| d3khua7ksvxesx.cloudfront.net/public/dynamo/lockerClick.php?offer=53241792&offer_position=1&it=4298361&m=0&visitor_id=Vdb0c2856684c6&cpguid=&hash=6898e081b9fb9cd1824d0244810ada4d | 54.230.241.15 | 200 OK | 671 B |
URL User Request GET HTTP/2d3khua7ksvxesx.cloudfront.net/public/dynamo/lockerClick.php?offer=53241792&offer_position=1&it=4298361&m=0&visitor_id=Vdb0c2856684c6&cpguid=&hash=6898e081b9fb9cd1824d0244810ada4d IP54.230.241.15:443
CertificateIssuerAmazon Subject*.cloudfront.net FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52 ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hashe638b627ba41bd4f91f7c1374481e3e0 dc3dd5103a255e6c6c87dbe869690e3928cd9906 a38f1a55cb703bbc997d43239b2bbb16ee8e6804b0bb42c06bc4f4777daf23e0
GET /public/dynamo/lockerClick.php?offer=53241792&offer_position=1&it=4298361&m=0&visitor_id=Vdb0c2856684c6&cpguid=&hash=6898e081b9fb9cd1824d0244810ada4d HTTP/1.1
Host: d3khua7ksvxesx.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 671
date: Sun, 05 May 2024 13:43:06 GMT
server: Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-powered-by: PHP/7.4.11
set-cookie: dynamo_v_id=Vdb0c2856684c6; expires=Mon, 06-May-2024 13:43:06 GMT; Max-Age=86400; path=/; secure; HttpOnly; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ss_RMP26Y07CvnXccBIC6creySIYVKtshgvpw60v-YjLd8qRv8HXvA==
X-Firefox-Spdy: h2
|
|
| go.smartorfast.com/click?pid=434&offer_id=20016&sub6=Cdb76ae2b7b950&sub2=434_230&sub4=1&sub5=20016 | 34.141.179.97 | 302 Found | 0 B |
URL User Request GET HTTP/2go.smartorfast.com/click?pid=434&offer_id=20016&sub6=Cdb76ae2b7b950&sub2=434_230&sub4=1&sub5=20016 IP34.141.179.97:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
CertificateIssuerSectigo Limited Subjectgo.smartorfast.com FingerprintBA:89:6E:52:8E:15:10:32:B9:38:F7:B5:1D:3D:C1:97:D7:41:3D:9D ValidityThu, 18 Apr 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=434&offer_id=20016&sub6=Cdb76ae2b7b950&sub2=434_230&sub4=1&sub5=20016 HTTP/1.1
Host: go.smartorfast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sun, 05 May 2024 13:43:07 GMT
content-length: 0
location: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=66378cebffeb1c0001d4eee3; expires=Mon, 05 May 2025 13:43:07 GMT; secure; SameSite=None
afoffers={"20016":1714916587}; expires=Mon, 05 May 2025 13:43:07 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| lougroan.com/img/rain/dollars-2.webp | 188.114.96.1 | 200 OK | 8.1 kB |
URL GET HTTP/3lougroan.com/img/rain/dollars-2.webp IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeRIFF (little-endian) data, Web/P image Hash8b4203d496c3f52b116af082a0cd4017 de5369e9459e240950bb7eb5261eaac1db26907f 8dd1f04088c25e20d15e1bc23129604830aab2b4d3d0a408a5f047f9768f39a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-2.webp HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: image/webp
content-length: 8140
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: "6631038c-1fcc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAkWPXZuY9FidLKCItmMF1PqumHUWDDMTYuIG0GByYrijxrJJV7MCZ%2F1d13j25m4JXLHF8F3HJWZMc38%2F%2B%2BBzWBsYqUKCXZfpPpEIGWns%2FfpLlnCWMPsHj9H1VeDKLc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f9856568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js | 188.114.96.1 | 200 OK | 16 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (25995), with no line terminators Hash33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-658b"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2soEq6wNBUYVg33pNSHwxxxNhwx%2BbdMsuihICbt55U270tM34fdTezVKfiVWgM8ZuR5ec4gF5cIJKwsH2WsoYG4tSPxfHHn1HRvq8ahDaJfx6LXBAJkrVGCnXA0cOAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285effb9568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/img/rain/dollars-1.webp | 188.114.96.1 | 200 OK | 10 kB |
URL GET HTTP/3lougroan.com/img/rain/dollars-1.webp IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeRIFF (little-endian) data, Web/P image Hasha5bef813a0113d018592091106451c8b 59365e96c4abca5eb98a0c56db0af0bb5cbffebb 036beb7de9c9d450e1442d593ff70ad392ca4be6754e7feaec249c0009e1bd83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-1.webp HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: image/webp
content-length: 10546
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: "6631038c-2932"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwsjtWY92CvtB%2F4dPNAQKvHatp2V3K8q5uLxVQOJ0PtupNcNu1GubGq%2Ft8ImbpOIn95cnns%2BJIXlmbEM3FoMHDF2GvrHa7%2Bje3KtbCv%2BiWHm6WQTSvhQXuIp5MSYS0E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f9853568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/802-3e1f59b7c0fe3ef9.js | 188.114.96.1 | 200 OK | 21 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/802-3e1f59b7c0fe3ef9.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash8288efc1729193ab69e39ae227fb924b b6cda864edfa8126c902b5de80229790a6f9be15 070ce71e2510a99695b81a839821823ddf3b49213f166212641fcf98adfef3f4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/802-3e1f59b7c0fe3ef9.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-10749"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=buQoJ6C4uVjxlIUYXnl8YZu0TfNewuPeC96mPzKY6qon1l0YEgLY8q1UVvHNzPHeWMVNjsI1RSI6dV8IC1KhwdZ3DxPM7vLJ4nAFTqKK8%2FWmWbaVCiwV3haX3EvtiRg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f0fc8568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/7903-dd238946c7924507.js | 188.114.96.1 | 200 OK | 14 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/7903-dd238946c7924507.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-7c98"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFS5e0WhgXKiV5NgaoUFLXuQL63%2BhZ0wtjA5Cfcfdgaa80sHPWRmCLNJx9HapPaYKeNDzPIae0oksVd7BuU78IL3WWu13pOlVAn4mr%2FV%2BpPPtYlWdXrup0V0Gbgzq8I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f0fc6568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lougroan.com/
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:07 GMT
content-length: 0
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lougroan.com/_next/static/chunks/3183.fd81600fd1ec408a.js | 188.114.96.1 | 200 OK | 16 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/3183.fd81600fd1ec408a.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (19691), with no line terminators Hash7d35150b72e355e4ea7f1b364b4574fd 93a57b00bfe34fc0b09a4f2fefc438b699855144 17fef67045896f5900aea086d8c13b5a07409942fbac3180c6a8bfe66e86fea9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3183.fd81600fd1ec408a.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-4ceb"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b6yV7Bkl3PjU4IDLDwtkHKW4h7y3T8U36xBrizge1gGqVDaZscID5yqWzoO0p%2Fz9QH%2F4JXYhj9weZ8p%2BLoMZvPW746rXHXxFgwCNINY9xgnZ07TZKlUeo%2FhU%2F%2FNCKFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285effb2568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/812.72b1b2774f5e091e.js | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/812.72b1b2774f5e091e.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (13123), with no line terminators Hash4746cb9c76676e766e71dc6aecb5136f bb22c941272fd23ba014218396b7f9eed51e84de faa62724f265c4355b761202cf48980bedbbfa4a8c8c044468e0024ddf1d0059
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/812.72b1b2774f5e091e.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-3343"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gOmS6%2FfE%2BH7ANmQ25XlM1gvc8OXftZPGcAP5hAFxNRC53nM7Nc2fyppCxjgEVVlRfBFl240kKKjX3Jhhly0HEVpAAW0%2FILkIgD3iAicille3YXD31fenwBaTmQ68pHY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285effa8568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lougroan.com/
Content-Type: application/json
Content-Length: 362
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: d9aab1b2342d76c3911dab4b34c851aa
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lougroan.com/img/comments/finance-survey-people/person-1.webp | 188.114.96.1 | 200 OK | 1.4 kB |
URL GET HTTP/3lougroan.com/img/comments/finance-survey-people/person-1.webp IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5da2ea294623650bae71fc84401cf60 f1f62ea011cf81953cefe28254c134e992453b91 09a846c5b1af2c6100ff3193789be1e0e21ba9fc45c268f76f2007c78f1e4ac1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-1.webp HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: image/webp
content-length: 1402
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: "6631038c-57a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsDcX50lZKq1onSIUQB1v95QhTVN%2FKZ0rNQR198C2m4Mc1so3DfB3nZ8fVG42TqfMHO6b4kKPlOpyWC0cPK333uGSO%2B9E5UN0o8T7VGNASBnkTBLdHomYIuvWH62yZ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128623b3e568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/img/comments/finance-survey-people/person-3.webp | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3lougroan.com/img/comments/finance-survey-people/person-3.webp IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hasha747d227c2e10b5178fd942484301d7a b3c5cf90dd5fd2c26c7b17dcb2d35b6dd47065be 9f4fb1281b7141b9dd48925953f7b039b6c411ea0e6e5b158d3e000d75316e9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-3.webp HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: image/webp
content-length: 1454
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: "6631038c-5ae"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 3489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QnP3Wk%2Ft8atqE6%2BlFwzaAzayZzc0mLuKp6jOGcl2iHNfxWjfsiv3ELQUi35Cdbhul73flFH1NhIgrehtPtopbY3xiBXmMQYCjxeckUqDykplzS%2BtZhB%2B%2FwMDtcaCymM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128623b43568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/img/comments/finance-survey-people/person-4.webp | 188.114.96.1 | 200 OK | 1.8 kB |
URL GET HTTP/3lougroan.com/img/comments/finance-survey-people/person-4.webp IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash5dc160f6b521dc8f6c670b140b354fed 22e15cda82b532067b99932ec28f86ea2cc1ecbc 09c6c6de57458ec0c4e7a3d2375e0c7b9c037de9366b63e3685cc0ca94d838b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-4.webp HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: image/webp
content-length: 1798
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: "6631038c-706"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 3489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2eLZMcOQFWxXU8W3Q7gY2lndlE1Dv0BYdk4cLv5EJ4SccbiGGOGjK5R0HUJW7H7q8OlUazw7XVn1zBgm8DsZLAn9POgQGZ6B%2B3ImzqBLdRHRJOrwdtPVMI%2BhxWkz0g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128623b44568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/img/comments/finance-survey-people/person-2.webp | 188.114.96.1 | 200 OK | 2.2 kB |
URL GET HTTP/3lougroan.com/img/comments/finance-survey-people/person-2.webp IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash8f8ffbb278de1342e5cf44cd0c677c23 1b4b4428e409479cc8a8acfce6f537c2aeea7556 ac4284ed6941963c4fa0db306537f42f3a0b1fa18710bc7b9e1e62188961d83a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-2.webp HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: image/webp
content-length: 2220
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: "6631038c-8ac"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 3489
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7yed3G%2FiGzXpVMEixqHVBFcD7LO41KmJsIimY3CjJr8zC1EcbryIgfkn7fvPF26KFKpkvhNWlZLGdB2TLY%2FKDQvdBAwXf39IrUJowFWfXHcjfi%2BthqWp2JLI8va7M8E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128623b39568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/2375.8acee6c083146147.js | 188.114.96.1 | 200 OK | 980 B |
URL GET HTTP/3lougroan.com/_next/static/chunks/2375.8acee6c083146147.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (5363), with no line terminators Hashb7eed164f7ab90f807ca06a204f33810 a58a92f443967e0f552d88f5f2a4853dcb584a66 8ec83dcbb23a710a8df315e73059d065c1db40547f8c28d551b66c6b1d62f607
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2375.8acee6c083146147.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-14f3"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wMKPWH%2FufhetaaH1JZl%2F1bUEXC7wX91RFdQJ%2Bj8s5H%2FqpKHvPeFtPlPEizIr5QfOSWa%2Ftq5B6KCZIfIoUa08YOrugkO5qXoTixyiBa%2F9kdPoXH76muS1V16TWPwJ0%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128625b66568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lougroan.com/
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:07 GMT
content-length: 0
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lougroan.com/
Content-Type: application/json
Content-Length: 382
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: f1161c82598f07fb76993faa5969148c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 0 B |
IP139.45.197.248:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lougroan.com/
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:08 GMT
content-length: 0
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 179 B |
IP139.45.197.248:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash081142aa1c9267422ee7fd25ac457579 cf8a223610da412aab4cc9aec68f6f304258b3ce 58084d495376ed2e41f026c352cabb187129c58109f2b15caeb1a539deb2cd19
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lougroan.com/
Content-Type: application/json
Content-Length: 161
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: a6e3315fdd032af05d800ab8153cb159
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=18dd711a-d216-40fd-8c54-133361533a4f | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=18dd711a-d216-40fd-8c54-133361533a4f IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=18dd711a-d216-40fd-8c54-133361533a4f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1411
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 05 May 2024 13:43:08 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://lougroan.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| lougroan.com/zone?&pub=0&zone_id=6679107&is_mobile=false&domain=lougroan.com&var=6222300&ymid=434_230&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=afd5decd-358e-414b-b2ff-4443e3a4188b&action=prerequest | 188.114.96.1 | 200 OK | 0 B |
URL POST HTTP/3lougroan.com/zone?&pub=0&zone_id=6679107&is_mobile=false&domain=lougroan.com&var=6222300&ymid=434_230&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=afd5decd-358e-414b-b2ff-4443e3a4188b&action=prerequest IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6679107&is_mobile=false&domain=lougroan.com&var=6222300&ymid=434_230&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=afd5decd-358e-414b-b2ff-4443e3a4188b&action=prerequest HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; syncedCookie=true; oaidts=1714916587
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:08 GMT
content-length: 0
x-trace-id: 2f4153bf6acc3eb52ee33a3db32f97b2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRurzioK37gMsK8ptMkwoAUFD4ZqHQL8eqWsAcEhzwrWUcusOaOU%2FIvEvnu0tV9HmtEaD3YZBOoJzCM%2FxNZl6aexWkqW%2BHZt0iuok91RU6ydko0eg6B49GOFCXT8HQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128647d89568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/custom | 188.114.96.1 | 200 OK | 545 B |
IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 379
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; syncedCookie=true; oaidts=1714916587
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: e5929ce56bb6462d2b5d7dbab73b1a6d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSjGW3j5et8KYCYYnHSidIZuSt0hv1ibzh0QagnDfdJ2to7dgYDmlmagxfryNsXSM66IHk8PuhSjz5LOY0m4KoZ1GXL1vuu8cxHLHaACYWiwNuAfH7bsPSoNNjVIXbE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128647d86568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/finance-survey/icon-survey.svg | 188.114.96.1 | 200 OK | 736 B |
URL GET HTTP/3lougroan.com/finance-survey/icon-survey.svg IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeSVG Scalable Vector Graphics image Hash9a8ba19b913810bd358e5caf3a7c2a75 6eff5e84f2b82772bb6029088ed852a8161b3252 58b0a3aa24ef605d4b812bcf92cbaa2e7f78bd43f929ca6362bc259da610399a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/icon-survey.svg HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: W/"6631038c-a72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BHllPQxg%2FUPrwrG6DQJIzc164pC0bF91nIPvt0GWx9EsJwVlkOS5uiE5hAEP1ae4J9e4wbQLhElZJj7wYXBQd%2BpIAqGpc4hCFnJsbFJcJkdfSX05%2BtDKG8wkLFDFy%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128623b41568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashf79a0a50fd5b9dcba38e2c24a463d6d5 c7e48b6d9c64f5fd15f012b1e6d25ded0808c2a5 cd4a13b1e9966360fd49d3b031093411c584b3798c34fa8cf66d32461938cf51
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lougroan.com/
Content-Type: application/json
Content-Length: 1775
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://lougroan.com/
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:08 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| lougroan.com/zone?&pub=0&zone_id=6679107&is_mobile=false&domain=lougroan.com&var=6222300&ymid=434_230&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=c98956e6-6193-4bc1-8376-8215457440c0&action=prerequest | 188.114.96.1 | 200 OK | 0 B |
URL POST HTTP/3lougroan.com/zone?&pub=0&zone_id=6679107&is_mobile=false&domain=lougroan.com&var=6222300&ymid=434_230&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=c98956e6-6193-4bc1-8376-8215457440c0&action=prerequest IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6679107&is_mobile=false&domain=lougroan.com&var=6222300&ymid=434_230&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=c98956e6-6193-4bc1-8376-8215457440c0&action=prerequest HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; syncedCookie=true; oaidts=1714916587
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:08 GMT
content-length: 0
x-trace-id: bdcd85a04dbdfb0356ec6040c195cec9
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QAEF0ovRI%2FPJaqlz5uS%2FG8PvlLR6t93eqvsvDcP7vYFdQaxyyls%2BZ4h8y8EN7%2FQLCZIp0c4Id4sAFJpCZxJcNV9z9m5anfYN%2BlqfTd9IZch%2Bx1q1aHFP1MbyQ5EiIPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f12865cead568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashe6780399c75f35cd80f051a5b90fa116 bbdb127994b35f70d2440419dde9d1db17385ca1 27c1713299fa6dc012110492c7176d03010bbc8cde7e6a95192e0ebd029ccd43
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lougroan.com/
Content-Type: application/json
Content-Length: 1865
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lougroan.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| lougroan.com/_next/static/chunks/webpack-c63afe4326372fa8.js | 188.114.96.1 | 200 OK | 6.3 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/webpack-c63afe4326372fa8.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (6507), with no line terminators Hashb4f4daa4446e65050b8af39fb465e9cc c922010fabb2e409bf1ac29f10563652f06f55aa 318ebdbd0768c4e17a59236e31a5a86a05769131d5e5637d55f78eb3f153d720
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-c63afe4326372fa8.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-1875"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0KonXG%2BmDAGEHaNtG%2F8OShPQRWSnWjsLt40m7CaO7zt%2ByuvyIfSSqa5jbmDmUwh%2FeKL2LVDsGfP974A08CuFdjVY8RprDCq3Y%2BcDdHXEzjavVDUIU0ITnY8%2FQZdvcY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285effb8568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/sw/universal.js?var=6222300&ymid=434_230&ab2_ttl=5184000&zoneId=6679107 | 188.114.96.1 | 200 OK | 1.5 kB |
URL GET HTTP/3lougroan.com/sw/universal.js?var=6222300&ymid=434_230&ab2_ttl=5184000&zoneId=6679107 IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeASCII text, with very long lines (1540), with no line terminators Hash5edd43e1c6126829925eb36cdbaf7af3 e1baae48011f9077aa37e6ab31d4604d41aec303 38945b2621b28329b93e77cc757db7e8def95dd4f4ba1c13862018da2df83411
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=6222300&ymid=434_230&ab2_ttl=5184000&zoneId=6679107 HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; syncedCookie=true; oaidts=1714916587
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: W/"6631038c-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LMWDWq1sWkBLuqswDezujljVH2qd1up9y5iatg7TKXTcwIrMQgFU7jw0GcMFb8lH7tgPI7w09TY15szxW3MhFsVO4Zvia5M9ezUDURlg7xeyMgAIN5M%2BsFfrbociTf0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128646d6a568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/sw/universal.js?var=6222300&ymid=434_230&ab2_ttl=5184000&zoneId=6679107 | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3lougroan.com/sw/universal.js?var=6222300&ymid=434_230&ab2_ttl=5184000&zoneId=6679107 IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeASCII text, with very long lines (1232), with no line terminators Hashc68989aad53c2b5c838a0e168888062c cc1036f99ac9addd348408238493b60a888e3eee ca01ae18f51c5fee941b66e9f29cec0943ce7ed6ad45ce0f3309676de93f02c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=6222300&ymid=434_230&ab2_ttl=5184000&zoneId=6679107 HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; syncedCookie=true; oaidts=1714916587
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1458
etag: W/"6631038c-5b2"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2B150xkjIp4rWRc7nX2QlANqBAqyCmy2v5feBLLNtAxnMBnMgR3xgk9JUTrsIgSFhQfkIaRKnUgT3C4%2FM9Q8brDIfoIapiCKmD%2BGy%2Fxxp3h9A8g0gaYCbM3Uhd7sS24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128657e7b568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/810.3c8446ab4166aeac.js | 188.114.96.1 | 200 OK | 3.0 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/810.3c8446ab4166aeac.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (3075), with no line terminators Hash89aad15398a24ec92ac08d6463d4908a 2d0cb315034a49a9911b5e2944032eebd24dd191 4ca508ccfb1bf3aecb96b235882533a777359352dad1ddf4f13e6986bc548870
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/810.3c8446ab4166aeac.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-bb5"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYmu6WRnyUGdhII%2FxWcTjEvndZVmKQiApGPbqPY5bGHZ2kvVAAvUxssvXk%2BfNkVwWIppxFD5zxCRQsdEV3Gi9rqEV5PbGkpVVZgYnbSVnD46zyx8Y2BmPQpBIQEDccU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1286028f8568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/1754.983ed55293c299ce.js | 188.114.96.1 | 200 OK | 13 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/1754.983ed55293c299ce.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (12711), with no line terminators Hashaaadd1fe7166e1641b80d4a871e91a77 44dd71230caa2b99dbe1a804fb3e444fa2dd8255 918408a27b1ee2472daf8940c82be10db3c347bf9111c15eb4b23bd34600153a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1754.983ed55293c299ce.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-31a7"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L8ZUx5OEvz2aqI5EnCSOzCYpRHwoiGFr5usXqu3to5asle%2B67O5HtP0aypdEiK7ZanMbvl8d8UqRUZH%2Ff0eCpBc7mkBeixzHwlDJ%2FJBKnI15KHcSsfRcSYVUfn22oM8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128625b6a568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/favicon.ico | 188.114.96.1 | 204 No Content | 0 B |
IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Sun, 05 May 2024 13:43:07 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 7061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dAtgDa29gXmdpH11rQn61sVhukbMc3WdCQ32p1nSn%2BbIAxh9WKDydi4JRLiZk%2BaoD%2BJkZgW25TzI1vVm7BDDpuBGQt073h%2BLmpT7c88fU5U52ZwJv23VXXDYyZ1ywJs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f128629b91568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6222300&ymid=434_230&b=&campaignid=&click_id=810981455091741428&ab2r=&rhd=1&var_3=&oaid=jo376nmqlj0qx49oxm8p7nm3wwxm07z&os_version=&btz=UTC&bto=0&z=6679107&cdn=1&domain=lougroan.com&ab2=&ab2_ttl=5184000 | 188.114.96.1 | 200 OK | 37 kB |
URL GET HTTP/3lougroan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6222300&ymid=434_230&b=&campaignid=&click_id=810981455091741428&ab2r=&rhd=1&var_3=&oaid=jo376nmqlj0qx49oxm8p7nm3wwxm07z&os_version=&btz=UTC&bto=0&z=6679107&cdn=1&domain=lougroan.com&ab2=&ab2_ttl=5184000 IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6222300&ymid=434_230&b=&campaignid=&click_id=810981455091741428&ab2r=&rhd=1&var_3=&oaid=jo376nmqlj0qx49oxm8p7nm3wwxm07z&os_version=&btz=UTC&bto=0&z=6679107&cdn=1&domain=lougroan.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; syncedCookie=true; oaidts=1714916587
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=1800
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mU4mdA%2Feyb06tfysgWqi6ys0Keznf6xXoGgzH6zikxcNx7OMHCZekHf6txBPUo639qXSotJeX6%2FbhR6H1WabYdoi3kaSzH0D80lE%2BKC18G46%2Fe14SQjEru95Lvs%2FJKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128649da8568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js | 188.114.96.1 | 200 OK | 182 B |
URL GET HTTP/3lougroan.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/pCw5QzD_EB0_mbmsqIUh2/_ssgManifest.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-b6"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2JE1k2zDXpEeh2s1J3NRilrLdUNh2WBNZlBuenxHQJfiEFpyZTNdyxSWHdOA3AQ5AYI3iRusEPp4T5g2gyHz%2BpcgsmUlngI84AybmA8yLAjJd18Tp0w4%2B80l05664eo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f1fd8568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=jo376nmqlj0qx49oxm8p7nm3wwxm07z | 139.45.195.8 | 200 OK | 64 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=jo376nmqlj0qx49oxm8p7nm3wwxm07z IP139.45.195.8:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hasha6777fe154024336f509ec2a5f9179f4 280ae8e6c72aefe1c30d21edb882c7df5f676c4e cc1687de9ec6180626920ee3053fd1175f999076cc714cd410b48f7d009216af
GET /gid.js?userId=jo376nmqlj0qx49oxm8p7nm3wwxm07z HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lougroan.com/
Origin: https://lougroan.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/json; charset=utf-8
content-length: 64
access-control-allow-origin: https://lougroan.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; expires=Mon, 05 May 2025 13:43:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| lougroan.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js | 188.114.96.1 | 200 OK | 1.6 kB |
URL GET HTTP/3lougroan.com/_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeASCII text, with very long lines (1696), with no line terminators Hash543651efa338e66f345fe8c6095592e0 6108342c3f5cdd637443746d0c07a5b7a528aa36 8d80f5e899864f3590935e867f8814fe3bb8eb6b87ab6d84c3e1d609d971583c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/pCw5QzD_EB0_mbmsqIUh2/_buildManifest.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-644"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6IJkU7zZVNNbw0oW41W60xgI%2FtdzvAIHpSKru01xy1y%2BfyCvYUHIUTHVkJ7Ud49iXLXVxawAlnGXOVp7x1nQrbOLjzKRSp4YMJ7MEYnutF6EIuOBFyi%2B26ps84GD95c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f1fd5568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/6223.36a8be3b6724c1ee.js | 188.114.96.1 | 200 OK | 3.8 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/6223.36a8be3b6724c1ee.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (3870), with no line terminators Hash1d892f4ab084b8290d79dcf9ec65b79a 17b0c18b7201dd8eb4bbd3db5be2f1d784000948 77e68c0c19f773bcf939398361c922509f29268cea7afe93f3f7050183115e14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6223.36a8be3b6724c1ee.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-eee"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6490
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9%2BVSpbgzCNXAjjG66hDYPk7x2f%2F9Au7cD8m6c5Hi%2BCz2KwwwiQqorrUcyrGO2MuQClY1AsayBTI863boM%2BsliGMu9He0PYP1Wp0jvymoUBzoq4ED36%2F7xnBWErVxiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1286038fe568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6222300&ymid=434_230&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=jo376nmqlj0qx49oxm8p7nm3wwxm07z&os_version=&btz=UTC&bto=0&z=6679107&cdn=1&domain=lougroan.com&ab2=&ab2_ttl=5184000 | 188.114.96.1 | 200 OK | 37 kB |
URL GET HTTP/3lougroan.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6222300&ymid=434_230&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=jo376nmqlj0qx49oxm8p7nm3wwxm07z&os_version=&btz=UTC&bto=0&z=6679107&cdn=1&domain=lougroan.com&ab2=&ab2_ttl=5184000 IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6222300&ymid=434_230&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=jo376nmqlj0qx49oxm8p7nm3wwxm07z&os_version=&btz=UTC&bto=0&z=6679107&cdn=1&domain=lougroan.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; syncedCookie=true; oaidts=1714916587
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=1800
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=me1dBZJW08HPNrLMeEhjuGEtnTgCVsDBicBsGMV9elJp1HX7vSGScRGu7e5o7sDMwB0MVmBBDyL920aKOKbeJzyz3XMlIB7NnZpWGJL33OC%2FlYkLFGQh%2FgZnbnv4btQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128634c41568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/main-beb6af9e60a8e042.js | 188.114.96.1 | 200 OK | 109 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/main-beb6af9e60a8e042.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (108886 bytes) Hash49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"6631038c-1a957"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cKBehG0qH26U52iPsuGrmQyWrPvDr0MRODSbS5J0nYC8Qyc6KGQ8uAh19Q0hhiTPpr3QW3BjWYDkEGBvl62nCc5NNn%2FfitiLwKLAtu9Z5IKnDckWZXFc3ia9ooldV3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f0fc2568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/2734.6269ca0cf725ea17.js | 188.114.96.1 | 200 OK | 4.1 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (4219), with no line terminators Hash98132c6c771aec065d3ab61e5c8c0f53 56484dafed6218ea17ef047fc8cd4c5a342c1890 ae09486720d6d4764b5126f0e26414962ee83eeebdc05db588bb7d86855e8b23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-1033"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fMQ4mQq4dx6f4Ab2dt3pxHR9%2FpuP4aNqZ83fJdboaMDdzCe9vtoWwHMXcHAvRfn2rugKztE2Ex1H046pIj77Q5NGNJWjyzL4hc%2BqpeydtVHSZ%2Bz0rDxiSWBpWfGQyCQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1286018e8568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/5927.37a5338b8ac59a08.js | 188.114.96.1 | 200 OK | 19 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/5927.37a5338b8ac59a08.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (18708), with no line terminators Hasha385421104bc74c949dc4c6191ef7df9 30827209462e4ce7b901e71b238109574cc117ba 441f4699276f051e940137c231a4d48a7d4a0958ceeae78958482cd8a89663be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5927.37a5338b8ac59a08.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-4914"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ghj1lTXD5XeBg%2F9V%2F9%2B87vtYzR%2FURhfq1azYQ47VzaOyl2vYSvY5elc5GUWhJNFzWh%2FKmS9oiMUV3ETWXf6iSE5kmLccpODphE%2BmhuMf9WEoMAOJwezBQ%2FJfULC50XE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128605936568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/css/0bc0cde260d08b97.css | 188.114.96.1 | 200 OK | 1.8 kB |
URL GET HTTP/3lougroan.com/_next/static/css/0bc0cde260d08b97.css IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeASCII text, with very long lines (1841), with no line terminators Hashff1d3d5d24ca0172d59b02e7505ddaa1 41e83ee08e21f369886b0fdad0ba01d8b20897b6 939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"6631038c-733"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wOnfwXJdy%2Fx2kkJD5ftx%2Fisg9Gxj9ap0HAcm9jopkhoyjeJYDEcDVVlQtH7Pv03dp026ERGsiIaw1fmRs47yZC79EZVfyV2B3SruB5G5gYQ8ky7FUm6TlhcU%2F1xTWK4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285effa7568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js | 188.114.96.1 | 200 OK | 925 B |
URL GET HTTP/3lougroan.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (939), with no line terminators Hashe370c58940efd9305daf2c9601a7da0d ac6f3895617e4817d7bf86b7c637a231b13a12b7 acba948084ac297d876a066617c1a4c6d9f5a664d43514af605a4c6d1fe37315
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8904.6fbc0cfd51623cbf.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-39d"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPFg2FkeKuXxH3%2FTKugmptyoktjTW24Hrcd1hjVz%2FQoN4YtzP0o2YghW0zsWMHD6Y%2FEbqJQdDpTV4qDi2ZSVfHu46Ghxn11uC15zRKGCtlHJT8vr%2BnuHSWlrhQEpWA0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1286028fb568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/track?dry=false&request_var=434_230&oaid=jo376nmqlj0qx49oxm8p7nm3wwxm07z&os_version=&var=6222300&var_3=&var_4=&variable2=66378cebffeb1c0001d4eee3&ymid=434_230&z=6222300&offer_id=7636 | 188.114.96.1 | 200 OK | 211 B |
URL GET HTTP/3lougroan.com/track?dry=false&request_var=434_230&oaid=jo376nmqlj0qx49oxm8p7nm3wwxm07z&os_version=&var=6222300&var_3=&var_4=&variable2=66378cebffeb1c0001d4eee3&ymid=434_230&z=6222300&offer_id=7636 IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashdabe0db5af8f7cf3433fe992c018e5f0 ec74b65f307dffba051576c4c9575d67fe56aa2e 49c8eca50d498f4feb858f84a84c624020e34a42f2d47091abaa3c1b6b1390f6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=false&request_var=434_230&oaid=jo376nmqlj0qx49oxm8p7nm3wwxm07z&os_version=&var=6222300&var_3=&var_4=&variable2=66378cebffeb1c0001d4eee3&ymid=434_230&z=6222300&offer_id=7636 HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
DNT: 1
Connection: keep-alive
Cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; syncedCookie=true; oaidts=1714916587
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: 22e96e4d404d8eaaa9b5570a1afd55d7
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://lougroan.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SbdsXJa0g6t9civa%2B%2B0%2FWIZSAEFW9%2FqJyZFkYGdOqP%2BqV5AUK%2FQqyTbBcg6zMmCMBLqR%2Bdy%2BJeGsY5GGp46Kj2qQrDVl%2FFQsqhUP278UBsc30DnapmxUNDk1NKSBKZI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128633c2e568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/4981.3c1daeeee82e08ea.js | 188.114.96.1 | 200 OK | 22 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/4981.3c1daeeee82e08ea.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (21617), with no line terminators Hashe5a18eccb2797e5391d6ce697f63eaba fd0cfa9d1d8af22b690973928c5d65b6be83389b 865d0997740868b6c2804f1949e997d55baffc23023235d8af966f8b999c2b84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4981.3c1daeeee82e08ea.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-5471"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qHaRjh3gjiWmehEQBymA0%2Bfd2jawUogkAS4HDqfToYGfW2HYyMJ2iZqRPrCDq9QMEBKZhHLkFvo08FCx2NA7c5ju%2Fe3Fw4SalQtmMRMnc6gkkma4GC6XoIaAFpV%2FwWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285effaa568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/6335.0b3b79af795b69d6.js | 188.114.96.1 | 200 OK | 41 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/6335.0b3b79af795b69d6.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (41407), with no line terminators Hash3dfda233d90a10b7c5cc845a44c2eba5 34507226ff3ec0131f1ce7330cf0423172a98aa6 e8507bf3364ac0352dfd4c6e204bc8c7d79e300182f53dd573d433708f7851d9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6335.0b3b79af795b69d6.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-a1bf"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5vVfbGvDLiFbRl841FIbVOGkk3PIQNUbHwQbdeHK%2Bf9S8pqFaoJeURJtTReudDa6pSAHN1TSiZHNTVUh8W4z3O6xBHHfpL0mOveQm%2BjYWpEOSKTC255j6f4oluP99I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285effb7568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/9270.11c63feb0694543d.js | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/9270.11c63feb0694543d.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (10691), with no line terminators Hash01ead0d6c1755cb5c26d0f26bf52678a 046ec4186ad3a9df0240837f0ac8275adf65eb24 9b97e6068e9c4989bed1565a5658e84cab168e46c05464c9bf1cf9bfa99b91bd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9270.11c63feb0694543d.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-29c3"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtU0Ln7gT4bR7eBi95P4Pq%2BSAuWqbXf5cj8VVh6U5hwA33f2HGBGlMIdAWA5G0tWfUgbSxmVHQkW2NgDDGivtJ6Wr%2BjvFnttRka6A67JskVT9d0F0E04N5MNhnZN6%2Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128609971568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/3091.8141ef861c4fae96.js | 188.114.96.1 | 200 OK | 2.4 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/3091.8141ef861c4fae96.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (2431), with no line terminators Hashaff0a51ad60c666bf1f7f27ddff14217 9677799390dc5667eeda431957d59b25d6a40946 f495db20d41fe12519423d9776481cd5c3f1dabc346ea304b8a7201b032d4e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-951"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n7UG4cDoXTnl92Hl%2B14sEMccQbmLc1%2FZZwVjpuhBnHBOLgjI5e0lB%2FcdqkVAtPvYKBsyTAbaPTDqRZNc09YL%2Fs%2F5u%2BpUPuIVov%2BkfKFCCz4AS6qBuljDEHf%2Blg5h2do%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f12860390e568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/6037.086d113a52bb6dae.js | 188.114.96.1 | 200 OK | 1.2 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/6037.086d113a52bb6dae.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (1240), with no line terminators Hash4c5f50c10ca520ba5c17c96557452e7a a772f8756a93e5f2fb01e88f5f3856b5523ab97e 7cdd71c93dd078d4ba57cc70f3a6ac739ce902054d5cfba3b1a810d3d3e709bb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6037.086d113a52bb6dae.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-4c0"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yhv%2FqnL07UZdZRPL1Ix7bOrQDKMFz7pIFRl5pFHPzBql8e1n2HLY%2B6mrxWxnT2fLMTMDRFOS8NOqOL0yl5%2FUgNDAmXBu%2FaEjlVyKCbuek%2FUYUdnf0e%2Fvwwi2p3pX1cs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128604912568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 104.21.36.146 | 200 OK | 19 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP104.21.36.146:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bh8uSOWsjWpDjEuBjl%2BIjZHpX4DAQtdkASle7p8lYLjIFjJgvWvt65usukihOmm1H4orGNfto6XhakQ7cm100mZHMSgIkP6pYZuexWr74sXfsjoWvsn8LjHzjlLGItM8ZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f128611da8b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lougroan.com/_next/static/chunks/2090-519478c186a3d867.js | 188.114.96.1 | 200 OK | 11 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/2090-519478c186a3d867.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (10752), with no line terminators Hash37545926cc9a6e537b9f3e95d7a16c1e c3cbfe1f9737817eda25770274e97feaf6b8cc68 d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-519478c186a3d867.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-2a00"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tkwlh%2BgVwWwpbP4SuQMDuBz4oP416%2Bqo48PhR7jbntAOcVsEnqHxH9cCQt5crmtIiqNxXqR8m1btVejQebTHT1gKoFoBgbGW%2F5jPWNMqz57XCnHDW11p%2B43%2FI0RYRQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f0fc7568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/img/rain/dollars-3.webp | 188.114.96.1 | 200 OK | 5.9 kB |
URL GET HTTP/3lougroan.com/img/rain/dollars-3.webp IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeRIFF (little-endian) data, Web/P image Hash51ea76ff382bff8ef58a9943f7fd21d1 5c3d6ad6620fbde5ce3dddc88604e6d54621eba2 0240f30fc542fb5c2d532f33bc793b797199adaea75e22a7d9f04674b80d9a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-3.webp HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: image/webp
content-length: 5938
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
vary: Accept-Encoding
etag: "6631038c-1732"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HrK2JR3VP%2B%2F5OBUBzbtz1l4zBxWIHNrVqjSg4O3GTs3KxItl3hJAEmS8NlGVpVCjs7%2BQPPBynl%2F%2Bu8pnIWw87wUm8xgTcv8loBTbbIg%2BLzRMCgN6lDgpAOeQdQfZk%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f985a568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/86.1605512c42332a2f.js | 188.114.96.1 | 200 OK | 2.8 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/86.1605512c42332a2f.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (2908), with no line terminators Hashf7cb4f746f2cabc625d1ab452426c2e5 32f7f8a18c1d477a41291637019374bd4d722df9 6e3c489f8505040ae3a765d615dd63b8e385d2baeecd0ba58a2da9bf079b1a9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/86.1605512c42332a2f.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-b1e"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S9770KwKDZCLV4TNOtTH%2FsNhWDM7oQWvMZtutNypX1Ejv8oHyinewBi5ITBJEmOL9bYyWpjJF%2BIxsvT%2FnH0XrC%2FJ7P2dX1deqS3ykI4zilivIMmloB%2BUo7WfL7hF%2BS0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1286018ea568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/rotate?zz=6543018%3B5128285%3B4326652%3B4949467%3B5381242%3B5381316%3B5381307%3B5381339&var=6222300&ymid=434_230&ab2r=&var_3=&var_4=&os_version=&uid=jo376nmqlj0qx49oxm8p7nm3wwxm07z | 188.114.96.1 | 200 OK | 4.7 kB |
URL GET HTTP/3lougroan.com/rotate?zz=6543018%3B5128285%3B4326652%3B4949467%3B5381242%3B5381316%3B5381307%3B5381339&var=6222300&ymid=434_230&ab2r=&var_3=&var_4=&os_version=&uid=jo376nmqlj0qx49oxm8p7nm3wwxm07z IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4767), with no line terminators Hashddf67a1beb37bea44cd843463700e09b 94e4c165f864cf040960b7abfdc4fa4e332772b7 e2aa0eda10df6dd77906e46a67b3f5d5eba984f55da0be0b6e070c8ea1b29f77
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=6543018%3B5128285%3B4326652%3B4949467%3B5381242%3B5381316%3B5381307%3B5381339&var=6222300&ymid=434_230&ab2r=&var_3=&var_4=&os_version=&uid=jo376nmqlj0qx49oxm8p7nm3wwxm07z HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
DNT: 1
Connection: keep-alive
Cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; syncedCookie=true; oaidts=1714916587
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:08 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: ba1891e456b086e4c69a6dff12207ca5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://lougroan.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=jo376nmqlj0qx49oxm8p7nm3wwxm07z; expires=Mon, 05 May 2025 13:43:08 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XuNFFyNZhWxxXTzi69JyF4WmgLxdLQF%2Fm9fDvtsB7aWS5StSIwTf1fQHWoZeqCde41sk15%2BdzDdeMHgPvzzw7I%2FTeF4XPWE8cewD8LGqmbCrXZ1tDqaftxnzmA7jqzA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f128633c38568a-OSL
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 | 188.114.96.1 | 200 OK | 39 kB |
URL User Request GET HTTP/2lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: text/html
last-modified: Tue, 30 Apr 2024 14:43:26 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePtvg7wlEYKj765W4UVmhBOoq833Z9N5GSy4FX2afBqP%2BW0Vqyw81bcThuV2keG0NituGlO2uM1Pya0dhMTYasFuzD67tskk04TJ2Ctb%2B%2FnZqjQhIAGRCg2ECXCA8yY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285dbfef56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| lougroan.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js | 188.114.96.1 | 200 OK | 42 kB |
URL GET HTTP/3lougroan.com/_next/static/chunks/pages/_app-7ac21b6c354dd447.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (41515), with no line terminators Hash92ee35a274faa2df0c68f0def06a750e 8131ecf1752dbf3591bf213855896b2618f48734 47929dce053ec819a11270e42aaff07b95e02ee29513b8f5b73cf75f6cdeddd5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-7ac21b6c354dd447.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-a22b"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=obM6F4ORbZ%2B40HgW%2BuNJKlYjGe1XpQqGL4cHqFrKkC0ApbfBPW8Sidq6FxeMH1wA%2FE1PoTZDMrD9sjTUoexWvLaKMn%2BxiQ8HPPbRVf%2FcPgNU3wjhQ%2FTr0ALtanQ2QxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f0fc4568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| lougroan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js | 188.114.96.1 | 200 OK | 661 B |
URL GET HTTP/3lougroan.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js IP188.114.96.1:443
Requested byhttps://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3 CertificateIssuerGoogle Trust Services LLC Subjectlougroan.com Fingerprint0D:3D:32:EE:D4:AA:33:AA:A9:B1:38:D5:A1:C9:99:A1:11:92:BC:8E ValidityMon, 22 Apr 2024 11:30:49 GMT - Sun, 21 Jul 2024 11:30:48 GMT
File typeJavaScript source, ASCII text, with very long lines (665), with no line terminators Hashf8e52c06430c8d613af8c236a1972a4a 8ac071e6c0908ee068e453ae47a6598d733d9a1a 7f75dbe159ba344bd4495842a3c902c147703b5f4835885f3a9e13f879cdcddc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f51e2daac4d078b4.js HTTP/1.1
Host: lougroan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lougroan.com/finance-survey.html?z=6222300&offer_id=7636&var=434_230&ymid=66378cebffeb1c0001d4eee3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:43:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6631038c-295"
last-modified: Tue, 30 Apr 2024 14:43:24 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ouexT9FsNqWhGnTPfBaLhdcanqPQKxS%2BWVVMpetzPyrb2PtSDJxjKNddUZi68tiPXNBaA7yb4%2FG9cOpcL4ryhfh5%2FmpG3n0lACO8kJGE9z%2FNI%2Fg4WnX7fhd61mG7O1o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f1285f0fd2568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|