| bauruhoupsie.com/img/rain/dollars-1.webp | 172.67.168.181 | 200 OK | 10 kB |
URL GET HTTP/3bauruhoupsie.com/img/rain/dollars-1.webp IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeRIFF (little-endian) data, Web/P image Hasha5bef813a0113d018592091106451c8b 59365e96c4abca5eb98a0c56db0af0bb5cbffebb 036beb7de9c9d450e1442d593ff70ad392ca4be6754e7feaec249c0009e1bd83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-1.webp HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: image/webp
content-length: 10546
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: "663cf76e-2932"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lLsJsmQxybHoiY4Et%2B8HfHUEEfU%2FRTV6MegT9n2ul64TE4kSjtwGgiXUwaoZyEykunV2DgQLtLfm4WroP%2FPVU75IdqAeVxUsU0DtbrLQjornOKjfzvZdwpateOJA1rNuPAI0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd86d2956c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/g2g7SIlJPWzfKopgAep8x/_buildManifest.js | 172.67.168.181 | 200 OK | 8.8 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/g2g7SIlJPWzfKopgAep8x/_buildManifest.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeASCII text, with very long lines (1605), with no line terminators Hash32cb5a1df18161307e65be27568dac89 11f939dca9af24f70bfb1b1f0c8d2027a4308b77 10e6d484fbbeb2cd4800d49340724b772bc46488f668a5a020ee4c1b44ba069c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/g2g7SIlJPWzfKopgAep8x/_buildManifest.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-645"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BGTneK%2F5KDWrFNwnCxcMs1DZ5%2BQKzBt9dkB9ndc4GD2ocAQczixytLt%2BZ2ODsjAZPUhlxOMeZffo4lxVhLVaHSGJEl1I6nRmIack%2BFoAss1NYbV8epNAaMQJL4Ig0wnmC430"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7ec5956c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/img/rain/dollars-3.webp | 172.67.168.181 | 200 OK | 5.9 kB |
URL GET HTTP/3bauruhoupsie.com/img/rain/dollars-3.webp IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeRIFF (little-endian) data, Web/P image Hash51ea76ff382bff8ef58a9943f7fd21d1 5c3d6ad6620fbde5ce3dddc88604e6d54621eba2 0240f30fc542fb5c2d532f33bc793b797199adaea75e22a7d9f04674b80d9a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-3.webp HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: image/webp
content-length: 5938
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: "663cf76e-1732"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fQGA5rwdwXaI9UTSTNEMv64pVkUlprAXnS0H%2Bo0p6wbzAP1vP25GOrDm2oNCUpykApcyuLaFuWuWcI4BmvM71%2F4PHjzw8%2BaZlcBEIk53St6ciXiv11F2EkNl5EebMTUF%2B5fY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd86d2f56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/6335.98b59ea79e74779e.js | 172.67.168.181 | 200 OK | 14 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/6335.98b59ea79e74779e.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (54277), with no line terminators Hashd2d1ee007a43b39d59e399adf09cdb45 c4e72353ba2deb9e9c9439516fc75080796ba35a bc4157510f688def5f555f6809552242db5d20bdcac80e418acf6fdd362edf7d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6335.98b59ea79e74779e.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-d405"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KfW%2FhONwENCbp6mm4iwEduIDl133e26F8np%2BVdurCTcHYWZgb6uvmhlRwvkGNi21QSQAPgO6MLY%2FBLQ5c2C7YXNPEfOk0JYjEAIfgAmgxJ1WxVMN1p98OUxgtiT5XMw2Cc1E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc3756c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/3091.8141ef861c4fae96.js | 172.67.168.181 | 200 OK | 9.1 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/3091.8141ef861c4fae96.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (2385), with no line terminators Hash8de4ecfc18371e9af83a020ad48a4839 f4cfd9509facd189f8e3487426a36cecfc77c090 954601b08c55f3c2e1c2a0a766e31a55e18b3ee0f6213cd1761decd4e4715f64
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.8141ef861c4fae96.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-951"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FkVwENMedcNGDq%2F7ATqEvquqOtIiea244wDKgef2cdShJUYGgSn230OPimxmTtdcDpCnCP8xmWWd1yTrTFE%2Fg%2FC0DkExn6bc8ZfvLgaOYlYOB9deBWSf8ZPWNn9c61ywgMb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd8fdea56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/pages/_app-1a7794b4b3bf3b57.js | 172.67.168.181 | 200 OK | 13 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/pages/_app-1a7794b4b3bf3b57.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (42111), with no line terminators Hash5b7462752cec4dd35b1bf18f7df811cc aec8d61860c8c78eb2f2c5621b662d49f47a3ef3 55c73aad539702281fea154e0906ba4d0958c68de10d413c196c68eb63c39da5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-1a7794b4b3bf3b57.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-a47f"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bXtzVGdmYJz2Cv%2BoXToEIiB6wnQpk%2Bufj7edblg0wmvCfEqEOYTZuMObZvSYZYWsO%2FTDGTpI0eFGg1enj81JXw134UGNn%2FpUXCJpkM%2FMpwt4DPDfUyHcvr085lJrB%2FjRFbr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc4a56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/img/comments/finance-survey-people/person-3.webp | 172.67.168.181 | 200 OK | 1.5 kB |
URL GET HTTP/3bauruhoupsie.com/img/comments/finance-survey-people/person-3.webp IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hasha747d227c2e10b5178fd942484301d7a b3c5cf90dd5fd2c26c7b17dcb2d35b6dd47065be 9f4fb1281b7141b9dd48925953f7b039b6c411ea0e6e5b158d3e000d75316e9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-3.webp HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: image/webp
content-length: 1454
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: "663cf76e-5ae"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4246
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7fG1SXcPvxuAi0WBqvXoa4IhwIFX%2BnrcJnuhQcGNKoP9PlrFVKLZYS17HxmYD8rPiaqv8VTe4SLkzhgjFCvlGVqMTlTM0ljSTNxLawvCkTVt%2FAFlQ2mAy9tPFj%2FaFXa3w2Mn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dda4fd356c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/810.a0608c12f2123e1d.js | 172.67.168.181 | 200 OK | 1.6 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/810.a0608c12f2123e1d.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (2996), with no line terminators Hash21123338572e9bc9ecef1ae7f2a671a0 6bfd1a5a3a454c704c10a07f8d72ce96ba6d0cad e869ca9a1dd932f4220641f06ed73b7ff85e06587cf86e014a23b972388b4a12
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/810.a0608c12f2123e1d.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-bb4"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 251
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FNQHTJOwCAZKttAygXgsRSi6qq7IDRhV2eNF1SeTOL9RdntCPvWkvDhuucYvGoQ6OgmJY%2BZVEFppA3M8ZeHbsgxQ7Xq3lCvtCfUTJ5Ger%2BNHGxh%2Fl0OKM0lSBQsIDLa%2B6WmK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd8eddc56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/img/comments/finance-survey-people/person-1.webp | 172.67.168.181 | 200 OK | 1.4 kB |
URL GET HTTP/3bauruhoupsie.com/img/comments/finance-survey-people/person-1.webp IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5da2ea294623650bae71fc84401cf60 f1f62ea011cf81953cefe28254c134e992453b91 09a846c5b1af2c6100ff3193789be1e0e21ba9fc45c268f76f2007c78f1e4ac1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-1.webp HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: image/webp
content-length: 1402
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: "663cf76e-57a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4246
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZwSFJ9M4xpaBafkt6XZAEcddnZ47Qiwsk09BCMvKmdvYSH4C5xkfX3MbAu8Dzvtdj4v2Y1R7tENPsThRyZ19t7WVjaxdZ5K3gBIOoK65EBYFKVm8WVStc7wfzHO2ylVy3zx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dda4fe256c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/6223.f75ac61ae8ab7ac1.js | 172.67.168.181 | 200 OK | 1.6 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/6223.f75ac61ae8ab7ac1.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (3821), with no line terminators Hash63e42624a0a2e938e43c9f253bdd2af1 6c4bd2c6c56338138db1d18413a1e333c08d6a40 6a5a6b8e03f61bbb48eb6c298071e6d028dda863efd959e45eefb94cef57ac2f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6223.f75ac61ae8ab7ac1.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-eed"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p0uG7L1zAnjTx2hzLwHn%2Fp0wRGlN3LR6YlhEh%2B9T%2BCNSaVNJ%2BNfL7MfIeEckuHj5KwRaB38%2Bv%2BrJjFrGC9lsursACTYNGLy%2FbNaaClq9lRmX8Gx5KufkFhmW8scP7ZE4FiXx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd8fde756c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/4981.2a332d38c95dc4f9.js | 172.67.168.181 | 200 OK | 4.6 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/4981.2a332d38c95dc4f9.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (19546), with no line terminators Hash223898374dd56eccf76322f878b326f7 dc004d92d8fb70e324e193f138f496b190164126 56c360551aebd13f55666a056edd4c681b39fd1b3832ce1233fc2dae7640ed46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4981.2a332d38c95dc4f9.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-4c5a"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lx0U4p4mXjlwM%2Fir5NFfrhjUU%2Fognrjnfmu3ykhRuz71gHDnB5jIbo0Bkb855I9VpOcSSlSlhSgu4Qzox%2FAcKuIcTXNDA4bmkVn%2F2d8auiR2eK%2Bgv5AiM%2B%2FBP2k2VbLm8bUS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc3556c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bauruhoupsie.com/
Content-Type: application/json
Content-Length: 424
Origin: https://bauruhoupsie.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: e5d739eb66e9f1406ebf40143584803d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bauruhoupsie.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bauruhoupsie.com/img/comments/finance-survey-people/person-4.webp | 172.67.168.181 | 200 OK | 1.8 kB |
URL GET HTTP/3bauruhoupsie.com/img/comments/finance-survey-people/person-4.webp IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash5dc160f6b521dc8f6c670b140b354fed 22e15cda82b532067b99932ec28f86ea2cc1ecbc 09c6c6de57458ec0c4e7a3d2375e0c7b9c037de9366b63e3685cc0ca94d838b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-4.webp HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: image/webp
content-length: 1798
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: "663cf76e-706"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4246
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=si%2BP2byKn%2BtH7C4%2BRXAL165vpfTDXx%2FM12dyZMuEs56UOLBxoQqKEnEJqj1ens4jTRPDvr4h1%2Bd6NiKN98rfClrMKsx8lw2YNfMCYDu5Jl5M60hqMC2wQd%2BubNVJMA1ima46"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181ddac8f956c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/img/comments/finance-survey-people/person-6.webp | 172.67.168.181 | 200 OK | 2.4 kB |
URL GET HTTP/3bauruhoupsie.com/img/comments/finance-survey-people/person-6.webp IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash7be25941ac032fcec25b1bb4ede296d2 cfc4fb3733844326076b6d7632087204c0bea34d 0ff9d28c4ab7516d2790e8df4d325cf602bc8f9eb787a7cd9b6554edd9530e4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-6.webp HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: image/webp
content-length: 2440
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: "663cf76e-988"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xDFEUgutwT1EAnGfwrmVJVu%2BeteFeakHYv3kNGaDZuKJls8%2BwFoVfg%2FTh4xNNkNn%2F4RIPF%2BX2NH0GQWjKyrKUa5WWN9AYxm7g2OyMr0oVoDMgZOPjtiBLEnY37Xg7pTEpRLe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dda4fd656c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/img/comments/finance-survey-people/person-5.webp | 172.67.168.181 | 200 OK | 2.4 kB |
URL GET HTTP/3bauruhoupsie.com/img/comments/finance-survey-people/person-5.webp IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash188dfcdf19da1d86ed162d54ed03536d 98b1baefbb803548b2894547091b4c7773406524 4f8251665e3cc796f127ea6cbdc00a9ec450adff16acb4ec74463c446b6f4ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-5.webp HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: image/webp
content-length: 2384
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: "663cf76e-950"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xL0uJku2arxmLC9D5CIbQANbZBM6hAqd96BaBZF8OgKd8MSzb1GjbYS8aZNdfxWlkG27YVvGIRaR48gvVIG9s2CFC9h2d3XjuAXX8SFgW1svXKUPjK5HIN4XhMIjfC38aQ4r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dda580b56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://bauruhoupsie.com/
Origin: https://bauruhoupsie.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:11:41 GMT
content-length: 0
access-control-allow-origin: https://bauruhoupsie.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL OPTIONS HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bauruhoupsie.com/
Content-Type: application/json
Content-Length: 444
Origin: https://bauruhoupsie.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 2fde9592361c9f07b41e1ef382576787
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bauruhoupsie.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bauruhoupsie.com/favicon.ico | 172.67.168.181 | 204 No Content | 0 B |
URL GET HTTP/3bauruhoupsie.com/favicon.ico IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Cookie: OAID=tv2elvw12lkhqlweki1cd2af9zg9x3; syncedCookie=true; oaidts=1715325101
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 10 May 2024 07:11:41 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4245
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2gHeVFgJ2xVYZ1GwlpHM7YKIu0QH1U24UgLqvCGPKI7o7WYa7xthZqW2acKlniflPXIwECS38FX5ehhu1taz6mpM%2FbkBpRo3eOI0McXky2agP5BDTzqlPiF5W7Tg4sLBtFN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88181ddb79dc56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/framework-8940d626f3bfb7e9.js | 172.67.168.181 | 200 OK | 9.9 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (25995), with no line terminators Hash33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-658b"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36fJ9OX12RmmdxvuBY2q%2ByZbWDCoWwwUUCvBQwVNalz23D2umW0gC6LKiE2HwJfVrQo7i7Fy%2BSXSsD%2BegqaXWNn%2FlzennQLW%2BIMK2QFfbXqYclu6lt9U0ftVZRh2oto4wHAB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc4156c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 179 B |
IP139.45.197.248:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash081142aa1c9267422ee7fd25ac457579 cf8a223610da412aab4cc9aec68f6f304258b3ce 58084d495376ed2e41f026c352cabb187129c58109f2b15caeb1a539deb2cd19
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bauruhoupsie.com/
Content-Type: application/json
Content-Length: 161
Origin: https://bauruhoupsie.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: eb8aa17f6d4fd6c5680225233e7084cd
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bauruhoupsie.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bauruhoupsie.com/_next/static/chunks/7903-dd238946c7924507.js | 172.67.168.181 | 200 OK | 13 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/7903-dd238946c7924507.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-7c98"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7JLeHbBMayIVq8IdH3k20cOgTVL5dopBUz2jbtDy8kJE2amJJXrfJHWiTcExcOlhaPFKAmgkbL2boWjgq8vBZcILXeS%2FE7V58guX%2FXKXy%2FAxsfQ%2Bs4KZ8du%2FhfAkByv8ccTt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc4f56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c22b75f1-a65d-45a5-89a4-795ba77ced32 | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c22b75f1-a65d-45a5-89a4-795ba77ced32 IP139.45.195.253:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c22b75f1-a65d-45a5-89a4-795ba77ced32 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1453
Origin: https://bauruhoupsie.com
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 10 May 2024 07:11:41 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://bauruhoupsie.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| bauruhoupsie.com/_next/static/chunks/main-beb6af9e60a8e042.js | 172.67.168.181 | 200 OK | 46 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/main-beb6af9e60a8e042.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"663cf76e-1a957"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MyujbU0iJvXvRTxSAlYmHh5P8TOpP12%2B8DlXMeOUvdZ5twSgdJzgIwoJEWE9eGLFd24U149MOxL%2BqBcX60taKAswscnUDr4pcu7tj6sQOw3UxDM8T5BlG3GR8pWXm2qg6qrR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc4456c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/2090-519478c186a3d867.js | 172.67.168.181 | 200 OK | 3.9 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/2090-519478c186a3d867.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (10752), with no line terminators Hash37545926cc9a6e537b9f3e95d7a16c1e c3cbfe1f9737817eda25770274e97feaf6b8cc68 d3ccc772608b2a03a543da22715903e2b6e2c14c42c2f475a0f483ac3cd64b37
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-519478c186a3d867.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-2a00"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 861
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tL%2BOVGI1Y8llV4fUmr9tE2yaWMK2kfaxlzuZMGNRhfJreKK8oeNED2XTS%2FqejSKYwiZqk2Q1ZvJC%2FOsw9hAkJrUVvT5nJ4JPuDlS9SSrfC%2BmU10IbB0IZkm15ntdvpyXe2ei"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7ec5256c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hash97a169b11e96833ce2de8503a387894d de03e12f5fc6ff93030e3a7ae9e9a2f0b4a86109 663703e251acba073396c08f67ead6f1f0492134eb4f068345f14b40174a2d0a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bauruhoupsie.com/
Content-Type: application/json
Content-Length: 1916
Origin: https://bauruhoupsie.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bauruhoupsie.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| bauruhoupsie.com/custom | 172.67.168.181 | 200 OK | 545 B |
IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /custom HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 426
Origin: https://bauruhoupsie.com
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Cookie: OAID=tv2elvw12lkhqlweki1cd2af9zg9x3; syncedCookie=true; oaidts=1715325101
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 5b04d4d5cdd889c50c1f11ac01ea09dd
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bauruhoupsie.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UNdDeXMBs3POBQnsey3L8tOLDPbqtc7NdUJwiez4ZFhGCqgcq%2B5sVqr7ap8T3M1KdBm7AkrmuDGP6ngGoP517T%2Fmlf2nC%2BB70cpl1ICczburjNBYwEN0Ghhga8SZs8KZyE0L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181ddcdc6156c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/sw/universal.js?var=4806802&ymid=175517_%257Bsub_subID%257D&ab2_ttl=5184000&zoneId=6679101 | 172.67.168.181 | 200 OK | 6.1 kB |
URL GET HTTP/3bauruhoupsie.com/sw/universal.js?var=4806802&ymid=175517_%257Bsub_subID%257D&ab2_ttl=5184000&zoneId=6679101 IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
Hash3720f9cee1df8fca36fe99491eab215b 1705d72778aac160278f15d86a8d1aa2bac785bf 08c09c04a09d4a2fe27fc50189a08f18cfe108a3b966d4a36c77819275c0d81d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=4806802&ymid=175517_%257Bsub_subID%257D&ab2_ttl=5184000&zoneId=6679101 HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Cookie: OAID=tv2elvw12lkhqlweki1cd2af9zg9x3; syncedCookie=true; oaidts=1715325101
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-5b2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1DcUd7UR9vZyP6me1huQ8kskjNlVsYZUGjUqx8E%2F0Ff1GMsdbFJ8Ou87zf2wbi3BW1u43p080sLGzc55HwqdK8USVksWwJwiWpJzO3RlearDl2gJJjvhHwyVk%2B8QjZmEvpWu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181ddcdc6456c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/css/0bc0cde260d08b97.css | 172.67.168.181 | 200 OK | 1.8 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/css/0bc0cde260d08b97.css IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeASCII text, with very long lines (1841), with no line terminators Hashff1d3d5d24ca0172d59b02e7505ddaa1 41e83ee08e21f369886b0fdad0ba01d8b20897b6 939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"663cf76e-733"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K4ecUhBeOG1XLFAP2w4t09FpjdSKFrkmNj5%2BSzXpbE33pIBQ1nexrmHx78dOQsczstkM2BtGq6cdce%2FwljfaYey4ZK3l6IE1Oc8TJzuyxVQuJLnTmUV7BvwVCcmqQaH9kt7S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc2c56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/track?dry=false&request_var=175517_%7Bsub_subID%7D&oaid=tv2elvw12lkhqlweki1cd2af9zg9x3&os_version=&var=4806802&var_3=&var_4=&variable2=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU&ymid=175517_%7Bsub_subID%7D&z=4806802&offer_id=2025 | 172.67.168.181 | 200 OK | 182 B |
URL GET HTTP/3bauruhoupsie.com/track?dry=false&request_var=175517_%7Bsub_subID%7D&oaid=tv2elvw12lkhqlweki1cd2af9zg9x3&os_version=&var=4806802&var_3=&var_4=&variable2=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU&ymid=175517_%7Bsub_subID%7D&z=4806802&offer_id=2025 IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe6246b04b7d99b675f7086e756e1f242 9f3b5f5cb9b34830dc20448a0acc83bcce5d2727 5ecadcf1c19edd16643f48e47f530b024c97a5653f98a47e14c61d5270dd7881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=false&request_var=175517_%7Bsub_subID%7D&oaid=tv2elvw12lkhqlweki1cd2af9zg9x3&os_version=&var=4806802&var_3=&var_4=&variable2=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU&ymid=175517_%7Bsub_subID%7D&z=4806802&offer_id=2025 HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
DNT: 1
Connection: keep-alive
Cookie: OAID=tv2elvw12lkhqlweki1cd2af9zg9x3; syncedCookie=true; oaidts=1715325101
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: 39c3eb3032f07355194515d9eb2e86d4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bauruhoupsie.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PrH4NW1lR6L%2FTJFD%2FtiFLvryV1%2BxTMScq8qX%2BD9l%2Fu5y1mL%2BTRC%2B5yTniDC2rKORo2kNbHBt8xhU1ktxHyIqWudMjV7ISAGp7TSDFMYyuMpqgMckEMYc2BmXMkm6V0Bb58vn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181ddbaa2a56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/5927.37a5338b8ac59a08.js | 172.67.168.181 | 200 OK | 19 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/5927.37a5338b8ac59a08.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (18708), with no line terminators Hasha385421104bc74c949dc4c6191ef7df9 30827209462e4ce7b901e71b238109574cc117ba 441f4699276f051e940137c231a4d48a7d4a0958ceeae78958482cd8a89663be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5927.37a5338b8ac59a08.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-4914"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yge6VXdFGR8hDQyfTmUzmHQmGUqqwQUWmSKlE4BYGfiD2CgIBpXDq7z2l44S7mNtpo6cOCydxsLKMYYiM1xKnQzZrUrjwU01qjPXEW3CU%2FQCkF4YvdzCQ8BaSqCQZlB%2B75Tc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd90e0756c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=tv2elvw12lkhqlweki1cd2af9zg9x3 | 139.45.195.8 | 200 OK | 63 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=tv2elvw12lkhqlweki1cd2af9zg9x3 IP139.45.195.8:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash94108513e6f3a8e5a1ea969ac774582e 142f38fa26645aef012ccdb8e580ccc2ece4c9e7 684c6c53c925c0e6c8b359f87e4db9b0de5447d9cf8371fa9aac7ecce40507ee
GET /gid.js?userId=tv2elvw12lkhqlweki1cd2af9zg9x3 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bauruhoupsie.com/
Origin: https://bauruhoupsie.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/json; charset=utf-8
content-length: 63
access-control-allow-origin: https://bauruhoupsie.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=tv2elvw12lkhqlweki1cd2af9zg9x3; expires=Sat, 10 May 2025 07:11:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| bauruhoupsie.com/zone?&pub=0&zone_id=6679101&is_mobile=false&domain=bauruhoupsie.com&var=4806802&ymid=175517_%257Bsub_subID%257D&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=8f917e28-1106-4e6a-bf43-3564ca95bcf9&action=prerequest | 172.67.168.181 | 200 OK | 0 B |
URL POST HTTP/3bauruhoupsie.com/zone?&pub=0&zone_id=6679101&is_mobile=false&domain=bauruhoupsie.com&var=4806802&ymid=175517_%257Bsub_subID%257D&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=8f917e28-1106-4e6a-bf43-3564ca95bcf9&action=prerequest IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6679101&is_mobile=false&domain=bauruhoupsie.com&var=4806802&ymid=175517_%257Bsub_subID%257D&var_3=&var_4=&dsig=&tg=1&sw=3.1.504&trace_id=8f917e28-1106-4e6a-bf43-3564ca95bcf9&action=prerequest HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bauruhoupsie.com
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Cookie: OAID=tv2elvw12lkhqlweki1cd2af9zg9x3; syncedCookie=true; oaidts=1715325101
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-length: 0
x-trace-id: 38f81c834888d8c521c357cb61756450
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://bauruhoupsie.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q6bCnoVexkrqk8tQbM6ZMKd3YrS7qhRaiNSJX0lYMWSMvmLjdYtt0YLTh%2FA8oSLL%2BBW5UXzqgOtiQg9xF3XXZ%2BcwmCVglSQe1VF5X%2F91TPF1fqVjOVweg0TBS3aOVdCKxRr0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181ddcdc6c56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/finance-survey/icon-survey.svg | 172.67.168.181 | 200 OK | 2.7 kB |
URL GET HTTP/3bauruhoupsie.com/finance-survey/icon-survey.svg IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeSVG Scalable Vector Graphics image Hasha000ba4d0e7570d810feafb22bc50bef af8fce44a683d3dfebe69cbe856e747739c9a666 9ae848c180201d8ae5c59ce118b0b7ef395a01295fb04d57e81cfe0566100679
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/icon-survey.svg HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: image/svg+xml
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: W/"663cf76e-a72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4246
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GObno7QiBHTsGs0qweSBZivMZJ5D1GSgTJP1kNHKjUBrr6kJFXgmJMz1SNq5gKq1q4wHcndA5CwFpdFRxGJ4lcJpfNvSRFfRvkwzi4CgVJmRgSz4AYZ%2F7mg8Ijejo4Jw7mmo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dda4fd956c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/img/comments/finance-survey-people/person-2.webp | 172.67.168.181 | 200 OK | 2.2 kB |
URL GET HTTP/3bauruhoupsie.com/img/comments/finance-survey-people/person-2.webp IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash8f8ffbb278de1342e5cf44cd0c677c23 1b4b4428e409479cc8a8acfce6f537c2aeea7556 ac4284ed6941963c4fa0db306537f42f3a0b1fa18710bc7b9e1e62188961d83a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-2.webp HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: image/webp
content-length: 2220
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: "663cf76e-8ac"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4246
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PZ1T03LYdRsk3IVay2Qz3bj020Cz40loF0nNlRNuWQiMCN5v77a3D0GOZbY5UecIP8BOurznC5i%2BvCo38%2B2i2ZgZbCjeKUhNRunGmhTeO3ctJhKgQYugK95Wyl2Mh8nsGbHR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dda581156c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/86.1605512c42332a2f.js | 172.67.168.181 | 200 OK | 2.8 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/86.1605512c42332a2f.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (2908), with no line terminators Hashf7cb4f746f2cabc625d1ab452426c2e5 32f7f8a18c1d477a41291637019374bd4d722df9 6e3c489f8505040ae3a765d615dd63b8e385d2baeecd0ba58a2da9bf079b1a9a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/86.1605512c42332a2f.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-b1e"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RgiasQ9qje98V3s%2FTi%2B%2ByDCl%2FQSTfuRMYHC4pXEEKc2xnUk7Ivf1eNgjbNmmqH2TEsWNqnr4CdTx9xsJMU%2B5ku%2FZ4Y3i5y%2BiXX%2BIsowyHiFjSebQUFFA6%2FJbVkudXf9qyiZF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd8eddb56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/812.7027cef6620548be.js | 172.67.168.181 | 200 OK | 13 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/812.7027cef6620548be.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (13202), with no line terminators Hash0cdc7044086bdb0ab8c55df3e1576c7e fc66dfaf7e67479c19b68476453cfca37df28469 6253c27cf319c795afe04117585b004d5cb4b20150e2ed3da234f40b7dcfe568
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/812.7027cef6620548be.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-3392"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Uua3SCxEv2WNJSCW9pkLvo14eUjifPaCLorMq9BQo7YyQWSoaBgYYolnGOkO%2FGUKQZ8rhd%2FogD7rVB4tG4J1758UcN1V0xUlaZAH297BAE0LNHM%2B7IeZXU7wQTpxToHmvqz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc2d56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/g2g7SIlJPWzfKopgAep8x/_ssgManifest.js | 172.67.168.181 | 200 OK | 182 B |
URL GET HTTP/3bauruhoupsie.com/_next/static/g2g7SIlJPWzfKopgAep8x/_ssgManifest.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/g2g7SIlJPWzfKopgAep8x/_ssgManifest.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-b6"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEUqOVVLSnV%2FTOELo%2BhfxjRsPeIh%2B9Ciqx1E9iZ2bCuuxTMBtEQ1rBHhkd4yToFMja2UuqIWUJGFKGAblENitzfYneAMnAVZla5ijmtWyWkHdAXQ%2BsiWjc3B0C%2F7PGoxqdbt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7ec6256c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/1754.983ed55293c299ce.js | 172.67.168.181 | 200 OK | 13 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/1754.983ed55293c299ce.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (12711), with no line terminators Hashaaadd1fe7166e1641b80d4a871e91a77 44dd71230caa2b99dbe1a804fb3e444fa2dd8255 918408a27b1ee2472daf8940c82be10db3c347bf9111c15eb4b23bd34600153a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1754.983ed55293c299ce.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-31a7"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hCgtx6S3KqjZeLRN9pdNRJJmQ0%2Bl2AqTkiKRPmVPCbM7aEyp%2FRNYSzDink3lMl6M9hcdJrMI8sHW0jNheDyBq7nfC4LYVYTThNRrLM65vHTCDHdKnHgWMz%2FVmIuZBVAke6Ys"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181ddac8fb56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU | 172.67.168.181 | 200 OK | 40 kB |
URL User Request GET HTTP/2bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU IP172.67.168.181:443
CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: text/html
last-modified: Thu, 09 May 2024 16:18:56 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sanXdGpmOd3mDt7nrYOm%2FhtQISXeJaiT3o6ZypjCCa66q4maG22%2BEWKUyJ94ALu87vOYUV7u64w%2B5rLKgOKDqho11iXjZ%2FyaXZNCZvQFM54foJZkdVozYMbKyivfQlchaB33"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd63c2c56c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bauruhoupsie.com/_next/static/chunks/4335-5557379f7c2b30ed.js | 172.67.168.181 | 200 OK | 70 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/4335-5557379f7c2b30ed.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash54aa0993bb34a71e492eaed38efc7c8b 3185f861694705ed9c05e8dc4fc7732f94e87f59 83dc6ca07cdda08afdbfe76f6b6433626031e2f86091c0a250c0985a44ca9674
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4335-5557379f7c2b30ed.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-110e6"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1799
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HU2d8a%2BA3c5Wxoqa8FfuWm9YY1oDlHKw40ia54BesikoPBUFB1LYQjaqrTu2u482%2Fug6KGD0p2DUn50XMECwL6qJRVJic1RiXJkii6SF10FBBe7rQ%2F%2BY10BjdqHcGS0Mx%2Fe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7ec5556c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/rotate?zz=4292523%3B5128285%3B4326645%3B4949467%3B5381239%3B5381316%3B5381307%3B5381339&var=4806802&ymid=175517_%7Bsub_subID%7D&ab2r=&var_3=&var_4=&os_version=&uid=tv2elvw12lkhqlweki1cd2af9zg9x3 | 172.67.168.181 | 200 OK | 5.1 kB |
URL GET HTTP/3bauruhoupsie.com/rotate?zz=4292523%3B5128285%3B4326645%3B4949467%3B5381239%3B5381316%3B5381307%3B5381339&var=4806802&ymid=175517_%7Bsub_subID%7D&ab2r=&var_3=&var_4=&os_version=&uid=tv2elvw12lkhqlweki1cd2af9zg9x3 IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (5115), with no line terminators Hashed828ba86439ca82f071efa051e1fbbc 690f3b7decc5cdbe9ae2533b1be24a33739b4230 2caafe4e64905d9a7349d0df27bc01b57bde3bbe8dbd0692f1e37ca34c30ab7a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=4292523%3B5128285%3B4326645%3B4949467%3B5381239%3B5381316%3B5381307%3B5381339&var=4806802&ymid=175517_%7Bsub_subID%7D&ab2r=&var_3=&var_4=&os_version=&uid=tv2elvw12lkhqlweki1cd2af9zg9x3 HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
DNT: 1
Connection: keep-alive
Cookie: OAID=tv2elvw12lkhqlweki1cd2af9zg9x3; syncedCookie=true; oaidts=1715325101
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 5d7d55a011e35223f66ab79fdc6e9642
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://bauruhoupsie.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=tv2elvw12lkhqlweki1cd2af9zg9x3; expires=Sat, 10 May 2025 07:11:41 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QYyth9byArbrEvUcRbuJuB%2FusZA1kwTvCrCnS27rImDGSrmJWK1h5EILTnYKHlYgj7egJ25YzcjfmMN0bymvqmVDtX7ZEeLl4TNaeD7eBIBUPJ3cqBX%2BOpAo7m5MrUq4%2Ff2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181ddbaa2e56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/img/rain/dollars-2.webp | 172.67.168.181 | 200 OK | 8.1 kB |
URL GET HTTP/3bauruhoupsie.com/img/rain/dollars-2.webp IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeRIFF (little-endian) data, Web/P image Hash8b4203d496c3f52b116af082a0cd4017 de5369e9459e240950bb7eb5261eaac1db26907f 8dd1f04088c25e20d15e1bc23129604830aab2b4d3d0a408a5f047f9768f39a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-2.webp HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: image/webp
content-length: 8140
last-modified: Thu, 09 May 2024 16:18:54 GMT
vary: Accept-Encoding
etag: "663cf76e-1fcc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0n9BRRxVv2%2BxVH%2F4NwWK494bXb%2B%2B78XeWFiwtO7%2FECryDyJ3IUqnHPYuswmTtLucjeT1qwifI5Is48%2BBueNTVYx8uN5caYyVssyoK56rooSz85swLj8itJ5X0sX3VvisOple"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd86d2b56c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/2734.6269ca0cf725ea17.js | 172.67.168.181 | 200 OK | 4.1 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/2734.6269ca0cf725ea17.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (4219), with no line terminators Hash98132c6c771aec065d3ab61e5c8c0f53 56484dafed6218ea17ef047fc8cd4c5a342c1890 ae09486720d6d4764b5126f0e26414962ee83eeebdc05db588bb7d86855e8b23
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.6269ca0cf725ea17.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-1033"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TIXNFWLjDPyt%2FSgJKrY7Xqw2MjNEYw77MCnluyEDkbiqGZFjOlQOK88FvBZGNAsJvJouMVs3H1m4xcN8%2FITyUvBi0t40oxJ9JzXBFNOgmVq2MtbyRmcDckmFLStYd8p1wXDN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd8edda56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/8904.396665ff0f4e920f.js | 172.67.168.181 | 200 OK | 762 B |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/8904.396665ff0f4e920f.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (776), with no line terminators Hashaec61fe1e1029a2cd28ad561e36a44a5 b54bdeca3c3d326daa1fd3f0af51f10c6db1d0bd 4ef42b6542eec1aa4e855cd2256867bb25c11e34f3b89837f40a908eb2a72d4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8904.396665ff0f4e920f.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-2fa"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RNVroh0uIknjtyZ3CMpF1bjZkxXtAv98LEuVzm4ex6z7YqpIcFqM3t009v2sVFQiPXQK6ROjoh1R3lhNWDbBEFElRdp5rCnwddHxtwVhNf%2FILuwqWf6AF9HBal1fFZyga20u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd8fde456c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 104.21.36.146 | 200 OK | 19 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP104.21.36.146:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2111
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0lRwEK%2FOo0gV7KjGKOMdlWqNB6CeeEUEQC8sn8xo5t2sTOQOBkKwDK2WTUqK2vzE7r6QQzM8cbUsfYQAHqpQNsnEXGFn42lwb1%2FJD%2F2fwByvIq2IJDMtJKxBb9MK%2B3D2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 88181dd9c86d0b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| bauruhoupsie.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=4806802&ymid=175517_%7Bsub_subID%7D&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=tv2elvw12lkhqlweki1cd2af9zg9x3&os_version=&btz=UTC&bto=0&z=6679101&cdn=1&domain=bauruhoupsie.com&ab2=&ab2_ttl=5184000 | 172.67.168.181 | 200 OK | 37 kB |
URL GET HTTP/3bauruhoupsie.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=4806802&ymid=175517_%7Bsub_subID%7D&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=tv2elvw12lkhqlweki1cd2af9zg9x3&os_version=&btz=UTC&bto=0&z=6679101&cdn=1&domain=bauruhoupsie.com&ab2=&ab2_ttl=5184000 IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (37142), with no line terminators Hash32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=4806802&ymid=175517_%7Bsub_subID%7D&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=tv2elvw12lkhqlweki1cd2af9zg9x3&os_version=&btz=UTC&bto=0&z=6679101&cdn=1&domain=bauruhoupsie.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Cookie: OAID=tv2elvw12lkhqlweki1cd2af9zg9x3; syncedCookie=true; oaidts=1715325101
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:41 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=1800
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6XLIiWdKanG%2Fk%2B95GtNhyCbzQu0awZwxyU1uunnkjXnXoDDYqxi9vONd8n5HIBfHh6M9SEgnLjflqbD7ICi8c%2BzBv8V%2B9Y8mNZwPuyKqKw4j2dhN6Xvp%2FkqDctk5asj1XMGN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181ddbaa3a56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/1561.4bf12370d85b766f.js | 172.67.168.181 | 200 OK | 9.1 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/1561.4bf12370d85b766f.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (9272), with no line terminators Hashdabde04f69c638428630c14ae4b4cb4a bd087891e0650581e39fd2b58fd4ea2b847c89ce ac0fba826e52015abab3f1f2497e92911db9e85d044257aa59d9da4c56e4b31f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1561.4bf12370d85b766f.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-2379"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKIK%2FgduGFWYDqIVPK0hTGmS3d5bxfkV15KB4xixspVm1517iV182IIw%2Fge%2FEOSNtFXNO6tY2iY6zHSH%2FZjIBk4bGGGUdkobSKEzc5PomFRtFYpsAUpg2xw2e8%2BD6zTGjgTx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc3156c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/webpack-c6481c346939b033.js | 172.67.168.181 | 200 OK | 6.3 kB |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/webpack-c6481c346939b033.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (6509), with no line terminators Hashf714130aecf9816f7c6d55e289768782 605dcaf4dade278011068cd0a1b270223efef3b9 e493d4da813cda17e1429330d2aaf9f0e6a4005a41e8ebd736023d9d4af4d33e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-c6481c346939b033.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-1877"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=raVU4hsLzTXnIvJixFht3TOKz6e7yCXCgQWixPOma5iOxLPv2xDTdrDj8rVliMEn%2BXX%2F45YYrxTIwcS2sfboqqo7aDDGRwUf69j0Vv68pXlQy0m3QzNSNUQAjgNFtQ2qtOd3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7dc3c56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| bauruhoupsie.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-77d5ed7065d28538.js | 172.67.168.181 | 200 OK | 912 B |
URL GET HTTP/3bauruhoupsie.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-77d5ed7065d28538.js IP172.67.168.181:443
Requested byhttps://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU CertificateIssuerLet's Encrypt Subjectbauruhoupsie.com Fingerprint7B:BC:FE:8B:97:56:B3:5A:33:B5:ED:A1:59:5C:C1:71:87:AF:2C:50 ValidityTue, 30 Apr 2024 20:15:42 GMT - Mon, 29 Jul 2024 20:15:41 GMT
File typeJavaScript source, ASCII text, with very long lines (920), with no line terminators Hash12f940033f2f01b95b36673be81dc04d b681fdfb79066c0ca08de689f6426c7cfc023e45 cf53e13d24cf17bc1580086ffa76fa823ab12c11bb4a071a146c853929708386
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-77d5ed7065d28538.js HTTP/1.1
Host: bauruhoupsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://bauruhoupsie.com/finance-survey.html?z=4806802&offer_id=2025&var=175517_{sub_subID}&ymid=BJqAcxEAAAGPYVYt9wAAW9gAAq2dAAAAAAAAAAAU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 10 May 2024 07:11:40 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"663cf76e-390"
last-modified: Thu, 09 May 2024 16:18:54 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5skz%2F2gcEfzvcz%2BsjaAo1WhltdEJSCYm%2BL9%2F53vKWP12rC%2BkIs55uySPO3YN0z%2BusXQkbBuNol5Lovrta5K39VRBykJxP9FeWbZmA3nXD8rdICkjOH36uiqwwLDbDccNbmHA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88181dd7ec5756c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|