0dd5b7c5f529ef 8c1a40755ecf0c0d6fd8615a51af69a4867071ad92715cbeafdd16f061451627
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/SweepHeader.b279c2bf.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-3f1"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2BWS7%2BKsExVrfNATkTLc3ULLM2VqFrzWAe3pHaNNl5eVCkiMKX3y5vxCAMMFx%2FLWoePAdKucKZIUGBQBz5bWCKcm42MmUxKwlnmJdZWqAiCsVbS8RDMZZscFQ2hZ3V4JaCI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7102931b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/css/SweepHeader.8e7220ee.css | 104.21.8.222 | 200 OK | 369 B |
URL GET HTTP/3glaiftaukru.com/css/SweepHeader.8e7220ee.css IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeASCII text, with very long lines (369), with no line terminators Hashb3e63dbf70b8e4ad7c5ec23726112e15 e083def5d026fb5bc171c3043f714fd5d859f82b be1433fba47a27551a04629ff55f1a1d944922016569342433d79f0200d8959d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/SweepHeader.8e7220ee.css HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=370
etag: W/"662b7650-172"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I1p78GFcveALE%2FIKWLVJEdAZ3QHil%2BV5godUHJFLBCugGjLrvjxcpXZgTy1SuwMddxftfngCptdIUtDASGsd0FrVAxT5F5Zkr714iq7acd4x27G4BLuKFxwrlP7iZkNR%2B84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7102929b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-7.webp | 104.21.8.222 | 200 OK | 610 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-7.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hasheb52e160b8ea5a1e0de8b2453f46d642 4d28311b4ca822a0a74e318c9d1f54def088b509 2e9c67781abf2cfbabb240bfd08ca836658063849f3303b85027203eec1d37c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-7.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 610
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-262"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kG69C2EqRz2GV0BeECBt%2FcV7qi8GiwEM3pMQ3XA%2B76yVTMa3ibn4oao4GOgAtpFt69gEioyw1ACgWHa0rq8HNw78g%2BQeLsn8gV7ciqTqss4UxEhFBdi91zBWawBSlLOquF4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a66b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-6.webp | 104.21.8.222 | 200 OK | 462 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-6.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashdfb961fdb848e75591268fde9c186902 2218e96a5c5081f5bef43fda74fd8f0cbb025003 4cf92de9b24fb1484bc1d97880c20589e113b9b1f065df1963e0648f3a38474d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-6.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 462
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-1ce"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qNOP9JAJ1fFRcz2DIW%2FFdsaTZk558BkC3E9kgfy7%2BrrIEHq4YOy44gpPe%2FzDfPv%2FYaSFKmWYkqfYbCxlOYCZi9UthrT7WiovkOC1KQKLTSrdW9oAoIe%2BIn11ZiAEhZ8%2FEyw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a64b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/css/_core-survey.d3ac2ee0.css | 104.21.8.222 | 200 OK | 83 B |
URL GET HTTP/3glaiftaukru.com/css/_core-survey.d3ac2ee0.css IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeASCII text, with no line terminators Hash30d726a40ffe74d794b282ca1795b44c b43155653a1b9cc8d257687df9a75e0f204db348 4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/_core-survey.d3ac2ee0.css HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=84
etag: W/"662b7650-54"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EiQGmBE3aXsxgWUx1en%2Fa%2FDfUWNkjlflwqqootMyvPt%2Fio3L3fh7U8nGkB1vahk3hRlKZHMyqDRcS%2BqB8BdHQc9BXwD7X%2BDwar3AALKM1KjTygKnAboHhMfyAMve%2BV6sB58%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f40b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-index.mjs.19622407.js | 104.21.8.222 | 200 OK | 35 kB |
URL GET HTTP/3glaiftaukru.com/js/v-index.mjs.19622407.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (35287), with no line terminators Hash1de1ec2d8e7940b88970d8fbce40ed6d 510aa24127fb8bc3578d9ca4628b2eea5a84ce01 b473156bef833bcfb2e84658093f1ebc1e64011dcba904e26ccb31f1cad8b762
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-index.mjs.19622407.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-89d7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZVSvr%2BqXbbKInCFt9xXtyN9ZTrw3jbhRMn0x4yIRKiIB%2B3WhcUeuBcL6N17BjJVM%2FqEU0pdsgfjlIhsgjEJXlKZdEe%2Bslixtt1ER%2F3zO8J%2BPy0ZIV4Y3EnX7Nm502DvA37Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7102934b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/s-checkSessionStorageAvailable.ts.e8412d91.js | 104.21.8.222 | 200 OK | 330 B |
URL GET HTTP/3glaiftaukru.com/js/s-checkSessionStorageAvailable.ts.e8412d91.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (338), with no line terminators Hash6eb1ccbb769935debb74de9858287720 5302f94074f05eb22f05368dfe3464b85c89fb48 1e016cce8f09ded837e6e46c9e26d5dddccc19bbfa89c9dc583c04d85e2c7bb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/s-checkSessionStorageAvailable.ts.e8412d91.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-14a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjJ510aS9urYqy2L1xh95SnM84eUG3xBApO9wxRfu%2Fgue245luaO0gcOf2wOkG3UVSMJA1gCeso04fBLUzyRirWOP7ndeHK14zc0NIwLZyQuyC8Q%2BQPL4bPP2E4Nc%2FC%2BiU4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b70d8f2ab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-dom-to-react.js.26fdf751.js | 104.21.8.222 | 200 OK | 1.1 kB |
URL GET HTTP/3glaiftaukru.com/js/v-dom-to-react.js.26fdf751.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (1101), with no line terminators Hash5693cb2629dd3231ce6fed788c41b150 872d71cae7dddc37389be6bae0fc4a5b611ec9c0 b312636bf1d349d818517865e89c22f8b9ef9e61d1805cf315e44241ccc05d26
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-dom-to-react.js.26fdf751.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7650-43d"
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDHMnoml7jUz%2F3eUt8fnRN5pSyhbfxrtkpyleQfoomeSz1KMrvISdEGcw8Qx9EHEX0Gf9X1MZIkRTp96LZ0ck4fvfsfaQCM5xbOFxeDvlXlvVXGiGuzTe0ZyGZ0UIGmK0m4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b710393fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/img/comments/person-sweep-4.webp | 104.21.8.222 | 200 OK | 800 B |
URL GET HTTP/3glaiftaukru.com/img/comments/person-sweep-4.webp IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashb1c95558f71bd6614c52433c225b6a28 7c903c12b48199ac1e1b3c8846baf12693b97a28 8e5987af9fd886b03617f6e4980035a877697b9ccdeb9f002c41baa1d6ee8912
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-4.webp HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: image/webp
content-length: 800
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-320"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DV5hG78crKGPavl%2Fxf%2BGbq9ei%2B28XroIJtR8mfLBCS361Pp4W72Lf7lx9vJd0ObUeEqxyMbrAuPKNFY51PVPv3%2FNMInKrq4L49nX8U12fl4Elq%2FmXBf2dB0SeVGXN2%2FsH08%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7114a61b4ee-OSL
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-utilities.js.d1112fc4.js | 104.21.8.222 | 200 OK | 2.6 kB |
URL GET HTTP/3glaiftaukru.com/js/v-utilities.js.d1112fc4.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (2645), with no line terminators Hash3f45699a0edf3555d230727e3e1ba866 f30b9f52153e77b9ce60a30ecb15f36657792908 1b312ac32a5c37ffe1c4bf861a048a76d807155fe494adf5dd356d067367f488
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-utilities.js.d1112fc4.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-a11"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qn5M5bnU9gJeUp0nOLymsCQrQvn438fTL7GWlh5XXrk%2FKdLZ9NyKbyelnnDARdwlne8TVATjLinbeDBdSDzwKU1XwgwN%2BiZZPCjBbmEZnodva98w7NneT4l2xxlMs0YAw4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b710293ab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/pfe/current/stattag.js | 104.21.8.222 | 200 OK | 19 kB |
URL GET HTTP/3glaiftaukru.com/pfe/current/stattag.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (19053), with no line terminators Hash3a74216e872211a9c770302bb7d4a63f 7e63556174a7d66eee407218e503ec0aae2c0f9e 03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/stattag.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662b7651-4a6d"
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7jSLO6Pe8A0UuPlbKtLCp4wV2Ilfzl8dLT3yl0iJpkrvUJMK2rgRbnM68QjIKR2KyClZbHm%2F5fKHVqnahlism2QAolEnmlPaJVuapEwZvIQO6EVMuAMCdSnCHKQZkXdvpQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b7100912b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| glaiftaukru.com/js/v-domparser.js.97173b2e.js | 104.21.8.222 | 200 OK | 1.7 kB |
URL GET HTTP/3glaiftaukru.com/js/v-domparser.js.97173b2e.js IP104.21.8.222:443
Requested byhttps://glaiftaukru.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectglaiftaukru.com Fingerprint8F:B6:5D:4D:FF:45:3C:67:8F:A9:21:40:AC:E3:5E:B6:A9:3C:26:26 ValidityWed, 10 Apr 2024 07:08:16 GMT - Tue, 09 Jul 2024 07:08:15 GMT
File typeJavaScript source, ASCII text, with very long lines (1772), with no line terminators Hash46dd2964e007bc585a8f72ed695089e8 d02de9abf34cf05d707899e2562c067a8e5326bc 96d95d967e2f5ca4a1be19cf0d21f756ba2d0295ad5f4e967048054e85f6072f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-domparser.js.97173b2e.js HTTP/1.1
Host: glaiftaukru.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=lz9umbmq0u61thc2a6qp07fyxn5kjse1; syncedCookie=true; oaidts=1714807088; ID=lz9umbmq0u61thc2a6qp07fyxn5kjse1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 07:18:08 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-6b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fOiMcKihxuBPCRZkRrGZsP89Je5TP6O3%2B6XsgJhsUtUWKfnyyuVfBaWIb10VXuPYKEvFV%2BHLIV1LiGSWpXf9TKswh1%2FCZsQam41Yi3zoBwF9Ae05X5JZI2nKEPTjxHHDQVw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e6b710293cb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|