| peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js | 104.21.92.42 | 200 OK | 14 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (21617), with no line terminators Hashe5a18eccb2797e5391d6ce697f63eaba fd0cfa9d1d8af22b690973928c5d65b6be83389b 865d0997740868b6c2804f1949e997d55baffc23023235d8af966f8b999c2b84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4981.3c1daeeee82e08ea.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-5471"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Opsh9OIe6N5YNYq2sVUD3bo8faycOkDuQoijlZMSRkoyHqqZtV1gm9lCrCp5N0ka3lwAFFpg5N7LXaHFHwi5WHlkQTgnqYA2VamtJnxjwKkWAlRTYg1FxE9r8t4YiWdK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02480c569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/rain/dollars-2.webp | 104.21.92.42 | 200 OK | 8.1 kB |
URL GET HTTP/3peeglauwa.com/img/rain/dollars-2.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image Hash8b4203d496c3f52b116af082a0cd4017 de5369e9459e240950bb7eb5261eaac1db26907f 8dd1f04088c25e20d15e1bc23129604830aab2b4d3d0a408a5f047f9768f39a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-2.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 8140
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-1fcc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gQSqKYCdbQN6ThbEH8E7wr74koXN4B9FR9Q5sqGpaU80WaaQ3bSR8x6g20EgpFUT%2FU7PUx5ADgIPOxj5MNQYERqy5mz6t6q4mA9hKBpmjbi%2BsQetDpWPsfw10llktUc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03299a569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/rain/dollars-3.webp | 104.21.92.42 | 200 OK | 5.9 kB |
URL GET HTTP/3peeglauwa.com/img/rain/dollars-3.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image Hash51ea76ff382bff8ef58a9943f7fd21d1 5c3d6ad6620fbde5ce3dddc88604e6d54621eba2 0240f30fc542fb5c2d532f33bc793b797199adaea75e22a7d9f04674b80d9a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-3.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 5938
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-1732"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEYVRpzU32G3Z%2BRHcPtiJtgWwCidclxyLDVDDEt6W%2FutMi9FFdiFkltGGaAXVXenzg2gXZAs7wOdFACZOhmh7W7jo%2BoQS7Li2AvkwG57gW3NSyS3tFz5A4KJBmMoZq9i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03299b569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js | 104.21.92.42 | 200 OK | 2.5 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (2161), with no line terminators Hashb886b146cfe3ded792695240e5066a35 3bf6a8db5ddfb1ad0d47dbbfc4c0e1065de242b5 10f787227cfd1f40e73de3416af7b3ebf6136822d10236b889e7d690f1880cc4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.c8175d9042cf8d52.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-871"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bM0tJr106HZ%2F3DyL1nsrnkoY5AdM5zu5suf34I20hf%2BCMFcOJYRobYJ3gFxBE7rNxD45BvYWRhOQco1Re1%2BAZ2lySDqCVnHXoBUrvOmy12jTHu7SZqfB4STKk7b4Waaw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03daea569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js | 104.21.92.42 | 200 OK | 2.4 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (2955), with no line terminators Hash0c60c4b03a77633fc4177d0ffaa530e1 61f40dca0463045927e933959e5f16280db6403c 2f592be0eab537bef0500f89410df1783c7cccef79e8586ba30e53e63c78247e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3978.f48a53d50c258a97.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-b8b"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=coOMmVGfgw29IqJNz8sShrj7HGokUGTqxCBxGi44gdKcrTiHNR5Tk4c0U%2By8iIfshH0Iz0hEeWA9j3cCeRwvdAM9xZAsVSLGitwHAHq9njgcoH%2FsNxnoR%2FcYmEtuf%2BJy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f038a58569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js | 104.21.92.42 | 200 OK | 2.8 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (662), with no line terminators Hash06062156d99da1c306ff5966000be2c4 3c128ded6b30d8bcfb9a85b8f1d7551400c4eb60 9e0349f7ac8b75e95aff12e66f57065f040d20165ea783fe17366bea6a56751d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-296"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4nqBs5k4Fc9i9vAN8kww5m1Mjkvt3GxJDEDjK3d4Cg6IuTJnn9PhND1Flq%2BAuK0Zfa7K4wkvDci5XI1nK1I68FfNepx2Gc1NYRONzikSMpNYCLHVdn6DNWDgZ9kMVO2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f026840569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-2.webp | 104.21.92.42 | 200 OK | 2.2 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-2.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash8f8ffbb278de1342e5cf44cd0c677c23 1b4b4428e409479cc8a8acfce6f537c2aeea7556 ac4284ed6941963c4fa0db306537f42f3a0b1fa18710bc7b9e1e62188961d83a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-2.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 2220
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-8ac"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4SZcS%2Bxu3MtMhfBcnCTiI7E8fCkz0UsuJ6id23xmnurScUD8ShwiuN9AZxg8PLL6iSALGsMTM%2B%2FXv0fwF0ewX2i%2Bht4EZDKYLQHyCHUJrSEYxxTfBn6itxEQ6L2tJ7U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f054d00569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js | 104.21.92.42 | 200 OK | 13 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (39394), with no line terminators Hash78af260e6345bb993cf649622f4d7ecf bcad2770feaa6e0df7dbb92c24da90c56da29559 cca988f276fd684064d3ff252d813ca24f18f73cb16e18a1edece86f25f60e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-0755fe53a86fd6ab.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-99e2"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmj%2BzTHtg%2FqOt9%2FAJP619g2YIJ4VbW4UAUbFmoKgfiKpARMInyhCqPrWChJio%2BT3a7V6USXYtVSjN8IJxZSd7RNth0GQwQOI0szKSj0DgV3rhEnlXizYYb%2FdXflpDq3x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f025826569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js | 104.21.92.42 | 200 OK | 1.1 kB |
URL GET HTTP/3peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with very long lines (1605), with no line terminators Hashafb20cdeacb93bdf5bf8aa578184886d 09c7aba141f7217c3314ebeb3cc95c4b9e155ca9 56dcf2fc54ca29449d0c2d04965dcddbfce6295d404e6151d44cf1808f3c1a53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-645"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8juyVQqRoiUy6qK9yGd7xGcJsIyemc4XtEJD8s7B8e9zlL0EIDMiQ7mcyUAmKeYGp890gZZMAREZ7eBu4uW0klJRjPWskJ1RENpGWmadoSiV6TrczqcnSnQwFzuVPlYW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f026842569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/825.139a404f62101162.js | 104.21.92.42 | 200 OK | 8.5 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/825.139a404f62101162.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (39900), with no line terminators Hashe1671f1b840e49e5da86e2e21f0bca2b 9592694997a1984d3a66befb9f923ca6d5fd14cd 6cc2879d30de99804094429e23561b77ac38fcbef7c71f769129d10f65eb32f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/825.139a404f62101162.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-9bdc"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZeIPZpG5uMIQv7%2FLgqhq9CU9yiljYJrzeot2xJxPw0tiSqMa0fc9sG77Qef%2F7mWaI0xh5raNCsTo92Z3Kj8f1%2BsbvFt1d1y8FVilaAZWE8c63ke99eITX%2FvkqcLZXfv8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f025816569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/webpack-d9f7c6f2541e6f8d.js | 104.21.92.42 | 200 OK | 4.3 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/webpack-d9f7c6f2541e6f8d.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (5932), with no line terminators Hash4999f29898dfcbe2fe963f47bfbf3a2f c8b4bca9b2f6a3121776730747678992f28bbc8c 68c253861635b91e7880148f4df207412c5480abad1eb8a0b084d90549734360
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-d9f7c6f2541e6f8d.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-172c"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Ya7%2BeJ6XsqODQk0FRiyXWZhKMbUTkfEevBKgkrKWmRnE0FYLT6Ug%2Bz6auodK3F9d7UGFy9Ml6Do%2FjnQpvL57DNxvetW%2F%2FOWF2VKn94UOXcoktZ9psRSb1Di4CB6qH0K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02581d569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-6.webp | 104.21.92.42 | 200 OK | 2.4 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-6.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash7be25941ac032fcec25b1bb4ede296d2 cfc4fb3733844326076b6d7632087204c0bea34d 0ff9d28c4ab7516d2790e8df4d325cf602bc8f9eb787a7cd9b6554edd9530e4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-6.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 2440
last-modified: Wed, 17 Apr 2024 15:36:42 GMT
vary: Accept-Encoding
etag: "661fec8a-988"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6499
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnIOXwJduAOxlWKXbHCjPTuvt04D4164%2BbV4Hi7GdblsgGt%2BnKjlUDybwEnXN00ISkIU1RtgGT4Fkhaj0oKZfgsLLLpsDZUBraqbmXdzrgdeakKm0u5N3%2BPdJhzsue7H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f055d11569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectarleavannya.com FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:16 GMT
content-length: 0
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectarleavannya.com FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:16 GMT
content-length: 0
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectarleavannya.com FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: application/json
Content-Length: 422
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 2a9819990c6578c9636a0fa68442d257
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js | 104.21.92.42 | 200 OK | 8.0 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (925), with no line terminators Hash3d657d2d17983fccaac3b0512a0f9460 06faa560e966627855c424e23fbb0bb5aadde083 b9e3997d6a87385dd604b65dfa962fe50944dfc158c2e82c945d6b8664e2f81e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8904.6fbc0cfd51623cbf.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-39d"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0drKpcC%2FYLdrr0YIC2lQhqxjRW%2Fs5PSL8xRvAWUYwW0GRxj6ibrD%2B4ZIxjR%2F8SqWq5O5uZkauCDrMDp7Uz2VCmHh6a0JbgEE6wF8KJ6VCfx%2BlSCAx4Mt5TFRu596S1Sk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03dad9569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js | 104.21.92.42 | 200 OK | 9.9 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (26042), with no line terminators Hash499fb17b15c09c2d76681f27dde9a031 5564d317c33112db56918ec372d392caabec70f2 9350c53e2fe847ec629962106d01d6af28a0d9c69feb57e7609b3c096935cdb2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-3281cb961088a9a3.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-65ba"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFlg5ykqbfUsvTbkXj9Y2x0tgHANn%2F9K2oYhvJC%2BlQYc1D6F4M28fkyatK6d2bJ8ssTcYFyJZ67j1miRjcflVQcAkprZfwXsZhIfiPHVVhk8JXqsy040acfyoHUcAEQU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02581f569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 179 B |
IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectarleavannya.com FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT
Hash081142aa1c9267422ee7fd25ac457579 cf8a223610da412aab4cc9aec68f6f304258b3ce 58084d495376ed2e41f026c352cabb187129c58109f2b15caeb1a539deb2cd19
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: application/json
Content-Length: 161
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: 4efceba34099c0adec33ba95dda5cb48
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c2a84b20-3715-4ff7-bbf6-ccbc554bb94c | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c2a84b20-3715-4ff7-bbf6-ccbc554bb94c IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c2a84b20-3715-4ff7-bbf6-ccbc554bb94c HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1501
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 18 Apr 2024 10:44:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://peeglauwa.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| peeglauwa.com/favicon.ico | 104.21.92.42 | 204 No Content | 0 B |
URL GET HTTP/3peeglauwa.com/favicon.ico IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 18 Apr 2024 10:44:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kL3oQQiUihF%2FOQL65gAwol9LHQpYLQa7FfSenhWUiW2y2bxJJYxttRINR0ZkYbiCKGTnPuvjKN3q9DV7hQwanyAjJSljYGfOoxFtDoLjnBo6i27AXev7rjxZVi8IK1rf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87640f086a99569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofklefkian.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=6534631&ymid=7oVVjR81kD&var_3=8052819&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ofklefkian.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=6534631&ymid=7oVVjR81kD&var_3=8052819&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest IP139.45.197.251:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectofklefkian.com Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02 ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=6534631&ymid=7oVVjR81kD&var_3=8052819&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:17 GMT
content-length: 0
x-trace-id: 0eab1d7754cc72eed9d62885e6540ebf
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 | 104.21.92.42 | 200 OK | 15 kB |
URL User Request GET HTTP/2peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 IP104.21.92.42:443
CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (22489) Hash76e4cb1c7b8b015e756f6ff5d4da6c2b 776f53c16b28b557d1c06e6060f020948d10e8a8 1b4d0ad1d96cacaad76c5b9f8d97ad22f4f6b1265e1b42a93cc1a68819cc3a06
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:44:15 GMT
content-type: text/html
last-modified: Thu, 18 Apr 2024 09:34:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqLzeADky2NihpqzGrxK03Pdg6QpyKTP38sqg3YEpvRxs6uzCsNJwxkHURTNYitAYvnhpRhdoZ%2FBtoSjhwontuKF9Qq6YENh2ogtOhKfNWdQNkLxnRslk7lZCVytoZXk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eff4951569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=6534631&ymid=7oVVjR81kD&ab2r=&var_3=8052819&var_4=&os_version=&uid=sx167ztxj62attwe45zm2po07epfb7w | 104.21.92.42 | 200 OK | 14 kB |
URL GET HTTP/3peeglauwa.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=6534631&ymid=7oVVjR81kD&ab2r=&var_3=8052819&var_4=&os_version=&uid=sx167ztxj62attwe45zm2po07epfb7w IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
Hashdedd9a8df123b3d55c4ba2efd3ab42a7 354c9f2f3717408a07d61b1dff5da02854761778 1dda5cdd62d5ff13f3ccad982a4e7ce42fb891436b91d225051c9bec5463a372
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=6534631&ymid=7oVVjR81kD&ab2r=&var_3=8052819&var_4=&os_version=&uid=sx167ztxj62attwe45zm2po07epfb7w HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
DNT: 1
Connection: keep-alive
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 0570448a2c91f8025cada0fb1064b78d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; expires=Fri, 18 Apr 2025 10:44:17 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwzBcP98WBHrv5z93%2FxC7n5TiCYj2kwp0%2Fb%2FZlo99zKnbM8i9OkdrL98mWuv3I7HdZwrGZyDmOLUQsGQFBi2muWYd0GRLkzGI5oVuuvO7UN1U8nRt%2FnbQ8Yk0X%2Bcn0Qq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f069fb1569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js | 104.21.92.42 | 200 OK | 21 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-7c98"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JLhGt3fHGW5NBonT7bpgGMvpDG33KboBGyqpRpi%2BF%2F8kPtlnz9h06PmhOWc42Q%2F3tuV6Bs7NwX2%2FW3rmzaS5ZTmVHnTur0zLt1wId9ExtC6ZFD%2BYgHX6hXHIYEtagwV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f026838569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/2610.2a580cd9dee822b9.js | 104.21.92.42 | 200 OK | 19 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/2610.2a580cd9dee822b9.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (13011), with no line terminators Hash0c59730d5535c83c311c485073a9e98a 09881fb1526e5ab2f1520bc64599d6a62eb49ac0 96f5c1af97875fe47b041806f2dcf51ec427ec1e50e94c4d2406418ec71e9dd2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2610.2a580cd9dee822b9.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-32d3"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gb4IWY3iHsjwxsAcFQqMAbH%2BZ2GIgQfoIbiZ46RK%2BsW07UWFb8zxGQsqPfIH%2BsgGyAnm8jPxPOY1H8kT0qLY2pFiP%2BH6LIETkivGsUX2J6oYqQy1DGAbHa3o2TWRilGd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02480d569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/track?dry=true&request_var=7oVVjR81kD&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&var=6534631&var_3=8052819&var_4=&variable2=804479556009340928&ymid=7oVVjR81kD&z=6534631 | 104.21.92.42 | 200 OK | 7.9 kB |
URL GET HTTP/3peeglauwa.com/track?dry=true&request_var=7oVVjR81kD&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&var=6534631&var_3=8052819&var_4=&variable2=804479556009340928&ymid=7oVVjR81kD&z=6534631 IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
Hash518fbbd5a95951cd6212498955368d69 f6b781a48dee7d09f5b29745c4ced1397642bbe1 f8c19e1cf3423fb386d154c3effb94bc2774d81de6af91588f731e2ce2b6a4f8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=true&request_var=7oVVjR81kD&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&var=6534631&var_3=8052819&var_4=&variable2=804479556009340928&ymid=7oVVjR81kD&z=6534631 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
DNT: 1
Connection: keep-alive
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: 6beaf43c8a10abef678300ef6637e171
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybmHePO68TTmLHUHD5tenE%2FyJe7EZ%2F7NtC4%2Bm91v2wLl1JH7bNxWPwJYJNK6UgSVLMdUDMUJeBKWzOMHe7frC2HZWchueZYbVShEZ8NVi3C3zebrHUiZ7SzSyAwI5DpD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f069fab569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/css/0bc0cde260d08b97.css | 104.21.92.42 | 200 OK | 1.8 kB |
URL GET HTTP/3peeglauwa.com/_next/static/css/0bc0cde260d08b97.css IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with very long lines (1841), with no line terminators Hashff1d3d5d24ca0172d59b02e7505ddaa1 41e83ee08e21f369886b0fdad0ba01d8b20897b6 939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"6620e908-733"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2wHlaIqJiDIzznZOCwpbO%2FNl7y4G0o8esvewniAYLchZMRH5teHjSZc7Fo4MTn2L3lEwYk2E5N%2BTLV365xfu9fLXN44ICH7SXixLTD5HynxW1rIyaltj7i9GYKGNmvQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02480a569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js | 104.21.92.42 | 200 OK | 109 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (108886 bytes) Hash49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"6620e908-1a957"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfKA2XUnCavsYU75cpAAez5fzXFpElOk3%2B6XFP4yMNKW5xbHYdL3PRhF3PgDT2EllxkM6dawWrhZ71nqQGgRtIyWaqO%2BAp9jMvseOi4q2PRleoglrdehev%2BgJdBIfQwf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f025823569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/1155-a288f72f1c5f84cb.js | 104.21.92.42 | 200 OK | 74 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/1155-a288f72f1c5f84cb.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashf4fbc4cb97025f97e7202a6eecfdf059 4469a7e10b19d667a2c6b6a3ecd08c4dcb358749 1883fc82a08b36e731e0a3a0e49a42d12c70599b64fcf9607ee2905b74c43b70
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1155-a288f72f1c5f84cb.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-11f4b"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4CMU%2F%2FVvT31YDnI4Ydc%2BGSl7wYSfGQTR3JgOVQpD%2B8TjcRdoTnRkzA%2B5bd8XjmuhoQDDC7gig4XEeEpPMfGhoRBac31R%2BjEc%2Fg3jIHbFqYwvUuYK9z8lvgGlUbyguYj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02683c569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/2090-d895fd689d39c729.js | 104.21.92.42 | 200 OK | 11 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/2090-d895fd689d39c729.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (10720), with no line terminators Hash9dfcf70490a58a9922807765131a36dd 74a2103f2772dcbb021e6d7ed80a46505532efa1 64aa44a6c998566700666c1e4bf0abd78fe219197efb3229d6d9ffa7040926b6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-d895fd689d39c729.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-29e0"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGVEC3mMEUsUZiFLhDpnYFX2sAGYLFqitZIWS8kyColyuYrImNkdRfQOygfwf8Bn4k76ybQgjZ3afDPl%2FlCUYkq6VeIVAM4wPd%2FwHm12Ynjsr1IuvJL5P9iVTKdSv5tC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02683a569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js | 104.21.92.42 | 200 OK | 3.8 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (3870), with no line terminators Hash1d892f4ab084b8290d79dcf9ec65b79a 17b0c18b7201dd8eb4bbd3db5be2f1d784000948 77e68c0c19f773bcf939398361c922509f29268cea7afe93f3f7050183115e14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6223.36a8be3b6724c1ee.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-eee"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vkYcjE2cHnq5%2Bd1T4ShORdXzanDgAzGapK%2BDm4vXuE0MGmTquhci%2BNlA7TsVXAC3Uqsh33s%2Bt7Sp2Jc1DigcQRUFDoUZCiOsJCjp1lYHol%2FM1WD%2B41aAO0stmWDYzAxk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03dae7569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-5.webp | 104.21.92.42 | 200 OK | 2.4 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-5.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash188dfcdf19da1d86ed162d54ed03536d 98b1baefbb803548b2894547091b4c7773406524 4f8251665e3cc796f127ea6cbdc00a9ec450adff16acb4ec74463c446b6f4ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-5.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 2384
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-950"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1354
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tv20EGOlj0DZlqh4qGBZj09jRvKBbl8Irvi6aRzRUk0JTf5dJ3fWDSE%2BDhwKrzI7mnIODmYfTdh%2BTdJplyNvXMgRReRcXYdzK9CmDVi6lma3QrLlBTtPyV%2BQ2L3DdgkS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f054d04569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/sw/universal.js?var=6534631&var_3=8052819&ymid=7oVVjR81kD&ab2_ttl=5184000&zoneId=7085340 | 104.21.92.42 | 200 OK | 1.2 kB |
URL GET HTTP/3peeglauwa.com/sw/universal.js?var=6534631&var_3=8052819&ymid=7oVVjR81kD&ab2_ttl=5184000&zoneId=7085340 IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with very long lines (1235), with no line terminators Hashdd0b5076f7df915b30c5dd9bbfda384e 9d872a41735a575fe000724c11a5c9bbc246c539 6120f1a81b74d500834a6088cbca7f608f597128df8d629c76af4761a9e96454
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=6534631&var_3=8052819&ymid=7oVVjR81kD&ab2_ttl=5184000&zoneId=7085340 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1461
etag: W/"6620e908-5b5"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 13
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hvzet1jpLIjv%2FkeVGxCMbTjwTfq%2BcY77By0SmPE%2BjtJvmITFGoWFKdCUbF%2FBjQ1Afj%2Bqv%2FYONABz2fZYCmahb0Zo8EV6%2F1D8bwF%2BRYZlmdvcDn%2Bo5xxjeAjzpcypHAtz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f07a944569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js | 104.21.92.42 | 200 OK | 1.8 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1771), with no line terminators Hashd269bc24ab428864c8a5d9fd90d791ae ff1943ecbdb21dd40483e22778b0826bce974cde 086e81568c991bb4f9d7f9bcb854f1f2bf66b7397b1eef5b0753889ccb86cb30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9787.32846937d0160cf7.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-6e1"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hk21xrE80YTIhfh9CJiA%2FkVV4U3YEseYIFknlijkF5v%2Fw5YmurNz1uU0oiypY4jRuhYswlKrahYSBjEGAKlcdcXhq54EYMP8ZAhFcxtWHxKb%2Bydj4dNLGW046QecbA9i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03eaf9569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-3.webp | 104.21.92.42 | 200 OK | 1.5 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-3.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hasha747d227c2e10b5178fd942484301d7a b3c5cf90dd5fd2c26c7b17dcb2d35b6dd47065be 9f4fb1281b7141b9dd48925953f7b039b6c411ea0e6e5b158d3e000d75316e9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-3.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 1454
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-5ae"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuZIn5XcsKBYUiBhqp39eSx1QBb3qp7cEt950q3u1U3Bdc%2FAw0G5wxMFOIvjr3LKejXN3TR8MzYjKu2C6UcLU6NLONHsKn021kDFE%2FfQtIzz9%2B8sQaE1Vv%2BNj26vbuAH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f04cc3c569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-4.webp | 104.21.92.42 | 200 OK | 1.8 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-4.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash5dc160f6b521dc8f6c670b140b354fed 22e15cda82b532067b99932ec28f86ea2cc1ecbc 09c6c6de57458ec0c4e7a3d2375e0c7b9c037de9366b63e3685cc0ca94d838b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-4.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 1798
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-706"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Kw6umYhvdwrZzAqF2uw2%2B4W9q5WzWYrtd0BkLr1RD4HSnzusRzr5U3Yy2%2BQ5N0VAMsyVyqBWHhEUCykXRY0bE1Gi64ONN2Pok9sU23KBx1Pg1b6ECn4Fp6vFw6OaGfP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f055d0c569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/4089.c7e0200d08c5ecd6.js | 104.21.92.42 | 200 OK | 22 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/4089.c7e0200d08c5ecd6.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (22013), with no line terminators Hash9c0754fee41afd53afb451593c7f69a1 911154ad0d3b7e5a968fb52f694867741f8fd798 abb0b63445a71170a0f1d9279397560c6c5446e20aea075e3f245240186a683b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4089.c7e0200d08c5ecd6.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-55fd"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jzCzvLkY1OdwCN%2Fy4Iyi8ndO9xE9ZA2eXJEjTLjS3aGbVNoK%2Fmng6WGV5rhheB1hYvGVr6x6dK3XDz6HmIHldxHYOBg3yvBOX9O9wHT8oKJQJDQkfvlOhLCdzSrq5wS5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f025812569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=sx167ztxj62attwe45zm2po07epfb7w | 139.45.195.8 | 200 OK | 64 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=sx167ztxj62attwe45zm2po07epfb7w IP139.45.195.8:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashbe4d9c74eff1515fe284a891c0e0e92a d070461c11d9086b9ccba427df29733e6cf49de9 ec778bc9ace9d113d7bbcd8200e10b703b551e1f4517c91c8dac6da48acf2855
GET /gid.js?userId=sx167ztxj62attwe45zm2po07epfb7w HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/json; charset=utf-8
content-length: 64
access-control-allow-origin: https://peeglauwa.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=sx167ztxj62attwe45zm2po07epfb7w; expires=Fri, 18 Apr 2025 10:44:16 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/img/rain/dollars-1.webp | 104.21.92.42 | 200 OK | 10 kB |
URL GET HTTP/3peeglauwa.com/img/rain/dollars-1.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image Hasha5bef813a0113d018592091106451c8b 59365e96c4abca5eb98a0c56db0af0bb5cbffebb 036beb7de9c9d450e1442d593ff70ad392ca4be6754e7feaec249c0009e1bd83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-1.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 10546
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-2932"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9SnYSNJd5SOOishCS42naTuP5jxNRUfMJ4rXDvoXynD432LVuRRJ7MQfZ%2B86MjphThi0bGNcdjl29sZaYmicM2UhbPiA3SSkPTxIuqRXblSB0MX26CBXOjN2ueqVfWj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f031986569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/1754.901479ebfced8b6a.js | 104.21.92.42 | 200 OK | 12 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/1754.901479ebfced8b6a.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (11527), with no line terminators Hash56134729452ad2f059b72b7ca69c3c46 39357808d2372e366c0562f7a89957d26f89929b f138deeabff5ca5314a2d2a7b892a288eaf820b1e8332dd4ac4efe62a4ae6c45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1754.901479ebfced8b6a.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-2d07"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CmvubnkKU9Czt4v5vtTbJ2MOv%2BVjZ9TLBEqrbSkNhFvT6syh3zbvlHUewFR6P4MXQr%2FQcHf%2BBIXVhb7sqESzOegoLOvyfALWsd5OlrM1mbAC9BvF9EtyXeTXDFFvgqB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f055d19569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 | 104.21.92.42 | 200 OK | 27 kB |
URL GET HTTP/3peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (27012) Hash4d5fdbf5a5eaf9b73b515e58aaea8ab1 af206657baadc54af340d9b32738e9797934eaff 05b026bb4f34d6fd3b5db29bffb1ba5be6f9b11d954fa44fd4d57acd997ecb2d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: W/"6620e908-6985"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ann%2BFVtBqyeEBI1%2BWNaNVHt%2BhFsAOr5T%2Fb8gOi3pAKurFkl1K3IEkWGgZHPEz9gTM2nTgORPYKmq9Y%2F9lz2uhR%2BcoSiwvQLp6occYZSl5jLmEd%2FIiBOD4jif5%2BUWDuQg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f06e81d569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js | 104.21.92.42 | 200 OK | 1.3 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1340), with no line terminators Hash928a78a6ff2acfdfc2b133e09c23a898 80992f60be4eeaa5e9ee31c4912fc8fd15806007 af03ac8ae373bd61c0ac2106d2837e74bf0f3c2d02682c018909684f3e6af5bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-512"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAhU4x9vCFFFdTt615uRUuKnNFiMFl9wsf9fpuAXnEv03%2BySEXS07Y1eQvqpnXQmMc9o%2BS44mVJNkndEa6wGBbCc8WkOux0dqSsaGvz%2FxHyQkHTRvG9ZxccDakG%2BgLjc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03eaf6569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/finance-survey/icon-survey.svg | 104.21.92.42 | 200 OK | 2.7 kB |
URL GET HTTP/3peeglauwa.com/finance-survey/icon-survey.svg IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeSVG Scalable Vector Graphics image Hasha000ba4d0e7570d810feafb22bc50bef af8fce44a683d3dfebe69cbe856e747739c9a666 9ae848c180201d8ae5c59ce118b0b7ef395a01295fb04d57e81cfe0566100679
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/icon-survey.svg HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: W/"6620e908-a72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qL1Fsuwi%2BUtuydEiPvqoXAoMHyjLSgZNhawPqSLk2ZQgUXJ5idZ%2FrThgjJD3cMe%2BheC35YVJZjFsJ5AXOWGuWKt%2F07KbKblaJoxIgkb95a68CfndcQeX6BAzlr5RDIUm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f055d14569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js | 104.21.92.42 | 200 OK | 182 B |
URL GET HTTP/3peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-b6"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmLLlj5hayLJiZktoGXybs2IeCL2%2BCB59DZBQc8QWlEn98e6EF40HY9V2L5MB52oktv2c8XX1QJR9n1ZANh7X7rQzAYymFxQ4wLC%2B5COFz%2FpFDcf1miFP9v0zjGaf%2Fqe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f026845569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 104.21.36.146 | 200 OK | 19 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP104.21.36.146:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com FingerprintC0:94:F3:BC:8E:7A:FB:B0:2A:C5:0A:53:D3:08:2E:63:6B:02:E8:70 ValidityFri, 23 Feb 2024 02:35:13 GMT - Thu, 23 May 2024 02:35:12 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkWx%2BoA8VaGOjgqpGXI8ssjPxR7b1yBPJhtnpN9pzR2k8i9xYXiuYTFQ9n1n24VbqypjutVYvPP39%2BERNyDSyk8p6swmlrb84FSmOjhPfBelOVo%2BBvnUJyUabx8XHZyMWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87640f055c721c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-1.webp | 104.21.92.42 | 200 OK | 1.4 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-1.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5da2ea294623650bae71fc84401cf60 f1f62ea011cf81953cefe28254c134e992453b91 09a846c5b1af2c6100ff3193789be1e0e21ba9fc45c268f76f2007c78f1e4ac1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-1.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 1402
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-57a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdbD9vzr5rKz5ZgHckOxZOr02aiBIVcPNc4axz2Cbz7guylrrHknYbSmWHp4vSZUYrmeUIMULbGnxP0vfywNLVHocy9q7NwK08CdDelwGYS3pPX5iUz3XRknU4GMrGoA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f054d06569d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/5927.5b9e15850e6ed19a.js | 104.21.92.42 | 200 OK | 18 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/5927.5b9e15850e6ed19a.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (18363), with no line terminators Hash5bb517e08d6010f7e31b0f17b36459a9 260ee8a6737b10a939374d464312509c4630dfe7 615040639aee9f5314f7cb5119026b1a754621ea88e74ac1e5e2e7a144715320
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5927.5b9e15850e6ed19a.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-47bb"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s41MgPcF7vWrx0Qpk0ZWHokNn%2FO%2FymY6iP4uaur%2BFV17YpE6blVVW1NMUtf2KVIEF8zL5EMvApw7MYCL%2FFqFWacYQWWaBMpvaJo%2FSOI2tQN99rdB0e4ceVi%2Fe2KilZgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f039a79569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|