Report - peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var

Report Overview

Submitted URL
peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
IP
104.21.92.42
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 10:44:41
Access
public
Website Title
Participate in Our Exclusive Online Survey: Share Your Insight
Final URL
peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
80

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
peeglauwa.com	unknown	unknown	No data	No data	24 kB	495 kB	104.21.92.42
arleavannya.com	unknown	2024-01-22	2024-01-22	2024-04-14	2.0 kB	3.0 kB	139.45.197.248
datatechonert.com	46154	2021-12-24	2021-12-24	2024-04-18	570 B	481 B	37.48.68.71
ofklefkian.com	unknown	2024-01-25	2024-01-25	2024-04-18	547 B	546 B	139.45.197.251
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-04-17	460 B	742 B	139.45.195.8
cdntechone.com	64371	2021-12-24	2021-12-24	2024-04-16	399 B	20 kB	104.21.36.146

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	ofklefkian.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed
2024-04-18	medium	peeglauwa.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (25)

	URL	Size	First Seen	Last Seen
	peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js	182 B	2024-04-18	2024-04-30
Pretty URL peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 11:58:16 Last Seen2024-04-30 19:35:37 Times Seen150 Hash d78f02cd11637a888af548f5e270c3af 9c90b573305ec9d6d2e7e74837c641a863d991b4 2357fd3fc3972384c0c7a714da244191da43a7bf5d91fd865a30d2deb0b6b517 Loading...

	peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js	39 kB	2024-04-18	2024-04-19
Pretty URL peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:03:12 Last Seen2024-04-19 13:22:06 Times Seen20 Hash 78af260e6345bb993cf649622f4d7ecf bcad2770feaa6e0df7dbb92c24da90c56da29559 cca988f276fd684064d3ff252d813ca24f18f73cb16e18a1edece86f25f60e87 Loading...

	peeglauwa.com/_next/static/chunks/5927.5b9e15850e6ed19a.js	18 kB	2024-04-09	2024-04-18
Pretty URL peeglauwa.com/_next/static/chunks/5927.5b9e15850e6ed19a.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 23:02:31 Last Seen2024-04-18 12:44:48 Times Seen27 Hash 5bb517e08d6010f7e31b0f17b36459a9 260ee8a6737b10a939374d464312509c4630dfe7 615040639aee9f5314f7cb5119026b1a754621ea88e74ac1e5e2e7a144715320 Loading...

	peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000	27 kB	2024-01-20	2024-04-24
Pretty URL peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 15:21:24 Last Seen2024-04-24 10:44:05 Times Seen134 Hash 4d5fdbf5a5eaf9b73b515e58aaea8ab1 af206657baadc54af340d9b32738e9797934eaff 05b026bb4f34d6fd3b5db29bffb1ba5be6f9b11d954fa44fd4d57acd997ecb2d Loading...

	peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js	22 kB	2024-04-02	2024-04-30
Pretty URL peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 14:06:39 Last Seen2024-04-30 19:35:37 Times Seen157 Hash e5a18eccb2797e5391d6ce697f63eaba fd0cfa9d1d8af22b690973928c5d65b6be83389b 865d0997740868b6c2804f1949e997d55baffc23023235d8af966f8b999c2b84 Loading...

	peeglauwa.com/_next/static/chunks/825.139a404f62101162.js	40 kB	2024-04-18	2024-04-18
Pretty URL peeglauwa.com/_next/static/chunks/825.139a404f62101162.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:03:12 Last Seen2024-04-18 12:44:48 Times Seen8 Hash e1671f1b840e49e5da86e2e21f0bca2b 9592694997a1984d3a66befb9f923ca6d5fd14cd 6cc2879d30de99804094429e23561b77ac38fcbef7c71f769129d10f65eb32f5 Loading...

	peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js	1.6 kB	2024-04-18	2024-04-18
Pretty URL peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 11:58:16 Last Seen2024-04-18 12:44:48 Times Seen5 Hash afb20cdeacb93bdf5bf8aa578184886d 09c7aba141f7217c3314ebeb3cc95c4b9e155ca9 56dcf2fc54ca29449d0c2d04965dcddbfce6295d404e6151d44cf1808f3c1a53 Loading...

	peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js	1.3 kB	2024-02-28	2024-04-30
Pretty URL peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-28 05:15:28 Last Seen2024-04-30 16:25:39 Times Seen77 Hash 48bc38caebc09f278d740e9a8302bf56 b687105616511f0eb1f493a5ff7cb35e6b445b5e d558e0466151e37fdefda1944ca4860ea0f63fc583e36ed00e2516d52774caa3 Loading...

	unknown	619 B	2024-02-22	2024-04-30
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-22 05:07:24 Last Seen2024-04-30 16:25:39 Times Seen6 Hash 5c15f7af374be0466b93057a494cf124 e03a32baa110f786f3d8899455d3c6173392d5bb 485970eca5df766c5f9f229ea19a1415164424fe8cc1b4225b0a096a9ffc461a Loading...

	peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js	3.0 kB	2024-04-13	2024-04-26
Pretty URL peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 13:54:11 Last Seen2024-04-26 09:26:44 Times Seen53 Hash 0c60c4b03a77633fc4177d0ffaa530e1 61f40dca0463045927e933959e5f16280db6403c 2f592be0eab537bef0500f89410df1783c7cccef79e8586ba30e53e63c78247e Loading...

	peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js	3.8 kB	2024-04-13	2024-04-30
Pretty URL peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-13 13:54:11 Last Seen2024-04-30 19:35:37 Times Seen108 Hash c1f7e2120e9f45cf822bbe5e23ab5711 e5ab7ffa55c8122915c064b4e81387ff71ca018c 492f9bfb9b36328df2670323687dbb0d0ac9499199fe5bac3c7eb91dde9a34aa Loading...

	peeglauwa.com/_next/static/chunks/webpack-d9f7c6f2541e6f8d.js	5.9 kB	2024-04-18	2024-04-18
Pretty URL peeglauwa.com/_next/static/chunks/webpack-d9f7c6f2541e6f8d.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 11:58:16 Last Seen2024-04-18 12:44:48 Times Seen4 Hash 4999f29898dfcbe2fe963f47bfbf3a2f c8b4bca9b2f6a3121776730747678992f28bbc8c 68c253861635b91e7880148f4df207412c5480abad1eb8a0b084d90549734360 Loading...

	peeglauwa.com/_next/static/chunks/1155-a288f72f1c5f84cb.js	74 kB	2024-04-18	2024-04-18
Pretty URL peeglauwa.com/_next/static/chunks/1155-a288f72f1c5f84cb.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 11:58:16 Last Seen2024-04-18 12:44:48 Times Seen6 Hash f4fbc4cb97025f97e7202a6eecfdf059 4469a7e10b19d667a2c6b6a3ecd08c4dcb358749 1883fc82a08b36e731e0a3a0e49a42d12c70599b64fcf9607ee2905b74c43b70 Loading...

	peeglauwa.com/_next/static/chunks/1754.901479ebfced8b6a.js	12 kB	2024-04-02	2024-04-18
Pretty URL peeglauwa.com/_next/static/chunks/1754.901479ebfced8b6a.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 14:06:39 Last Seen2024-04-18 12:44:48 Times Seen38 Hash 56134729452ad2f059b72b7ca69c3c46 39357808d2372e366c0562f7a89957d26f89929b f138deeabff5ca5314a2d2a7b892a288eaf820b1e8332dd4ac4efe62a4ae6c45 Loading...

	peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js	32 kB	2024-03-21	2024-04-30
Pretty URL peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-21 14:18:29 Last Seen2024-04-30 19:35:37 Times Seen278 Hash b5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5 Loading...

	peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js	925 B	2024-04-09	2024-04-30
Pretty URL peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 23:02:31 Last Seen2024-04-30 19:35:37 Times Seen115 Hash 3d657d2d17983fccaac3b0512a0f9460 06faa560e966627855c424e23fbb0bb5aadde083 b9e3997d6a87385dd604b65dfa962fe50944dfc158c2e82c945d6b8664e2f81e Loading...

	peeglauwa.com/_next/static/chunks/4089.c7e0200d08c5ecd6.js	22 kB	2024-04-18	2024-04-18
Pretty URL peeglauwa.com/_next/static/chunks/4089.c7e0200d08c5ecd6.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:03:12 Last Seen2024-04-18 12:44:48 Times Seen8 Hash 9c0754fee41afd53afb451593c7f69a1 911154ad0d3b7e5a968fb52f694867741f8fd798 abb0b63445a71170a0f1d9279397560c6c5446e20aea075e3f245240186a683b Loading...

	cdntechone.com/stattag.js	19 kB	2024-02-07	2024-04-30
Pretty URL cdntechone.com/stattag.js IP 104.21.36.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-07 19:13:47 Last Seen2024-04-30 19:35:37 Times Seen573 Hash bec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a Loading...

	peeglauwa.com/_next/static/chunks/2610.2a580cd9dee822b9.js	13 kB	2024-04-02	2024-04-18
Pretty URL peeglauwa.com/_next/static/chunks/2610.2a580cd9dee822b9.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 14:06:39 Last Seen2024-04-18 12:44:48 Times Seen18 Hash 0c59730d5535c83c311c485073a9e98a 09881fb1526e5ab2f1520bc64599d6a62eb49ac0 96f5c1af97875fe47b041806f2dcf51ec427ec1e50e94c4d2406418ec71e9dd2 Loading...

	peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js	26 kB	2024-04-02	2024-04-25
Pretty URL peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-02 14:06:40 Last Seen2024-04-25 12:54:20 Times Seen93 Hash 499fb17b15c09c2d76681f27dde9a031 5564d317c33112db56918ec372d392caabec70f2 9350c53e2fe847ec629962106d01d6af28a0d9c69feb57e7609b3c096935cdb2 Loading...

	peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js	1.8 kB	2024-03-22	2024-04-26
Pretty URL peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 08:23:18 Last Seen2024-04-26 09:26:44 Times Seen79 Hash 0b47bad6a8778bdc8cd3dec268938624 246ca006b4bdb919f3f1e8fd567a8631f5a136d9 1bb773520bd8d662232b89b67a6ae04556b715b90239d9c443502219b71a2471 Loading...

	peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js	2.2 kB	2024-03-22	2024-04-19
Pretty URL peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-22 08:23:18 Last Seen2024-04-19 12:56:47 Times Seen48 Hash b886b146cfe3ded792695240e5066a35 3bf6a8db5ddfb1ad0d47dbbfc4c0e1065de242b5 10f787227cfd1f40e73de3416af7b3ebf6136822d10236b889e7d690f1880cc4 Loading...

	peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js	109 kB	2024-03-02	2024-04-30
Pretty URL peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-02 21:14:49 Last Seen2024-04-30 19:35:37 Times Seen185 Hash 49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4 Loading...

	peeglauwa.com/_next/static/chunks/2090-d895fd689d39c729.js	11 kB	2024-04-18	2024-04-19
Pretty URL peeglauwa.com/_next/static/chunks/2090-d895fd689d39c729.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:03:12 Last Seen2024-04-19 09:40:36 Times Seen14 Hash 9dfcf70490a58a9922807765131a36dd 74a2103f2772dcbb021e6d7ed80a46505532efa1 64aa44a6c998566700666c1e4bf0abd78fe219197efb3229d6d9ffa7040926b6 Loading...

	peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js	662 B	2024-04-18	2024-04-30
Pretty URL peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js IP 104.21.92.42 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-18 08:03:12 Last Seen2024-04-30 14:45:16 Times Seen112 Hash 06062156d99da1c306ff5966000be2c4 3c128ded6b30d8bcfb9a85b8f1d7551400c4eb60 9e0349f7ac8b75e95aff12e66f57065f040d20165ea783fe17366bea6a56751d Loading...

HTTP Transactions (47)

URL IP Response Size

peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js

104.21.92.42

200 OK

14 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (21617), with no line terminators
Size
14 kB (13704 bytes)
Hash
e5a18eccb2797e5391d6ce697f63eaba
fd0cfa9d1d8af22b690973928c5d65b6be83389b
865d0997740868b6c2804f1949e997d55baffc23023235d8af966f8b999c2b84

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4981.3c1daeeee82e08ea.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-5471"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Opsh9OIe6N5YNYq2sVUD3bo8faycOkDuQoijlZMSRkoyHqqZtV1gm9lCrCp5N0ka3lwAFFpg5N7LXaHFHwi5WHlkQTgnqYA2VamtJnxjwKkWAlRTYg1FxE9r8t4YiWdK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02480c569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/img/rain/dollars-2.webp

104.21.92.42

200 OK

8.1 kB

URL GET HTTP/3
peeglauwa.com/img/rain/dollars-2.webp
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.1 kB (8140 bytes)
Hash
8b4203d496c3f52b116af082a0cd4017
de5369e9459e240950bb7eb5261eaac1db26907f
8dd1f04088c25e20d15e1bc23129604830aab2b4d3d0a408a5f047f9768f39a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/rain/dollars-2.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 8140
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-1fcc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6gQSqKYCdbQN6ThbEH8E7wr74koXN4B9FR9Q5sqGpaU80WaaQ3bSR8x6g20EgpFUT%2FU7PUx5ADgIPOxj5MNQYERqy5mz6t6q4mA9hKBpmjbi%2BsQetDpWPsfw10llktUc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03299a569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/img/rain/dollars-3.webp

104.21.92.42

200 OK

5.9 kB

URL GET HTTP/3
peeglauwa.com/img/rain/dollars-3.webp
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
RIFF (little-endian) data, Web/P image
Size
5.9 kB (5938 bytes)
Hash
51ea76ff382bff8ef58a9943f7fd21d1
5c3d6ad6620fbde5ce3dddc88604e6d54621eba2
0240f30fc542fb5c2d532f33bc793b797199adaea75e22a7d9f04674b80d9a32

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/rain/dollars-3.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 5938
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-1732"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MEYVRpzU32G3Z%2BRHcPtiJtgWwCidclxyLDVDDEt6W%2FutMi9FFdiFkltGGaAXVXenzg2gXZAs7wOdFACZOhmh7W7jo%2BoQS7Li2AvkwG57gW3NSyS3tFz5A4KJBmMoZq9i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03299b569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js

104.21.92.42

200 OK

2.5 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (2161), with no line terminators
Size
2.5 kB (2515 bytes)
Hash
b886b146cfe3ded792695240e5066a35
3bf6a8db5ddfb1ad0d47dbbfc4c0e1065de242b5
10f787227cfd1f40e73de3416af7b3ebf6136822d10236b889e7d690f1880cc4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3091.c8175d9042cf8d52.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-871"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bM0tJr106HZ%2F3DyL1nsrnkoY5AdM5zu5suf34I20hf%2BCMFcOJYRobYJ3gFxBE7rNxD45BvYWRhOQco1Re1%2BAZ2lySDqCVnHXoBUrvOmy12jTHu7SZqfB4STKk7b4Waaw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03daea569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js

104.21.92.42

200 OK

2.4 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (2955), with no line terminators
Size
2.4 kB (2385 bytes)
Hash
0c60c4b03a77633fc4177d0ffaa530e1
61f40dca0463045927e933959e5f16280db6403c
2f592be0eab537bef0500f89410df1783c7cccef79e8586ba30e53e63c78247e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3978.f48a53d50c258a97.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-b8b"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=coOMmVGfgw29IqJNz8sShrj7HGokUGTqxCBxGi44gdKcrTiHNR5Tk4c0U%2By8iIfshH0Iz0hEeWA9j3cCeRwvdAM9xZAsVSLGitwHAHq9njgcoH%2FsNxnoR%2FcYmEtuf%2BJy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f038a58569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js

104.21.92.42

200 OK

2.8 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (662), with no line terminators
Size
2.8 kB (2774 bytes)
Hash
06062156d99da1c306ff5966000be2c4
3c128ded6b30d8bcfb9a85b8f1d7551400c4eb60
9e0349f7ac8b75e95aff12e66f57065f040d20165ea783fe17366bea6a56751d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-296"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2074
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i4nqBs5k4Fc9i9vAN8kww5m1Mjkvt3GxJDEDjK3d4Cg6IuTJnn9PhND1Flq%2BAuK0Zfa7K4wkvDci5XI1nK1I68FfNepx2Gc1NYRONzikSMpNYCLHVdn6DNWDgZ9kMVO2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f026840569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/img/comments/finance-survey-people/person-2.webp

104.21.92.42

200 OK

2.2 kB

URL GET HTTP/3
peeglauwa.com/img/comments/finance-survey-people/person-2.webp
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.2 kB (2220 bytes)
Hash
8f8ffbb278de1342e5cf44cd0c677c23
1b4b4428e409479cc8a8acfce6f537c2aeea7556
ac4284ed6941963c4fa0db306537f42f3a0b1fa18710bc7b9e1e62188961d83a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/comments/finance-survey-people/person-2.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 2220
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-8ac"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4SZcS%2Bxu3MtMhfBcnCTiI7E8fCkz0UsuJ6id23xmnurScUD8ShwiuN9AZxg8PLL6iSALGsMTM%2B%2FXv0fwF0ewX2i%2Bht4EZDKYLQHyCHUJrSEYxxTfBn6itxEQ6L2tJ7U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f054d00569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js

104.21.92.42

200 OK

13 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (39394), with no line terminators
Size
13 kB (13243 bytes)
Hash
78af260e6345bb993cf649622f4d7ecf
bcad2770feaa6e0df7dbb92c24da90c56da29559
cca988f276fd684064d3ff252d813ca24f18f73cb16e18a1edece86f25f60e87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_app-0755fe53a86fd6ab.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-99e2"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kmj%2BzTHtg%2FqOt9%2FAJP619g2YIJ4VbW4UAUbFmoKgfiKpARMInyhCqPrWChJio%2BT3a7V6USXYtVSjN8IJxZSd7RNth0GQwQOI0szKSj0DgV3rhEnlXizYYb%2FdXflpDq3x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f025826569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js

104.21.92.42

200 OK

1.1 kB

URL GET HTTP/3
peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
ASCII text, with very long lines (1605), with no line terminators
Size
1.1 kB (1127 bytes)
Hash
afb20cdeacb93bdf5bf8aa578184886d
09c7aba141f7217c3314ebeb3cc95c4b9e155ca9
56dcf2fc54ca29449d0c2d04965dcddbfce6295d404e6151d44cf1808f3c1a53

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-645"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8juyVQqRoiUy6qK9yGd7xGcJsIyemc4XtEJD8s7B8e9zlL0EIDMiQ7mcyUAmKeYGp890gZZMAREZ7eBu4uW0klJRjPWskJ1RENpGWmadoSiV6TrczqcnSnQwFzuVPlYW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f026842569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/825.139a404f62101162.js

104.21.92.42

200 OK

8.5 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/825.139a404f62101162.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (39900), with no line terminators
Size
8.5 kB (8481 bytes)
Hash
e1671f1b840e49e5da86e2e21f0bca2b
9592694997a1984d3a66befb9f923ca6d5fd14cd
6cc2879d30de99804094429e23561b77ac38fcbef7c71f769129d10f65eb32f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/825.139a404f62101162.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-9bdc"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZeIPZpG5uMIQv7%2FLgqhq9CU9yiljYJrzeot2xJxPw0tiSqMa0fc9sG77Qef%2F7mWaI0xh5raNCsTo92Z3Kj8f1%2BsbvFt1d1y8FVilaAZWE8c63ke99eITX%2FvkqcLZXfv8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f025816569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/webpack-d9f7c6f2541e6f8d.js

104.21.92.42

200 OK

4.3 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/webpack-d9f7c6f2541e6f8d.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (5932), with no line terminators
Size
4.3 kB (4254 bytes)
Hash
4999f29898dfcbe2fe963f47bfbf3a2f
c8b4bca9b2f6a3121776730747678992f28bbc8c
68c253861635b91e7880148f4df207412c5480abad1eb8a0b084d90549734360

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-d9f7c6f2541e6f8d.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-172c"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Ya7%2BeJ6XsqODQk0FRiyXWZhKMbUTkfEevBKgkrKWmRnE0FYLT6Ug%2Bz6auodK3F9d7UGFy9Ml6Do%2FjnQpvL57DNxvetW%2F%2FOWF2VKn94UOXcoktZ9psRSb1Di4CB6qH0K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02581d569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/img/comments/finance-survey-people/person-6.webp

104.21.92.42

200 OK

2.4 kB

URL GET HTTP/3
peeglauwa.com/img/comments/finance-survey-people/person-6.webp
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.4 kB (2440 bytes)
Hash
7be25941ac032fcec25b1bb4ede296d2
cfc4fb3733844326076b6d7632087204c0bea34d
0ff9d28c4ab7516d2790e8df4d325cf602bc8f9eb787a7cd9b6554edd9530e4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/comments/finance-survey-people/person-6.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 2440
last-modified: Wed, 17 Apr 2024 15:36:42 GMT
vary: Accept-Encoding
etag: "661fec8a-988"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6499
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tnIOXwJduAOxlWKXbHCjPTuvt04D4164%2BbV4Hi7GdblsgGt%2BnKjlUDybwEnXN00ISkIU1RtgGT4Fkhaj0oKZfgsLLLpsDZUBraqbmXdzrgdeakKm0u5N3%2BPdJhzsue7H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f055d11569d-OSL
alt-svc: h3=":443"; ma=86400

arleavannya.com/sync-metrics

139.45.197.248

200 OK

0 B

URL POST HTTP/2
arleavannya.com/sync-metrics
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectarleavannya.com
FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F
ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:16 GMT
content-length: 0
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

arleavannya.com/sync-metrics

139.45.197.248

200 OK

0 B

URL POST HTTP/2
arleavannya.com/sync-metrics
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectarleavannya.com
FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F
ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:16 GMT
content-length: 0
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

arleavannya.com/sync-metrics

139.45.197.248

200 OK

17 B

URL POST HTTP/2
arleavannya.com/sync-metrics
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectarleavannya.com
FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F
ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT

File type
JSON text data
Size
17 B (17 bytes)
Hash
5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

HTTP Headers

POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: application/json
Content-Length: 422
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 2a9819990c6578c9636a0fa68442d257
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js

104.21.92.42

200 OK

8.0 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (925), with no line terminators
Size
8.0 kB (7950 bytes)
Hash
3d657d2d17983fccaac3b0512a0f9460
06faa560e966627855c424e23fbb0bb5aadde083
b9e3997d6a87385dd604b65dfa962fe50944dfc158c2e82c945d6b8664e2f81e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8904.6fbc0cfd51623cbf.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-39d"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0drKpcC%2FYLdrr0YIC2lQhqxjRW%2Fs5PSL8xRvAWUYwW0GRxj6ibrD%2B4ZIxjR%2F8SqWq5O5uZkauCDrMDp7Uz2VCmHh6a0JbgEE6wF8KJ6VCfx%2BlSCAx4Mt5TFRu596S1Sk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03dad9569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js

104.21.92.42

200 OK

9.9 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (26042), with no line terminators
Size
9.9 kB (9875 bytes)
Hash
499fb17b15c09c2d76681f27dde9a031
5564d317c33112db56918ec372d392caabec70f2
9350c53e2fe847ec629962106d01d6af28a0d9c69feb57e7609b3c096935cdb2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/framework-3281cb961088a9a3.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-65ba"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFlg5ykqbfUsvTbkXj9Y2x0tgHANn%2F9K2oYhvJC%2BlQYc1D6F4M28fkyatK6d2bJ8ssTcYFyJZ67j1miRjcflVQcAkprZfwXsZhIfiPHVVhk8JXqsy040acfyoHUcAEQU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02581f569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

arleavannya.com/sync-do

139.45.197.248

200 OK

179 B

URL POST HTTP/2
arleavannya.com/sync-do
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectarleavannya.com
FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F
ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT

File type
JSON text data
Size
179 B (179 bytes)
Hash
081142aa1c9267422ee7fd25ac457579
cf8a223610da412aab4cc9aec68f6f304258b3ce
58084d495376ed2e41f026c352cabb187129c58109f2b15caeb1a539deb2cd19

HTTP Headers

POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: application/json
Content-Length: 161
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: 4efceba34099c0adec33ba95dda5cb48
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c2a84b20-3715-4ff7-bbf6-ccbc554bb94c

37.48.68.71

200 OK

12 B

URL POST HTTP/1.1
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c2a84b20-3715-4ff7-bbf6-ccbc554bb94c
IP
37.48.68.71:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerSectigo Limited
Subjectdatatechonert.com
Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27
ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c2a84b20-3715-4ff7-bbf6-ccbc554bb94c HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1501
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 18 Apr 2024 10:44:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://peeglauwa.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

peeglauwa.com/favicon.ico

104.21.92.42

204 No Content

0 B

URL GET HTTP/3
peeglauwa.com/favicon.ico
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 18 Apr 2024 10:44:17 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kL3oQQiUihF%2FOQL65gAwol9LHQpYLQa7FfSenhWUiW2y2bxJJYxttRINR0ZkYbiCKGTnPuvjKN3q9DV7hQwanyAjJSljYGfOoxFtDoLjnBo6i27AXev7rjxZVi8IK1rf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87640f086a99569d-OSL
alt-svc: h3=":443"; ma=86400

ofklefkian.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=6534631&ymid=7oVVjR81kD&var_3=8052819&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest

139.45.197.251

200 OK

0 B

URL POST HTTP/2
ofklefkian.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=6534631&ymid=7oVVjR81kD&var_3=8052819&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectofklefkian.com
Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02
ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=6534631&ymid=7oVVjR81kD&var_3=8052819&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:17 GMT
content-length: 0
x-trace-id: 0eab1d7754cc72eed9d62885e6540ebf
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819

104.21.92.42

200 OK

15 kB

URL User Request GET HTTP/2
peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (22489)
Size
15 kB (14811 bytes)
Hash
76e4cb1c7b8b015e756f6ff5d4da6c2b
776f53c16b28b557d1c06e6060f020948d10e8a8
1b4d0ad1d96cacaad76c5b9f8d97ad22f4f6b1265e1b42a93cc1a68819cc3a06

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:44:15 GMT
content-type: text/html
last-modified: Thu, 18 Apr 2024 09:34:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqLzeADky2NihpqzGrxK03Pdg6QpyKTP38sqg3YEpvRxs6uzCsNJwxkHURTNYitAYvnhpRhdoZ%2FBtoSjhwontuKF9Qq6YENh2ogtOhKfNWdQNkLxnRslk7lZCVytoZXk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eff4951569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

peeglauwa.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=6534631&ymid=7oVVjR81kD&ab2r=&var_3=8052819&var_4=&os_version=&uid=sx167ztxj62attwe45zm2po07epfb7w

104.21.92.42

200 OK

14 kB

URL GET HTTP/3
peeglauwa.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=6534631&ymid=7oVVjR81kD&ab2r=&var_3=8052819&var_4=&os_version=&uid=sx167ztxj62attwe45zm2po07epfb7w
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JSON text data
Size
14 kB (14299 bytes)
Hash
dedd9a8df123b3d55c4ba2efd3ab42a7
354c9f2f3717408a07d61b1dff5da02854761778
1dda5cdd62d5ff13f3ccad982a4e7ce42fb891436b91d225051c9bec5463a372

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=6534631&ymid=7oVVjR81kD&ab2r=&var_3=8052819&var_4=&os_version=&uid=sx167ztxj62attwe45zm2po07epfb7w HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
DNT: 1
Connection: keep-alive
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 0570448a2c91f8025cada0fb1064b78d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; expires=Fri, 18 Apr 2025 10:44:17 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwzBcP98WBHrv5z93%2FxC7n5TiCYj2kwp0%2Fb%2FZlo99zKnbM8i9OkdrL98mWuv3I7HdZwrGZyDmOLUQsGQFBi2muWYd0GRLkzGI5oVuuvO7UN1U8nRt%2FnbQ8Yk0X%2Bcn0Qq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f069fb1569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js

104.21.92.42

200 OK

21 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (31896), with no line terminators
Size
21 kB (21391 bytes)
Hash
b5dd343db67bd22544d11da18268f5c3
069b5b221dd75af58d93192460778b3d07835e74
6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-7c98"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1JLhGt3fHGW5NBonT7bpgGMvpDG33KboBGyqpRpi%2BF%2F8kPtlnz9h06PmhOWc42Q%2F3tuV6Bs7NwX2%2FW3rmzaS5ZTmVHnTur0zLt1wId9ExtC6ZFD%2BYgHX6hXHIYEtagwV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f026838569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/2610.2a580cd9dee822b9.js

104.21.92.42

200 OK

19 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/2610.2a580cd9dee822b9.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (13011), with no line terminators
Size
19 kB (18983 bytes)
Hash
0c59730d5535c83c311c485073a9e98a
09881fb1526e5ab2f1520bc64599d6a62eb49ac0
96f5c1af97875fe47b041806f2dcf51ec427ec1e50e94c4d2406418ec71e9dd2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2610.2a580cd9dee822b9.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-32d3"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gb4IWY3iHsjwxsAcFQqMAbH%2BZ2GIgQfoIbiZ46RK%2BsW07UWFb8zxGQsqPfIH%2BsgGyAnm8jPxPOY1H8kT0qLY2pFiP%2BH6LIETkivGsUX2J6oYqQy1DGAbHa3o2TWRilGd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02480d569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/track?dry=true&request_var=7oVVjR81kD&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&var=6534631&var_3=8052819&var_4=&variable2=804479556009340928&ymid=7oVVjR81kD&z=6534631

104.21.92.42

200 OK

7.9 kB

URL GET HTTP/3
peeglauwa.com/track?dry=true&request_var=7oVVjR81kD&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&var=6534631&var_3=8052819&var_4=&variable2=804479556009340928&ymid=7oVVjR81kD&z=6534631
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JSON text data
Size
7.9 kB (7882 bytes)
Hash
518fbbd5a95951cd6212498955368d69
f6b781a48dee7d09f5b29745c4ced1397642bbe1
f8c19e1cf3423fb386d154c3effb94bc2774d81de6af91588f731e2ce2b6a4f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /track?dry=true&request_var=7oVVjR81kD&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&var=6534631&var_3=8052819&var_4=&variable2=804479556009340928&ymid=7oVVjR81kD&z=6534631 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
DNT: 1
Connection: keep-alive
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: 6beaf43c8a10abef678300ef6637e171
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybmHePO68TTmLHUHD5tenE%2FyJe7EZ%2F7NtC4%2Bm91v2wLl1JH7bNxWPwJYJNK6UgSVLMdUDMUJeBKWzOMHe7frC2HZWchueZYbVShEZ8NVi3C3zebrHUiZ7SzSyAwI5DpD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f069fab569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/css/0bc0cde260d08b97.css

104.21.92.42

200 OK

1.8 kB

URL GET HTTP/3
peeglauwa.com/_next/static/css/0bc0cde260d08b97.css
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
ASCII text, with very long lines (1841), with no line terminators
Size
1.8 kB (1841 bytes)
Hash
ff1d3d5d24ca0172d59b02e7505ddaa1
41e83ee08e21f369886b0fdad0ba01d8b20897b6
939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"6620e908-733"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2089
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2wHlaIqJiDIzznZOCwpbO%2FNl7y4G0o8esvewniAYLchZMRH5teHjSZc7Fo4MTn2L3lEwYk2E5N%2BTLV365xfu9fLXN44ICH7SXixLTD5HynxW1rIyaltj7i9GYKGNmvQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02480a569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js

104.21.92.42

200 OK

109 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
109 kB (108886 bytes)
Hash
49c6f57370e917bd37dc7d4d4d0bdb56
f5b56f5b9498f3500055c5614808903d85303991
0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"6620e908-1a957"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfKA2XUnCavsYU75cpAAez5fzXFpElOk3%2B6XFP4yMNKW5xbHYdL3PRhF3PgDT2EllxkM6dawWrhZ71nqQGgRtIyWaqO%2BAp9jMvseOi4q2PRleoglrdehev%2BgJdBIfQwf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f025823569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/1155-a288f72f1c5f84cb.js

104.21.92.42

200 OK

74 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/1155-a288f72f1c5f84cb.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (73547 bytes)
Hash
f4fbc4cb97025f97e7202a6eecfdf059
4469a7e10b19d667a2c6b6a3ecd08c4dcb358749
1883fc82a08b36e731e0a3a0e49a42d12c70599b64fcf9607ee2905b74c43b70

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1155-a288f72f1c5f84cb.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-11f4b"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C4CMU%2F%2FVvT31YDnI4Ydc%2BGSl7wYSfGQTR3JgOVQpD%2B8TjcRdoTnRkzA%2B5bd8XjmuhoQDDC7gig4XEeEpPMfGhoRBac31R%2BjEc%2Fg3jIHbFqYwvUuYK9z8lvgGlUbyguYj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02683c569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/2090-d895fd689d39c729.js

104.21.92.42

200 OK

11 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/2090-d895fd689d39c729.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (10720), with no line terminators
Size
11 kB (10720 bytes)
Hash
9dfcf70490a58a9922807765131a36dd
74a2103f2772dcbb021e6d7ed80a46505532efa1
64aa44a6c998566700666c1e4bf0abd78fe219197efb3229d6d9ffa7040926b6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2090-d895fd689d39c729.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-29e0"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WGVEC3mMEUsUZiFLhDpnYFX2sAGYLFqitZIWS8kyColyuYrImNkdRfQOygfwf8Bn4k76ybQgjZ3afDPl%2FlCUYkq6VeIVAM4wPd%2FwHm12Ynjsr1IuvJL5P9iVTKdSv5tC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f02683a569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js

104.21.92.42

200 OK

3.8 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (3870), with no line terminators
Size
3.8 kB (3822 bytes)
Hash
1d892f4ab084b8290d79dcf9ec65b79a
17b0c18b7201dd8eb4bbd3db5be2f1d784000948
77e68c0c19f773bcf939398361c922509f29268cea7afe93f3f7050183115e14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/6223.36a8be3b6724c1ee.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-eee"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vkYcjE2cHnq5%2Bd1T4ShORdXzanDgAzGapK%2BDm4vXuE0MGmTquhci%2BNlA7TsVXAC3Uqsh33s%2Bt7Sp2Jc1DigcQRUFDoUZCiOsJCjp1lYHol%2FM1WD%2B41aAO0stmWDYzAxk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03dae7569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/img/comments/finance-survey-people/person-5.webp

104.21.92.42

200 OK

2.4 kB

URL GET HTTP/3
peeglauwa.com/img/comments/finance-survey-people/person-5.webp
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.4 kB (2384 bytes)
Hash
188dfcdf19da1d86ed162d54ed03536d
98b1baefbb803548b2894547091b4c7773406524
4f8251665e3cc796f127ea6cbdc00a9ec450adff16acb4ec74463c446b6f4ba6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/comments/finance-survey-people/person-5.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 2384
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-950"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1354
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tv20EGOlj0DZlqh4qGBZj09jRvKBbl8Irvi6aRzRUk0JTf5dJ3fWDSE%2BDhwKrzI7mnIODmYfTdh%2BTdJplyNvXMgRReRcXYdzK9CmDVi6lma3QrLlBTtPyV%2BQ2L3DdgkS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f054d04569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/sw/universal.js?var=6534631&var_3=8052819&ymid=7oVVjR81kD&ab2_ttl=5184000&zoneId=7085340

104.21.92.42

200 OK

1.2 kB

URL GET HTTP/3
peeglauwa.com/sw/universal.js?var=6534631&var_3=8052819&ymid=7oVVjR81kD&ab2_ttl=5184000&zoneId=7085340
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
ASCII text, with very long lines (1235), with no line terminators
Size
1.2 kB (1216 bytes)
Hash
dd0b5076f7df915b30c5dd9bbfda384e
9d872a41735a575fe000724c11a5c9bbc246c539
6120f1a81b74d500834a6088cbca7f608f597128df8d629c76af4761a9e96454

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw/universal.js?var=6534631&var_3=8052819&ymid=7oVVjR81kD&ab2_ttl=5184000&zoneId=7085340 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1461
etag: W/"6620e908-5b5"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 13
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hvzet1jpLIjv%2FkeVGxCMbTjwTfq%2BcY77By0SmPE%2BjtJvmITFGoWFKdCUbF%2FBjQ1Afj%2Bqv%2FYONABz2fZYCmahb0Zo8EV6%2F1D8bwF%2BRYZlmdvcDn%2Bo5xxjeAjzpcypHAtz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f07a944569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js

104.21.92.42

200 OK

1.8 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (1771), with no line terminators
Size
1.8 kB (1761 bytes)
Hash
d269bc24ab428864c8a5d9fd90d791ae
ff1943ecbdb21dd40483e22778b0826bce974cde
086e81568c991bb4f9d7f9bcb854f1f2bf66b7397b1eef5b0753889ccb86cb30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/9787.32846937d0160cf7.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-6e1"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hk21xrE80YTIhfh9CJiA%2FkVV4U3YEseYIFknlijkF5v%2Fw5YmurNz1uU0oiypY4jRuhYswlKrahYSBjEGAKlcdcXhq54EYMP8ZAhFcxtWHxKb%2Bydj4dNLGW046QecbA9i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03eaf9569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/img/comments/finance-survey-people/person-3.webp

104.21.92.42

200 OK

1.5 kB

URL GET HTTP/3
peeglauwa.com/img/comments/finance-survey-people/person-3.webp
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.5 kB (1454 bytes)
Hash
a747d227c2e10b5178fd942484301d7a
b3c5cf90dd5fd2c26c7b17dcb2d35b6dd47065be
9f4fb1281b7141b9dd48925953f7b039b6c411ea0e6e5b158d3e000d75316e9f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/comments/finance-survey-people/person-3.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 1454
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-5ae"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuZIn5XcsKBYUiBhqp39eSx1QBb3qp7cEt950q3u1U3Bdc%2FAw0G5wxMFOIvjr3LKejXN3TR8MzYjKu2C6UcLU6NLONHsKn021kDFE%2FfQtIzz9%2B8sQaE1Vv%2BNj26vbuAH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f04cc3c569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/img/comments/finance-survey-people/person-4.webp

104.21.92.42

200 OK

1.8 kB

URL GET HTTP/3
peeglauwa.com/img/comments/finance-survey-people/person-4.webp
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.8 kB (1798 bytes)
Hash
5dc160f6b521dc8f6c670b140b354fed
22e15cda82b532067b99932ec28f86ea2cc1ecbc
09c6c6de57458ec0c4e7a3d2375e0c7b9c037de9366b63e3685cc0ca94d838b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/comments/finance-survey-people/person-4.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 1798
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-706"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Kw6umYhvdwrZzAqF2uw2%2B4W9q5WzWYrtd0BkLr1RD4HSnzusRzr5U3Yy2%2BQ5N0VAMsyVyqBWHhEUCykXRY0bE1Gi64ONN2Pok9sU23KBx1Pg1b6ECn4Fp6vFw6OaGfP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f055d0c569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/4089.c7e0200d08c5ecd6.js

104.21.92.42

200 OK

22 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/4089.c7e0200d08c5ecd6.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (22013), with no line terminators
Size
22 kB (22013 bytes)
Hash
9c0754fee41afd53afb451593c7f69a1
911154ad0d3b7e5a968fb52f694867741f8fd798
abb0b63445a71170a0f1d9279397560c6c5446e20aea075e3f245240186a683b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4089.c7e0200d08c5ecd6.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-55fd"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jzCzvLkY1OdwCN%2Fy4Iyi8ndO9xE9ZA2eXJEjTLjS3aGbVNoK%2Fmng6WGV5rhheB1hYvGVr6x6dK3XDz6HmIHldxHYOBg3yvBOX9O9wHT8oKJQJDQkfvlOhLCdzSrq5wS5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f025812569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

my.rtmark.net/gid.js?userId=sx167ztxj62attwe45zm2po07epfb7w

139.45.195.8

200 OK

64 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=sx167ztxj62attwe45zm2po07epfb7w
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
64 B (64 bytes)
Hash
be4d9c74eff1515fe284a891c0e0e92a
d070461c11d9086b9ccba427df29733e6cf49de9
ec778bc9ace9d113d7bbcd8200e10b703b551e1f4517c91c8dac6da48acf2855

HTTP Headers

GET /gid.js?userId=sx167ztxj62attwe45zm2po07epfb7w HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/json; charset=utf-8
content-length: 64
access-control-allow-origin: https://peeglauwa.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=sx167ztxj62attwe45zm2po07epfb7w; expires=Fri, 18 Apr 2025 10:44:16 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

peeglauwa.com/img/rain/dollars-1.webp

104.21.92.42

200 OK

10 kB

URL GET HTTP/3
peeglauwa.com/img/rain/dollars-1.webp
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
RIFF (little-endian) data, Web/P image
Size
10 kB (10546 bytes)
Hash
a5bef813a0113d018592091106451c8b
59365e96c4abca5eb98a0c56db0af0bb5cbffebb
036beb7de9c9d450e1442d593ff70ad392ca4be6754e7feaec249c0009e1bd83

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/rain/dollars-1.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 10546
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-2932"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2088
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x9SnYSNJd5SOOishCS42naTuP5jxNRUfMJ4rXDvoXynD432LVuRRJ7MQfZ%2B86MjphThi0bGNcdjl29sZaYmicM2UhbPiA3SSkPTxIuqRXblSB0MX26CBXOjN2ueqVfWj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f031986569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/1754.901479ebfced8b6a.js

104.21.92.42

200 OK

12 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/1754.901479ebfced8b6a.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (11527), with no line terminators
Size
12 kB (11527 bytes)
Hash
56134729452ad2f059b72b7ca69c3c46
39357808d2372e366c0562f7a89957d26f89929b
f138deeabff5ca5314a2d2a7b892a288eaf820b1e8332dd4ac4efe62a4ae6c45

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1754.901479ebfced8b6a.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-2d07"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3CmvubnkKU9Czt4v5vtTbJ2MOv%2BVjZ9TLBEqrbSkNhFvT6syh3zbvlHUewFR6P4MXQr%2FQcHf%2BBIXVhb7sqESzOegoLOvyfALWsd5OlrM1mbAC9BvF9EtyXeTXDFFvgqB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f055d19569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000

104.21.92.42

200 OK

27 kB

URL GET HTTP/3
peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (27012)
Size
27 kB (27013 bytes)
Hash
4d5fdbf5a5eaf9b73b515e58aaea8ab1
af206657baadc54af340d9b32738e9797934eaff
05b026bb4f34d6fd3b5db29bffb1ba5be6f9b11d954fa44fd4d57acd997ecb2d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=sx167ztxj62attwe45zm2po07epfb7w&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Cookie: OAID=sx167ztxj62attwe45zm2po07epfb7w; syncedCookie=true; oaidts=1713437056
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:17 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: W/"6620e908-6985"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ann%2BFVtBqyeEBI1%2BWNaNVHt%2BhFsAOr5T%2Fb8gOi3pAKurFkl1K3IEkWGgZHPEz9gTM2nTgORPYKmq9Y%2F9lz2uhR%2BcoSiwvQLp6occYZSl5jLmEd%2FIiBOD4jif5%2BUWDuQg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f06e81d569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js

104.21.92.42

200 OK

1.3 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (1340), with no line terminators
Size
1.3 kB (1298 bytes)
Hash
928a78a6ff2acfdfc2b133e09c23a898
80992f60be4eeaa5e9ee31c4912fc8fd15806007
af03ac8ae373bd61c0ac2106d2837e74bf0f3c2d02682c018909684f3e6af5bf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-512"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zAhU4x9vCFFFdTt615uRUuKnNFiMFl9wsf9fpuAXnEv03%2BySEXS07Y1eQvqpnXQmMc9o%2BS44mVJNkndEa6wGBbCc8WkOux0dqSsaGvz%2FxHyQkHTRvG9ZxccDakG%2BgLjc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f03eaf6569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/finance-survey/icon-survey.svg

104.21.92.42

200 OK

2.7 kB

URL GET HTTP/3
peeglauwa.com/finance-survey/icon-survey.svg
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
SVG Scalable Vector Graphics image
Size
2.7 kB (2674 bytes)
Hash
a000ba4d0e7570d810feafb22bc50bef
af8fce44a683d3dfebe69cbe856e747739c9a666
9ae848c180201d8ae5c59ce118b0b7ef395a01295fb04d57e81cfe0566100679

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /finance-survey/icon-survey.svg HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: W/"6620e908-a72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1932
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qL1Fsuwi%2BUtuydEiPvqoXAoMHyjLSgZNhawPqSLk2ZQgUXJ5idZ%2FrThgjJD3cMe%2BheC35YVJZjFsJ5AXOWGuWKt%2F07KbKblaJoxIgkb95a68CfndcQeX6BAzlr5RDIUm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f055d14569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js

104.21.92.42

200 OK

182 B

URL GET HTTP/3
peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
ASCII text, with no line terminators
Size
182 B (182 bytes)
Hash
ca6aa05f78eb6859347a61db067f16dc
444e70f53eb809f0920de921925d854baccdd251
11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-b6"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4157
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tmLLlj5hayLJiZktoGXybs2IeCL2%2BCB59DZBQc8QWlEn98e6EF40HY9V2L5MB52oktv2c8XX1QJR9n1ZANh7X7rQzAYymFxQ4wLC%2B5COFz%2FpFDcf1miFP9v0zjGaf%2Fqe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f026845569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdntechone.com/stattag.js

104.21.36.146

200 OK

19 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
104.21.36.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerGoogle Trust Services LLC
Subjectcdntechone.com
FingerprintC0:94:F3:BC:8E:7A:FB:B0:2A:C5:0A:53:D3:08:2E:63:6B:02:E8:70
ValidityFri, 23 Feb 2024 02:35:13 GMT - Thu, 23 May 2024 02:35:12 GMT

File type
JavaScript source, ASCII text, with very long lines (18452)
Size
19 kB (19102 bytes)
Hash
bec2755dff94190fec0365b0db53807b
f98c36e7e9e06325d03fe39c3b98879062fc2704
ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2092
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkWx%2BoA8VaGOjgqpGXI8ssjPxR7b1yBPJhtnpN9pzR2k8i9xYXiuYTFQ9n1n24VbqypjutVYvPP39%2BERNyDSyk8p6swmlrb84FSmOjhPfBelOVo%2BBvnUJyUabx8XHZyMWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87640f055c721c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

peeglauwa.com/img/comments/finance-survey-people/person-1.webp

104.21.92.42

200 OK

1.4 kB

URL GET HTTP/3
peeglauwa.com/img/comments/finance-survey-people/person-1.webp
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.4 kB (1402 bytes)
Hash
c5da2ea294623650bae71fc84401cf60
f1f62ea011cf81953cefe28254c134e992453b91
09a846c5b1af2c6100ff3193789be1e0e21ba9fc45c268f76f2007c78f1e4ac1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/comments/finance-survey-people/person-1.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: image/webp
content-length: 1402
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-57a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1843
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdbD9vzr5rKz5ZgHckOxZOr02aiBIVcPNc4axz2Cbz7guylrrHknYbSmWHp4vSZUYrmeUIMULbGnxP0vfywNLVHocy9q7NwK08CdDelwGYS3pPX5iUz3XRknU4GMrGoA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f054d06569d-OSL
alt-svc: h3=":443"; ma=86400

peeglauwa.com/_next/static/chunks/5927.5b9e15850e6ed19a.js

104.21.92.42

200 OK

18 kB

URL GET HTTP/3
peeglauwa.com/_next/static/chunks/5927.5b9e15850e6ed19a.js
IP
104.21.92.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Certificate
IssuerLet's Encrypt
Subjectpeeglauwa.com
FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91
ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT

File type
JavaScript source, ASCII text, with very long lines (18363), with no line terminators
Size
18 kB (18363 bytes)
Hash
5bb517e08d6010f7e31b0f17b36459a9
260ee8a6737b10a939374d464312509c4630dfe7
615040639aee9f5314f7cb5119026b1a754621ea88e74ac1e5e2e7a144715320

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5927.5b9e15850e6ed19a.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:16 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-47bb"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s41MgPcF7vWrx0Qpk0ZWHokNn%2FO%2FymY6iP4uaur%2BFV17YpE6blVVW1NMUtf2KVIEF8zL5EMvApw7MYCL%2FFqFWacYQWWaBMpvaJo%2FSOI2tQN99rdB0e4ceVi%2Fe2KilZgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640f039a79569d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML