| grudsaugast.com/_next/static/chunks/2090-5c4f654224750f4b.js | 172.67.188.236 | 200 OK | 12 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/2090-5c4f654224750f4b.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (10772), with no line terminators Hash48a7086ede3da4d57eaa11bf2ba435dd a58e6ce70f2675ce2fdcaff04a63d33c4bc0744d 59750f2431678c96646d026ec016eeeb91df7913acfe972f7e9a3110b302dc3f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-5c4f654224750f4b.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-2a14"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1nMyyHVlyFPU5XEbNSa63x2uDTwOQDD%2BGNu%2Fp78sTCIT5puBdTvcG7zCBQiyr3zT2U1BzWdU%2FpjD1VlWoN8h51UbHBSAY6hmGy6Anm8Bl%2Fxoipv0DIGVF3UjqSoBlFnSj8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffebc0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js | 172.67.188.236 | 200 OK | 6.3 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (662), with no line terminators Hash06062156d99da1c306ff5966000be2c4 3c128ded6b30d8bcfb9a85b8f1d7551400c4eb60 9e0349f7ac8b75e95aff12e66f57065f040d20165ea783fe17366bea6a56751d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-296"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BrZLagJeY%2B35eDfTrdw9FzheFYCZgBm22%2Bovwfz1JJsududZwG%2BqjviuIBUWID4SFwwqK4JZM%2BFzlqUgL4Gs7sMm8jvCdQRjcosyB5FuAXUgv6aGOJyaeU9AiZBPyzkTMnc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2700ec10b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/7903-dd238946c7924507.js | 172.67.188.236 | 200 OK | 23 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/7903-dd238946c7924507.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-7c98"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NzwLvoxfWt4Blriqh4OZPbFFpdoQgGcoYtghnsbl8Qvtcs4%2Bj4nokUiYO0hHozvoSujDH6T%2B%2ByZod2bgaj4emrspzXpf%2BuBWrgNI5TdSBV90Js1dxWq50fQ8ZjWRX0l2Bkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffebb0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/4981.3c1daeeee82e08ea.js | 172.67.188.236 | 200 OK | 3.7 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/4981.3c1daeeee82e08ea.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (21617), with no line terminators Hashe5a18eccb2797e5391d6ce697f63eaba fd0cfa9d1d8af22b690973928c5d65b6be83389b 865d0997740868b6c2804f1949e997d55baffc23023235d8af966f8b999c2b84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4981.3c1daeeee82e08ea.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-5471"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kG6J2iEfn2zPxZLg1xOUntk99U5zO0ylw2n01UVd3YAwLjRkIbrq67CaQiM9Zl5rnbHS5wN3Wei84EX0DGx0h4xJ%2Fb%2F6MRtaBRvAbwUSLAGIYR%2Bm%2B2eZBJkLN1Mm3b4wD%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffeb40b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/5356.cd117ab77e87aa94.js | 172.67.188.236 | 200 OK | 2.5 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (1298), with no line terminators Hash48bc38caebc09f278d740e9a8302bf56 b687105616511f0eb1f493a5ff7cb35e6b445b5e d558e0466151e37fdefda1944ca4860ea0f63fc583e36ed00e2516d52774caa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-512"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TEQeOYbceknj%2B7KWeb9KXDhKAL1S2BKZ%2FAx%2FjDQFPOTVO2GavpOKtOUTjOPSfISGIWaz4OQtgX2YJYq3oZNYTR9aWRJkOHDW0VsJCGVrTKzHouwTRwB3oF9NcmN4a61g8DU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2716f550b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/4Be8bWEWJDGngUbmiluPo/_buildManifest.js | 172.67.188.236 | 200 OK | 687 B |
URL GET HTTP/3grudsaugast.com/_next/static/4Be8bWEWJDGngUbmiluPo/_buildManifest.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeASCII text, with very long lines (1605), with no line terminators Hash5c614f3fdd90350416548fff7c4b1866 5eb7fff6296da950101c34a1cbec2f360fba896d df6c7792b9d2e2a304a67738fc5c05a24efd0177ee46876176b883e6a7923970
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/4Be8bWEWJDGngUbmiluPo/_buildManifest.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-645"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e7V5vFJfaKt1vR5qAt%2FiD3tlYrxaMINw9QAw4fleArV2U%2FfycErv0CnoZ3j0DLeC%2FSe14v8kCPq0jdV04Cee%2BqJ22Pli5hm0avmmUPROOILQShX26P7VPTixks6F177jGX0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2700ec50b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/img/comments/finance-survey-people/person-3.webp | 172.67.188.236 | 200 OK | 1.5 kB |
URL GET HTTP/3grudsaugast.com/img/comments/finance-survey-people/person-3.webp IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hasha747d227c2e10b5178fd942484301d7a b3c5cf90dd5fd2c26c7b17dcb2d35b6dd47065be 9f4fb1281b7141b9dd48925953f7b039b6c411ea0e6e5b158d3e000d75316e9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-3.webp HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/webp
content-length: 1454
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: "662951b4-5ae"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dVSCK0%2B0tl2qCm%2FJIP8pZ7046TbmyoEwi%2B%2BYb3MC2XORnfnIX1QngioWmJKkFxH9gkFawEC%2FdCMA%2BKwY84GaVogeiJuTKM26sx52N35G20zh1xKMgMn95BCcxFpz67CnC6c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2727fe40b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/5927.10a9d67f6732d4d8.js | 172.67.188.236 | 200 OK | 4.1 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/5927.10a9d67f6732d4d8.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (18514), with no line terminators Hasha430ce709a2b2e9b144810c17115f6c7 b0d435157a5614b2d58efdc0f2b5d94bfbfb5c2b d2461dafb3c86b97148ce5a6fe69d9f050cfe2aba4ba5fa311ebc3349504a7e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5927.10a9d67f6732d4d8.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-4852"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=72wUAKHeiyNY%2BhcV8L8dFy%2Bk0%2FsIALLoL%2Fz0pMAYSkSFpJf0Z6KNzm8a184uGDnP8GDoKwG%2BxtfH8LTbQD1cnjRuhQiNweVIsgnlYy5zwZO9bdjMSLGz5dz%2B9Gn3onHKOIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2718f630b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/img/comments/finance-survey-people/person-6.webp | 172.67.188.236 | 200 OK | 2.4 kB |
URL GET HTTP/3grudsaugast.com/img/comments/finance-survey-people/person-6.webp IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash7be25941ac032fcec25b1bb4ede296d2 cfc4fb3733844326076b6d7632087204c0bea34d 0ff9d28c4ab7516d2790e8df4d325cf602bc8f9eb787a7cd9b6554edd9530e4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-6.webp HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/webp
content-length: 2440
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: "662951b4-988"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QpfDjRP6mo%2F%2FWFFQ8Y5SpyrF4dMGmC0IVLtXR2lqg%2BzMNG9TMxgoU68W2jnqh0Ek3oj6LoPcQB8o5eAAAosHm%2BwiXwOBqCOXcurlLEdLUiHY0hBpPoGbg2ZqR6M9Q7YZcjk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2726fdc0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://grudsaugast.com/
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:47:20 GMT
content-length: 0
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| grudsaugast.com/_next/static/chunks/2610.1baf2de4c8779a0e.js | 172.67.188.236 | 200 OK | 4.8 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/2610.1baf2de4c8779a0e.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (13124), with no line terminators Hash285f6dd54ac88cdc30a796895c98adb3 f4ff40359e70d2a28b3ba2773e180ac93ce29a37 6dff74775e02f0f3618dcd683ce01b570ed044fca2a250051e6f7e6bb0cc2974
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2610.1baf2de4c8779a0e.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-3344"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CC5fLzMmKk4H%2Fe9QlJpHwMrpNF1UTxsR7nNO3YBVTRlyzkkUIeYtBID%2BJA1ee1Fr0Ijo75877dTaygnuTv%2Fplus1o%2Br0PUMa%2Bp6axalwjSr%2BrJLIXTK7ZPG0A4G7uxUPxWs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26feeb30b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/img/comments/finance-survey-people/person-2.webp | 172.67.188.236 | 200 OK | 2.2 kB |
URL GET HTTP/3grudsaugast.com/img/comments/finance-survey-people/person-2.webp IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash8f8ffbb278de1342e5cf44cd0c677c23 1b4b4428e409479cc8a8acfce6f537c2aeea7556 ac4284ed6941963c4fa0db306537f42f3a0b1fa18710bc7b9e1e62188961d83a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-2.webp HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/webp
content-length: 2220
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: "662951b4-8ac"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ecTz%2BpH7kERlAFbo9GrkvcAG345HYTuHsZvna82wl7f7GI15cQF6DfCyKVuEy1z7oXKKhttkxMZEW04bF3qGJFYvNr52LyjCcncK6Ai1D%2Bv2lyuPfBNM0DJnp%2F4XCJ4x02I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2727fe30b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grudsaugast.com/
Content-Type: application/json
Content-Length: 220
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 8042db75a9280c14d4c63904c4693999
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| grudsaugast.com/_next/static/chunks/1754.9cd5cec6a6099ad4.js | 172.67.188.236 | 200 OK | 2.2 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/1754.9cd5cec6a6099ad4.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (12011), with no line terminators Hash97a720cc805d2afba1d18c848124b92e 600abde3f10a7008dcf63a06a38ddcee64d57824 67f19c84ea29e05d552357bf00c539946706d764dbe36d184af3b711ebd663b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1754.9cd5cec6a6099ad4.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: W/"662951b4-2eeb"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBE4cVmxjtqy7lxOl1UQTEIRh9c2jxkWGvBrnkm70EjncPCWHLCtiqeUqsnYh9YbQ%2FlCsuU%2B7PKWJunf3Iv1vbMqMU3Ex0kwzKKQTWBo6kbBbJzb%2BN2YEEd1qnHx8qJP3Aw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a272bffe0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 0 B |
IP139.45.197.248:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://grudsaugast.com/
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:47:20 GMT
content-length: 0
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grudsaugast.com/
Content-Type: application/json
Content-Length: 256
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 709764e2601e112e5b1e2e3913e5697d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| cdntechone.com/stattag.js | 188.114.96.1 | 200 OK | 7.6 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP188.114.96.1:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1874
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FmeAGSu9SF9kRC8V5BdkDPu1iZ3mtARJKBtG4sd5hWeUK8b4IEbrznNaw6OHNuKYm%2Fs9qSLzxSX42DSIxGj9NPHHr6PxJMJUHmKY%2Bv3Ej0YTyYAbPi4HWashECvcUAS8BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a2738d78b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| grudsaugast.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=grudsaugast.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.503&trace_id=076a64ff-662e-42c2-a698-47e50aa4fc84&action=prerequest | 172.67.188.236 | 200 OK | 0 B |
URL POST HTTP/3grudsaugast.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=grudsaugast.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.503&trace_id=076a64ff-662e-42c2-a698-47e50aa4fc84&action=prerequest IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7085340&is_mobile=false&domain=grudsaugast.com&var=&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.503&trace_id=076a64ff-662e-42c2-a698-47e50aa4fc84&action=prerequest HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Cookie: OAID=svqrp1z3zapydm1s2p3505mu46kp2ys; syncedCookie=true; oaidts=1713998840
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:21 GMT
content-length: 0
x-trace-id: 5f4e208bdb33d9d9d92caaa1c858c001
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpRF6D%2FIm2cqU%2FGYtxsGLAr4M7bsCN4yn8QkxuN3WSfovpFcGB4SEBMNlrfBhv9j3%2BzrceASaneVyXqMOsu3gPsj1COo5o0zec31bi%2B41svzjUv69Ph0t2eN14BKvfuwdk0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a27498ba0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=bbb2be20-c2c6-4952-a202-1864021d055e | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=bbb2be20-c2c6-4952-a202-1864021d055e IP139.45.195.253:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=bbb2be20-c2c6-4952-a202-1864021d055e HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1333
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 24 Apr 2024 22:47:21 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://grudsaugast.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://grudsaugast.com/
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:47:21 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| grudsaugast.com/finance-survey/icon-survey.svg | 172.67.188.236 | 200 OK | 1.2 kB |
URL GET HTTP/3grudsaugast.com/finance-survey/icon-survey.svg IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeSVG Scalable Vector Graphics image Hash9a8ba19b913810bd358e5caf3a7c2a75 6eff5e84f2b82772bb6029088ed852a8161b3252 58b0a3aa24ef605d4b812bcf92cbaa2e7f78bd43f929ca6362bc259da610399a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/icon-survey.svg HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/svg+xml
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: W/"662951b4-a72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EZuQFiVsXvpAh5wyYtvJa7OkTJkjqHroBlQZ0mYs3qxmYUyHFFsfA5Jiq9j1aOaV0nnA07zJe0ajKkhFCZBtLFD4atI2mCmJavmhQJiBMUuo3Wo01jatR4MEj63v25yr8zA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2722fbc0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash4bd725d52fd6a63795939a1ad5a1d96c 34edca8e66acab9bdf6bbd723ae4788f8d3ecef5 e9d10eee0b8b70fb5a29f71d8787fb3edc587e9f1b814e65ae132f33bd4b4993
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grudsaugast.com/
Content-Type: application/json
Content-Length: 1671
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:47:21 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| grudsaugast.com/_next/static/css/0bc0cde260d08b97.css | 172.67.188.236 | 200 OK | 3.5 kB |
URL GET HTTP/3grudsaugast.com/_next/static/css/0bc0cde260d08b97.css IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeASCII text, with very long lines (1841), with no line terminators Hashff1d3d5d24ca0172d59b02e7505ddaa1 41e83ee08e21f369886b0fdad0ba01d8b20897b6 939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"662951b4-733"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E4NP7WCqZ%2BJQK9MVtTnCOK9hoRYlQ0I8VfzWb%2F9BtoEL%2Fp%2FlJydYWBkrqNabzlIbHcPCvV9%2BbiuE3PnLizSYzpDaUpEr91FlwAW6yhTYnrPys19VlyqlwloVpm8FFGWgWaM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26feeb10b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/favicon.ico | 172.67.188.236 | 204 No Content | 0 B |
URL GET HTTP/3grudsaugast.com/favicon.ico IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Cookie: OAID=svqrp1z3zapydm1s2p3505mu46kp2ys; syncedCookie=true; oaidts=1713998840
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 24 Apr 2024 22:47:21 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V3Rk7HwSwx%2Brh%2BRHpu4IyO%2FiFWcGqzA46ooeZdZAHmTWj3eaijjF8oU8oB2%2FYawdna4B1XG3WbyPcUnYzcoGEwMp6OZtlwCM68NiSC8Bi613m511JFwwvLPOYJYiFY9Ev1M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799a276895a0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/sw/universal.js?ab2_ttl=5184000&zoneId=7085340 | 172.67.188.236 | 200 OK | 9.4 kB |
URL GET HTTP/3grudsaugast.com/sw/universal.js?ab2_ttl=5184000&zoneId=7085340 IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
Hash3720f9cee1df8fca36fe99491eab215b 1705d72778aac160278f15d86a8d1aa2bac785bf 08c09c04a09d4a2fe27fc50189a08f18cfe108a3b966d4a36c77819275c0d81d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?ab2_ttl=5184000&zoneId=7085340 HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Cookie: OAID=svqrp1z3zapydm1s2p3505mu46kp2ys; syncedCookie=true; oaidts=1713998840
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:21 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: W/"662951b4-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=meVPb9yiu8kF6SwHzlc6usVeiSHNT70orWSEF6WJMa%2Fi8lHzRnxzEDxzS7%2FtcIGI%2FU0NCz3lEmOt7mTVZqGzdJb0SbMbFlbBL3yTkDz5YUu0swaLGQTzN84shcDae4jx8hI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a274b8cd0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=&ymid=&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=svqrp1z3zapydm1s2p3505mu46kp2ys&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=grudsaugast.com&ab2=&ab2_ttl=5184000 | 172.67.188.236 | 200 OK | 23 kB |
URL GET HTTP/3grudsaugast.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=&ymid=&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=svqrp1z3zapydm1s2p3505mu46kp2ys&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=grudsaugast.com&ab2=&ab2_ttl=5184000 IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash8acf6198d81e7b03a7f405500e7ae7f2 9d1d750d53896ac2ddc64461938862f301773eed 68fbd570b73d292cf84bf733f4ada10f1f7bbe6ba5ad8043ee3e2f5d01278e02
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=&ymid=&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=svqrp1z3zapydm1s2p3505mu46kp2ys&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=grudsaugast.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Cookie: OAID=svqrp1z3zapydm1s2p3505mu46kp2ys; syncedCookie=true; oaidts=1713998840
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:21 GMT
content-type: application/javascript
last-modified: Wed, 24 Apr 2024 14:40:35 GMT
vary: Accept-Encoding
etag: W/"662919e3-9116"
access-control-allow-credentials: true
cache-control: max-age=1800
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WeHSXronVYbFR5NQQVOqTcFuTGytW2pLZNgiIPk7mb%2B40VKokfiEjfuA%2FB1VEW6nnIBj7YFN%2FKDWkdNYqBox57Oy%2Fyy0RbDravBO5CSiwqRs44%2BBtQ6U9DUe%2FLXDH3ujj4U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a273c8800b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/86.1605512c42332a2f.js | 172.67.188.236 | 200 OK | 2.8 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/86.1605512c42332a2f.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (2908), with no line terminators Hashf7cb4f746f2cabc625d1ab452426c2e5 32f7f8a18c1d477a41291637019374bd4d722df9 6e3c489f8505040ae3a765d615dd63b8e385d2baeecd0ba58a2da9bf079b1a9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/86.1605512c42332a2f.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-b1e"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yUOPc5oW48NMWmS8oCGDQ54DSHk7rTrwMAlost1JwGemvGcnLwFdhgpxFbvUmPSSeKXN4tmmW9rjgMTyU6wiNq0m4ATpMIoj4XMIi5HSfM%2Fj1jwsqSYu9DWSYNUoXcH4Y1U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2715f4a0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/main-beb6af9e60a8e042.js | 172.67.188.236 | 200 OK | 109 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/main-beb6af9e60a8e042.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (108886 bytes) Hash49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"662951b4-1a957"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6JXqWKmpHQiIWRZT302OpWin4sqgMKc7uSrmd38l20No4LD%2BCwR4yN1WFCP%2FAyRDW4WApTuC1tpo4NRBb6MOM0%2FVzjk9J41yMkloxOt9z0nUYPsE%2Fe4UVkJFIW42S2kb%2BSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffeb90b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/finance-survey/33/ | 172.67.188.236 | 200 OK | 39 kB |
URL User Request GET HTTP/2grudsaugast.com/finance-survey/33/ IP172.67.188.236:443
CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/33/ HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: text/html
last-modified: Wed, 24 Apr 2024 18:38:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AP6Fr2eMo1zs6gKb8FdXR0DoICzAuQoENR3xzK7NOMEjTfk617fqjcuiNgIZ7ABp4dBbNb10PX0klYE5%2FhfiOI9efrl2N%2F%2BbHj4m2qi7VThXwXWTxr8Fi8ZTi3iu4KLCMFc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26e5e76b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| grudsaugast.com/img/comments/finance-survey-people/person-4.webp | 172.67.188.236 | 200 OK | 1.8 kB |
URL GET HTTP/3grudsaugast.com/img/comments/finance-survey-people/person-4.webp IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash5dc160f6b521dc8f6c670b140b354fed 22e15cda82b532067b99932ec28f86ea2cc1ecbc 09c6c6de57458ec0c4e7a3d2375e0c7b9c037de9366b63e3685cc0ca94d838b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-4.webp HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/webp
content-length: 1798
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: "662951b4-706"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cQlJhgGhNhYEo9PUjOyYSC773HZN%2FdFcCzBt8BEVTr3ngJi5aVNuTZgFWSfG2Balre5ZjLPsVV6rAjBZGUIGhHyaZ5gqE1hshVdPnJrX5l88t0ykGk9ixOiZfq%2FZpIgJ%2Bx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2726fde0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=&ymid=&ab2r=&var_3=&var_4=&os_version=&uid=svqrp1z3zapydm1s2p3505mu46kp2ys | 172.67.188.236 | 200 OK | 4.7 kB |
URL GET HTTP/3grudsaugast.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=&ymid=&ab2r=&var_3=&var_4=&os_version=&uid=svqrp1z3zapydm1s2p3505mu46kp2ys IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4747), with no line terminators Hash619dd56cb2c8e95d9f1831273e7dc7be a4fa2b6560cf316a31b637a80ef51e23024c0c5f 1a11f7d6617ac3cb38e9290240ed73349b55b5514d62087669a187afe14fcdb5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=&ymid=&ab2r=&var_3=&var_4=&os_version=&uid=svqrp1z3zapydm1s2p3505mu46kp2ys HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grudsaugast.com/finance-survey/33/
DNT: 1
Connection: keep-alive
Cookie: OAID=svqrp1z3zapydm1s2p3505mu46kp2ys; syncedCookie=true; oaidts=1713998840
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:21 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 565eaf46407f4319a02c90de68c835ad
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://grudsaugast.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=svqrp1z3zapydm1s2p3505mu46kp2ys; expires=Thu, 24 Apr 2025 22:47:21 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFXc4LAnSn%2F5WoqcQ9bGzNlSyaKUoF5xNu%2BddqYCAAacyb7DkwNskvxooaFj7ZOC8PprFpew0hRyUOjJrD5uhepTn1sdPeM%2FjC7vOev8ffATKi73dD92NDsrlhKy0M1qXGs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a27378570b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/1706.8b7dd24879347088.js | 172.67.188.236 | 200 OK | 20 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/1706.8b7dd24879347088.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (19738), with no line terminators Hash7cd1db24e089a8319084d97207e5bab9 da0814161e7abc9c852b7219ad17af3db13774e7 46d44f30314f990c43945d6bc834b31b3051d68836c384244a632195e22df8e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1706.8b7dd24879347088.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-4d1a"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5yLM5abQ3xvS0CTgmgp7QUu7Kd21Uf%2Fkenj4rIqZnkA2AzoL1guQnQxCwG19bD9Azg2sqSuoNsHDrTExTewHU3I1GT%2FI1w11Hx3k1wvNmak%2B3yRowX%2Bvt5Qi7ZT2JKaLqcE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffeb50b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/framework-3281cb961088a9a3.js | 172.67.188.236 | 200 OK | 26 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/framework-3281cb961088a9a3.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (26042), with no line terminators Hash499fb17b15c09c2d76681f27dde9a031 5564d317c33112db56918ec372d392caabec70f2 9350c53e2fe847ec629962106d01d6af28a0d9c69feb57e7609b3c096935cdb2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-3281cb961088a9a3.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-65ba"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDNkWv3cH1g5Nak2%2BmyjX9UED7GkTsCSEo30A9wfgw4a0Tinofb6dCD2GkVpZ48sdoUSl74KxkB6BRZ3W98qIe%2F%2F9GznVk4cwOgE372j6zAXYTblMhPLAC3%2Fe9GTy4EDehk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffeb80b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/pages/_app-300835a4e9aacf9c.js | 172.67.188.236 | 200 OK | 40 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/pages/_app-300835a4e9aacf9c.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (39993), with no line terminators Hashf3f209219f0234d519122940ffe82866 201086702881a34037583c151ad307c1f0ea5586 d74e2249aae2b85293388cb3577f6932e60bea804e7a1615a0204b9e4f707d1e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-300835a4e9aacf9c.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-9c39"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8nKwya33jPfa12ocDtEFuNroooTxNWkY3tzhXOU3VQlhCMnnZSH2FawQA7XpSnsjOD42fuKSv41g8llcRtqGkdebTSP7%2BnfvNGzsm%2FCQmFAb%2F4d08POkjwDjkqIUztpvFE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffeba0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/custom | 172.67.188.236 | 200 OK | 39 B |
IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc16023891530fbce40f0a1244c3af01c e15d9dff768d82673e5e797a8395d1fa7d9049b7 c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 303
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Cookie: OAID=svqrp1z3zapydm1s2p3505mu46kp2ys; syncedCookie=true; oaidts=1713998840
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: fb87a758f24c198f726b894625f3e8ee
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=riwXSKgohktWwXfCvJlIIx1sCFyA9yTxM%2BeG3r0J3SMOLhvPrX1CKfC1trxeUDWzN%2BiGZzpnI0xRBw%2B8PV0FmaqPE4OrEanm%2BxnEBVszekJS8mOp7v6Y6BKC9kBi0BaBP%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a27498bb0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/3091.8141ef861c4fae96.js | 172.67.188.236 | 200 OK | 2.4 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/3091.8141ef861c4fae96.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (2431), with no line terminators Hashaff0a51ad60c666bf1f7f27ddff14217 9677799390dc5667eeda431957d59b25d6a40946 f495db20d41fe12519423d9776481cd5c3f1dabc346ea304b8a7201b032d4e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-951"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3QUwD10n%2B4RjZO1Hn07RCujDW2KP14NC88MyKnlsbBsHf%2BfrWHamRNsUQu0dq6CgzpmMVH4UsFzSRJa%2BiXAdz0sH7bWvu2AowJnC8xY%2FwXWsFDKxiv40pDZL52vj5FgNOho%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2716f530b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/img/comments/finance-survey-people/person-1.webp | 172.67.188.236 | 200 OK | 1.4 kB |
URL GET HTTP/3grudsaugast.com/img/comments/finance-survey-people/person-1.webp IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5da2ea294623650bae71fc84401cf60 f1f62ea011cf81953cefe28254c134e992453b91 09a846c5b1af2c6100ff3193789be1e0e21ba9fc45c268f76f2007c78f1e4ac1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-1.webp HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/webp
content-length: 1402
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: "662951b4-57a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3IBGqBFEgiQXyPdtd1MKdJYgwEa6nHv4Z4rYvjrHoe2cX17%2FRu6a%2BTwfazdTpnj5Y7J6KYoF6Lb76cuJOyr2Ex1w1bBBJBDK6RmucnWvvNg1U2rIcSP6Nnzuqv0fdP4QepM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2726fd80b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/custom | 172.67.188.236 | 200 OK | 39 B |
IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc16023891530fbce40f0a1244c3af01c e15d9dff768d82673e5e797a8395d1fa7d9049b7 c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 301
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Cookie: OAID=svqrp1z3zapydm1s2p3505mu46kp2ys; syncedCookie=true; oaidts=1713998840
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 70b7266164d1749e54bab928972895ad
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oj9AsiDAnQULhiWRhzftWtjlsOd%2Fh%2F%2FwVCVEpBlLU7hTZhMEFxydboyOmg3%2FnONgX20NB7IyjLEQsgheDbo9wzTAky6wSNO0%2FYPpnt6HgmOMn%2B5KDmpx%2BTJdUhk4%2FqGBeJg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a27488b50b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/3978.f48a53d50c258a97.js | 172.67.188.236 | 200 OK | 3.0 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/3978.f48a53d50c258a97.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (3033), with no line terminators Hash74bc667253313da76d87a4a986be1be8 9fa4f4b0ef93eb4d387552e257796321d197540f 1c06c61294617665f38c1276deec5d74330236351921feeef0061359cdf139c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3978.f48a53d50c258a97.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-b8b"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mfjl%2FOlrAzo6dY%2BKDvHx%2Bxy11Q3xADhoBIPyzrcvaGsjvh%2FPPGRGmWmNCQ931EjMdaPncNSb23TDs18Rd%2Fv%2BWbFDbR6eYUhoOgng4sSOWRNzBY66CidjMILAtDQ7aDlIn40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2715f4b0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/img/rain/dollars-1.webp | 172.67.188.236 | 200 OK | 10 kB |
URL GET HTTP/3grudsaugast.com/img/rain/dollars-1.webp IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeRIFF (little-endian) data, Web/P image Hasha5bef813a0113d018592091106451c8b 59365e96c4abca5eb98a0c56db0af0bb5cbffebb 036beb7de9c9d450e1442d593ff70ad392ca4be6754e7feaec249c0009e1bd83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-1.webp HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/webp
content-length: 10546
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: "662951b4-2932"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=txCcX3WeuQF%2Fw883evyeGjJpAkcciLD32EeOMooL%2FDEidZ5sojYwp%2B85Fb8LPZfaVE168QQ6Aow6qsnxRm3iTWTgWcAfi9nNJW078LJB5qmeB5DcS0pi5xVfKe8vHHHJArA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a270ef090b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/1155-cb2a66c850e181d6.js | 172.67.188.236 | 200 OK | 65 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/1155-cb2a66c850e181d6.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (65221), with no line terminators Hash28a3811e7bcdc6aefd036cddc87f4a81 d85959e3df80ea535a8c3e2c9c586babbc83fa4d 08646652116dd8a0e0b546abbb7252fd23293ce0ab25847812e84948f4f20cc4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1155-cb2a66c850e181d6.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-fec5"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5%2FJN7l3m%2FG8jv%2FpyJdWYwpFnOWbM13P1gtWZR0RUYzuGNzlwUV4nuzpNO3zaGZcw%2FTtdYyFeT527paCUxUgeQ1450427Yfvj8eIvKrz10RFQGJwLCjCw9SlZxDREUh97%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffebd0b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/finance-survey/33 | 172.67.188.236 | 301 Moved Permanently | 39 kB |
URL User Request GET HTTP/2grudsaugast.com/finance-survey/33 IP172.67.188.236:443
CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/33 HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: text/html
location: http://grudsaugast.com/finance-survey/33/
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aHgHHWTOPYCEahicd6%2BdJJXDhjp6hRNyDyY2qnMZOImKs%2BLARdOoUZOnwxBdzYT%2Fv5tujbvENWZdJzLShR%2FVp5WVeHQOwQ4W9w%2B9I9UbJzLgTfFTNdQixX0RAw%2FV0GKn6Gk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26dbe15b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| grudsaugast.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js | 172.67.188.236 | 200 OK | 925 B |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (939), with no line terminators Hashe370c58940efd9305daf2c9601a7da0d ac6f3895617e4817d7bf86b7c637a231b13a12b7 acba948084ac297d876a066617c1a4c6d9f5a664d43514af605a4c6d1fe37315
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8904.6fbc0cfd51623cbf.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-39d"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guUpiyVDLVDV4MblEWPwTyHVRhOtm3NspZrbbiv8NxaxIzVWmVfIRwSd5tf1I2P3vgWyWVzmCYWijTBBfT8mOGv%2Fcnb%2Fm%2BSKlDdL7EQDrbLVbTldQEvzQumYiqp6im3YTWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2715f500b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=svqrp1z3zapydm1s2p3505mu46kp2ys | 139.45.195.8 | 200 OK | 64 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=svqrp1z3zapydm1s2p3505mu46kp2ys IP139.45.195.8:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashfbc175b8f64cecc4e18a496646560d15 c65b8cdcbf53752a5bc0df278ecb44763584ca8a ebcc1d75effc9c01530138a69dc790fae2a1eb1505c41f0e60a73c86a121b3ef
GET /gid.js?userId=svqrp1z3zapydm1s2p3505mu46kp2ys HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://grudsaugast.com/
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/json; charset=utf-8
content-length: 64
access-control-allow-origin: https://grudsaugast.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=svqrp1z3zapydm1s2p3505mu46kp2ys; expires=Thu, 24 Apr 2025 22:47:20 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| grudsaugast.com/_next/static/chunks/825.dc2233ab620d87e2.js | 172.67.188.236 | 200 OK | 40 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/825.dc2233ab620d87e2.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (39469), with no line terminators Hash72ac5913c12eaedbe7594c6acf1a627f 544008497f3ce02575d0fdd1df7aeecdb0b4d08b 2b3a1eabd05bc09901c3dcfc74e0ecadce09d0d29e9ddaf90f53fe22e169f05a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/825.dc2233ab620d87e2.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-9a2d"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SGCSTICcy5CJdlPDZBnC%2Bcz6qIVsRyvu69Mecb6ZdHqJ52nOmp5LuvRzH2mAI2zBJnopXmt7M6X9ZYdfV2V7g2mfa0%2Bn%2FV%2F7IH6bzogmwNkVAnerWpDe30q2w7FQHTWlyF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffeb60b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/img/rain/dollars-3.webp | 172.67.188.236 | 200 OK | 5.9 kB |
URL GET HTTP/3grudsaugast.com/img/rain/dollars-3.webp IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeRIFF (little-endian) data, Web/P image Hash51ea76ff382bff8ef58a9943f7fd21d1 5c3d6ad6620fbde5ce3dddc88604e6d54621eba2 0240f30fc542fb5c2d532f33bc793b797199adaea75e22a7d9f04674b80d9a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-3.webp HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/webp
content-length: 5938
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: "662951b4-1732"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y9GYY9KyKEKY%2FDf2hOzAfQQFSUWmlWCl4NvJfD2JDrsXXh%2FqwI%2BeS1rfP2sloJpnY4kqBiIze2F%2FA9YmCm2PaLybCOajhaEzMACXhVThwNwakKi%2BQzGneEKG9zrc2Wky0Xw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a270ef100b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/2734.6269ca0cf725ea17.js | 172.67.188.236 | 200 OK | 4.1 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (4219), with no line terminators Hash98132c6c771aec065d3ab61e5c8c0f53 56484dafed6218ea17ef047fc8cd4c5a342c1890 ae09486720d6d4764b5126f0e26414962ee83eeebdc05db588bb7d86855e8b23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-1033"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FRgU7A%2Bd8IdldJAQFVlgm2DAuY8uDhQmLRUeoJ5xIHHRhhRCXeNsycNUoKNDEMxXMRj0TgmCKYDYIi7gRgXw7o%2FIcXz9XkdY1ad6gxNd80AJCy8%2F13tP5Qth5xUED772MRY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2715f490b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/custom | 172.67.188.236 | 200 OK | 39 B |
IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashc16023891530fbce40f0a1244c3af01c e15d9dff768d82673e5e797a8395d1fa7d9049b7 c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 304
Origin: https://grudsaugast.com
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Cookie: OAID=svqrp1z3zapydm1s2p3505mu46kp2ys; syncedCookie=true; oaidts=1713998840
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:21 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: ba2df4704d07c832fe9f8ae8a6b8c566
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://grudsaugast.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=URzkFpd%2FBnEVMuCyjaSAXu9wl4hVSPoWvWP6fAL2RJVGDw%2FJSnPKoFTvAxj2MXAxo4qtVJTpZWC6Jkbygqvg%2B%2F86wp4rUOwIOkrH8CHw8JmO4bvvN0OQ2ILNUO1ACzocxRo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a27488b90b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/webpack-45e17984961598b3.js | 172.67.188.236 | 200 OK | 6.1 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/webpack-45e17984961598b3.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (6330), with no line terminators Hash449358c654ed6edf7218d43e83d8a440 265cf131f2a8d0974d31ca5dda9576741beb2d43 56627674572be6974ef58fb6d513b26a656b80dad5d35c77d3805684c72d9398
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-45e17984961598b3.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-17d2"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4RccBHzzs7FEnvIcXzQ740DG4qEvzb2NG44ZtFeZOVEM9JAw62XVwXnhGxD5owlsCCAjmTvX%2FTDZSeMjC%2BNvJoY8TN8jTOpGJ2rVhfww12GPfGSSgd9j%2F9VI3WRmv4hmrY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a26ffeb70b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/4Be8bWEWJDGngUbmiluPo/_ssgManifest.js | 172.67.188.236 | 200 OK | 182 B |
URL GET HTTP/3grudsaugast.com/_next/static/4Be8bWEWJDGngUbmiluPo/_ssgManifest.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/4Be8bWEWJDGngUbmiluPo/_ssgManifest.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-b6"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jfDdnG9ImGvxnh2otJkFQMo0wXopqdNwVd7iDv4Deav10vSSHJxBu5adpezgmloBVX9uOWvJkKbt5mVCBvoT4tmkBq8djaQZxbc2oSr4paNx68RrbwO63dB81eB42UlX%2BWg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2700ec60b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/6223.36a8be3b6724c1ee.js | 172.67.188.236 | 200 OK | 3.8 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/6223.36a8be3b6724c1ee.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (3870), with no line terminators Hash1d892f4ab084b8290d79dcf9ec65b79a 17b0c18b7201dd8eb4bbd3db5be2f1d784000948 77e68c0c19f773bcf939398361c922509f29268cea7afe93f3f7050183115e14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6223.36a8be3b6724c1ee.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-eee"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fB76AEdcpYHA88N5cXyF6PhdcABeVNH52Hh6XSV9MymhiXYpbuMd0VCiKk2NXYijfZfAI33Q3flTbesGPD3t3fsfp5%2F5kZBuvpnMFo4iViLjY0qEjuECH1xuMt4xF29iRCM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2715f520b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/img/rain/dollars-2.webp | 172.67.188.236 | 200 OK | 8.1 kB |
URL GET HTTP/3grudsaugast.com/img/rain/dollars-2.webp IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeRIFF (little-endian) data, Web/P image Hash8b4203d496c3f52b116af082a0cd4017 de5369e9459e240950bb7eb5261eaac1db26907f 8dd1f04088c25e20d15e1bc23129604830aab2b4d3d0a408a5f047f9768f39a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-2.webp HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/webp
content-length: 8140
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: "662951b4-1fcc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJz6Z8S9Puw2%2F7omppEn8Pwfta0YjgGr0r51qu8TshTwtu4E73ofFh%2F%2F8a%2FSe1HJULTzp5Pok7wUUiXPfPF23dN5DyUXf9JDkBOz659Gyty0lICAuUFkWps8puFX%2FlNvnLM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a270ef0b0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/_next/static/chunks/9787.32846937d0160cf7.js | 172.67.188.236 | 200 OK | 1.8 kB |
URL GET HTTP/3grudsaugast.com/_next/static/chunks/9787.32846937d0160cf7.js IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeJavaScript source, ASCII text, with very long lines (1771), with no line terminators Hashd269bc24ab428864c8a5d9fd90d791ae ff1943ecbdb21dd40483e22778b0826bce974cde 086e81568c991bb4f9d7f9bcb854f1f2bf66b7397b1eef5b0753889ccb86cb30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9787.32846937d0160cf7.js HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"662951b4-6e1"
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QxmL64pOI0yId67UiQaIRoLiFfC%2F3quEldmwRi0ESwpxD2BU7%2FJZxIS7IFA5XtIw%2FqL2yCoT1IZKcsYlceG3l%2FogkiDf5mqtanjx3uPiupvIkYVvFdti1OzmNx6jzurdcUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a271af790b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| grudsaugast.com/img/comments/finance-survey-people/person-5.webp | 172.67.188.236 | 200 OK | 2.4 kB |
URL GET HTTP/3grudsaugast.com/img/comments/finance-survey-people/person-5.webp IP172.67.188.236:443
Requested byhttps://grudsaugast.com/finance-survey/33/ CertificateIssuerGoogle Trust Services LLC Subjectgrudsaugast.com FingerprintC4:E7:FE:B5:75:1E:68:90:32:78:06:DD:D7:E5:E1:28:58:0E:B7:EE ValidityTue, 16 Apr 2024 10:27:04 GMT - Mon, 15 Jul 2024 10:27:03 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash188dfcdf19da1d86ed162d54ed03536d 98b1baefbb803548b2894547091b4c7773406524 4f8251665e3cc796f127ea6cbdc00a9ec450adff16acb4ec74463c446b6f4ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-5.webp HTTP/1.1
Host: grudsaugast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://grudsaugast.com/finance-survey/33/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 22:47:20 GMT
content-type: image/webp
content-length: 2384
last-modified: Wed, 24 Apr 2024 18:38:44 GMT
vary: Accept-Encoding
etag: "662951b4-950"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYaWCxf%2FYg0dShq5vpuZMnioYmShlxuzsUinIlvE%2Fft2Z4k0YuGHOPuNrMRtzax1oM2SJhRmGR0ngCrSS1A5qb0Y%2BbVmr6%2FKNMp9tQTyLotIT4Sxy0Hp4lnkcq5n9eKNurY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799a2726fdd0b55-OSL
alt-svc: h3=":443"; ma=86400
|
|