| peeglauwa.com/img/rain/dollars-3.webp | 172.67.186.52 | 200 OK | 5.9 kB |
URL GET HTTP/3peeglauwa.com/img/rain/dollars-3.webp IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image Hash51ea76ff382bff8ef58a9943f7fd21d1 5c3d6ad6620fbde5ce3dddc88604e6d54621eba2 0240f30fc542fb5c2d532f33bc793b797199adaea75e22a7d9f04674b80d9a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-3.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: image/webp
content-length: 5938
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
vary: Accept-Encoding
etag: "66223393-1732"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M6dVVoRANVKN52ZUiJGvHwHZy0DEHxI%2BLPrTQnl2tWvlUadIWEl5qQp94a3eJu2QpoodQRLx1ViQbRK5H2FiYXTwK76c2E4PDZb1Z0AfIxOKvYXdlGc%2BToEGHlEKXAMK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5deda95fb509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/rain/dollars-1.webp | 172.67.186.52 | 200 OK | 10 kB |
URL GET HTTP/3peeglauwa.com/img/rain/dollars-1.webp IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image Hasha5bef813a0113d018592091106451c8b 59365e96c4abca5eb98a0c56db0af0bb5cbffebb 036beb7de9c9d450e1442d593ff70ad392ca4be6754e7feaec249c0009e1bd83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-1.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: image/webp
content-length: 10546
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
vary: Accept-Encoding
etag: "66223393-2932"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mB7SAhJRrLBHSMrKa0BWmgVe3YRQnx0OTtkr9rhskAEN6RjTO%2BRFpBnfIb%2BPU9kiscXiMVTxqyLHGHs%2FInVAvAAn4irh%2FVYkdhdZZ%2F8848psnescGc4aL%2BPctDg6fjau"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5deda956b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/rain/dollars-2.webp | 172.67.186.52 | 200 OK | 8.1 kB |
URL GET HTTP/3peeglauwa.com/img/rain/dollars-2.webp IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image Hash8b4203d496c3f52b116af082a0cd4017 de5369e9459e240950bb7eb5261eaac1db26907f 8dd1f04088c25e20d15e1bc23129604830aab2b4d3d0a408a5f047f9768f39a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-2.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: image/webp
content-length: 8140
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
vary: Accept-Encoding
etag: "66223393-1fcc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2401
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rT7d4WumZbHr7B9uEA335H2fTMNPS9XcwZ6X%2Fvg%2B2kEfqiDfAy9ZbqlKYB34GFgohmKEQrPe7y%2F6qxMZAB%2BeYKDxgw%2BIMt4fp7E9b7zc5xMEiAcJ%2FTI0aNLEozlK0x0y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5deda95db509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/6hA5Viqe29e7UdXf73Q1A/_buildManifest.js | 172.67.186.52 | 200 OK | 1.1 kB |
URL GET HTTP/3peeglauwa.com/_next/static/6hA5Viqe29e7UdXf73Q1A/_buildManifest.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with very long lines (1605), with no line terminators Hash4e26be985fc91182030a4ab95ec611ed 316c6bae1684e586520a372662c54ccaed9b04a3 c9b58eda5a88420874a648d43ddfd6a6ac0a55bfdac13e55208e0637bff64a62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/6hA5Viqe29e7UdXf73Q1A/_buildManifest.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66224c4d-645"
last-modified: Fri, 19 Apr 2024 10:49:49 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xIyiDatEZmaH2FPHMnY2TlMShHRPtb5%2FwBbm92tlU5N5v8AFLjqA7Eu3ZW6vOZtRWAK%2FjA9%2BMlTqdPsBjV7Qr3aQg13G8KB4GQH%2Byoc4lkp9SvV%2FhiKKL1Oc3W72t3Rs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5ded08deb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js | 172.67.186.52 | 200 OK | 1.3 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1761), with no line terminators Hash0b47bad6a8778bdc8cd3dec268938624 246ca006b4bdb919f3f1e8fd567a8631f5a136d9 1bb773520bd8d662232b89b67a6ae04556b715b90239d9c443502219b71a2471
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9787.32846937d0160cf7.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-6e1"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SkuOudk4vYSv9MqPF8MWzWbrF4UfEOzJ1cPC0mh2HVRdzTAprnb4jHCXw2iYeYWrTyT6Ym1HIY24uVFmgk7YE419gn3fXxv4kBSICtxC87O%2B4MtOh8W1IkxN7SZs6EJN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5dee29c1b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js | 172.67.186.52 | 200 OK | 3.2 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (21617), with no line terminators Hashe5a18eccb2797e5391d6ce697f63eaba fd0cfa9d1d8af22b690973928c5d65b6be83389b 865d0997740868b6c2804f1949e997d55baffc23023235d8af966f8b999c2b84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4981.3c1daeeee82e08ea.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-5471"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WVAj4t%2BaEDj9vO%2FMLCcRh310n7gu9qry9xTxCK2K4%2BgeAT%2Bpy%2Fi7WwhlMXqTki7eZpfhANalnNe8j51DOnRP32EfBg59xVXvEiY5c8wXPuMlSHmO9X8fixtme%2BR5CWuj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8c2b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/1706.8dc3fe74aa63255f.js | 172.67.186.52 | 200 OK | 8.3 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/1706.8dc3fe74aa63255f.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (19495), with no line terminators Hashb1270f5ba4c9519d31c62b9dc7a5d0dc a1644847580416ba69fe6b67e086c7a36593c39d 60f9cbb77de76f7d15286e43c1ad034901a1f4dce5a3efe67a06870cae9b7a5a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1706.8dc3fe74aa63255f.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-4c27"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8h2Xxm7E0XP8%2B4TrGqo54Y5Xte9ElYOEcmL1xfgFNdUk35C2H7hlJ2mWEkruxvVkB1iayWmHtWZoeCjXLPK%2BxtohRzP5NlXFyzpN6sAj0M8BnAwElctC8YI2xVjTFyhz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8c4b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: application/json
Content-Length: 422
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 10df7ff427e70120ea835e3e60ec19f4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-4.webp | 172.67.186.52 | 200 OK | 1.8 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-4.webp IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash5dc160f6b521dc8f6c670b140b354fed 22e15cda82b532067b99932ec28f86ea2cc1ecbc 09c6c6de57458ec0c4e7a3d2375e0c7b9c037de9366b63e3685cc0ca94d838b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-4.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: image/webp
content-length: 1798
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
vary: Accept-Encoding
etag: "66223393-706"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1691
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q7%2FuYVeObsCngZ3BR%2FeVaE%2BOAn9o3yvJ%2FWYBezdQHBCX74nYyQNmpS%2FZRNzckCQbAI2HoX95ChCs1MPZuCrua%2FOY7YzhG0RIubK0IMuwYT%2B04tZqPb8oLBBz5VdLpkR0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5defbb6db509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-1.webp | 172.67.186.52 | 200 OK | 1.4 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-1.webp IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5da2ea294623650bae71fc84401cf60 f1f62ea011cf81953cefe28254c134e992453b91 09a846c5b1af2c6100ff3193789be1e0e21ba9fc45c268f76f2007c78f1e4ac1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-1.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: image/webp
content-length: 1402
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
vary: Accept-Encoding
etag: "66223393-57a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1690
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2FKMMTZXP8wk0hL%2FTlP6cAWAUfni5rFOmcifBjp2sd3oUsH0XQjV8Ae4akZuMnCZKYM%2BSSI1Q%2BwNgKZwloPxjPkdRbFPNTNzD09fe3t7bPIYj4cCpVa6mCSlX55FNjic"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5defdb83b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-3.webp | 172.67.186.52 | 200 OK | 1.5 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-3.webp IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hasha747d227c2e10b5178fd942484301d7a b3c5cf90dd5fd2c26c7b17dcb2d35b6dd47065be 9f4fb1281b7141b9dd48925953f7b039b6c411ea0e6e5b158d3e000d75316e9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-3.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: image/webp
content-length: 1454
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
vary: Accept-Encoding
etag: "66223393-5ae"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1531
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RFddF4Io%2BlkQaT1qoAhrB8IzgAMW%2FFVpJsfs7DFplekAEHLADv4DppW4d3980PQCCXgkZpOK6tDrxNe8ayt5qRhUSsSafVGL%2FQyaYfCnTs1jueh1rUB%2FnpflGMYKRNtv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5defdb84b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-2.webp | 172.67.186.52 | 200 OK | 2.2 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-2.webp IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash8f8ffbb278de1342e5cf44cd0c677c23 1b4b4428e409479cc8a8acfce6f537c2aeea7556 ac4284ed6941963c4fa0db306537f42f3a0b1fa18710bc7b9e1e62188961d83a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-2.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: image/webp
content-length: 2220
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
vary: Accept-Encoding
etag: "66223393-8ac"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1691
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Re6m%2Bp5WfCHAd%2F%2BTnb1fVkYx59SWOpl3Eg%2FVXcycgdUvwUDXzb6S8CpvzggA7jjNt47xT2DtvFjS8VpQqgPRvaQEnyeZUU%2FBddQuYs3HudM9Z18IksDGvHyf1V5cvxXh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5defeb9cb509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-6.webp | 172.67.186.52 | 200 OK | 2.4 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-6.webp IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash7be25941ac032fcec25b1bb4ede296d2 cfc4fb3733844326076b6d7632087204c0bea34d 0ff9d28c4ab7516d2790e8df4d325cf602bc8f9eb787a7cd9b6554edd9530e4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-6.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: image/webp
content-length: 2440
last-modified: Fri, 19 Apr 2024 10:49:49 GMT
vary: Accept-Encoding
etag: "66224c4d-988"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjRuC8maHrAlQ65q6AxCni8R7U5IuIYSLTMzVtr%2FIlqtplWROVeH9mPVQhHV0S3PWdCzxeUD1JrI08Es0uI97J%2FyA%2Bg74XIjLVuFi4ArkE%2BCJGg4qVC0zKtpdsyMXLgP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5defeba6b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:56:15 GMT
content-length: 0
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: application/json
Content-Length: 442
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: dadcad3f3c4856e9f73cd70ff4fee33a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-5.webp | 172.67.186.52 | 200 OK | 2.4 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-5.webp IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash188dfcdf19da1d86ed162d54ed03536d 98b1baefbb803548b2894547091b4c7773406524 4f8251665e3cc796f127ea6cbdc00a9ec450adff16acb4ec74463c446b6f4ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-5.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: image/webp
content-length: 2384
last-modified: Fri, 19 Apr 2024 10:49:49 GMT
vary: Accept-Encoding
etag: "66224c4d-950"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dO31EtySe0ibL8x5GrRkwij2er%2BIO73C%2B1bOQrqLuKlCHjp1cdkneyB31wn%2Fx%2B0zyKAbAM6YGj9WvXhNB8tq6e7slhqGmJI9DrDgyPyNyJ8qQATLbyfd4DTQy0ejTjqn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5defeba0b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ofklefkian.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=5180418&ymid=sfYDYSUJE1&var_3=8067447&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ofklefkian.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=5180418&ymid=sfYDYSUJE1&var_3=8067447&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest IP139.45.197.251:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectofklefkian.com Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02 ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=5180418&ymid=sfYDYSUJE1&var_3=8067447&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:56:15 GMT
content-length: 0
x-trace-id: 492067a6bacdab3936436bc4e28816c2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=09286c95-8d9a-4377-a8d1-5f9885e3032a | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=09286c95-8d9a-4377-a8d1-5f9885e3032a IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=09286c95-8d9a-4377-a8d1-5f9885e3032a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1501
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 19 Apr 2024 10:56:15 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://peeglauwa.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| peeglauwa.com/favicon.ico | 172.67.186.52 | 204 No Content | 0 B |
URL GET HTTP/3peeglauwa.com/favicon.ico IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Fri, 19 Apr 2024 10:56:15 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxP3w%2FNIUkV%2FEy%2BudWE1LCmUKrypeWn4uEghOxSkIZwqJrSvOCITL0xJQkrZzxJI7ZwacM14t8NyvPceyEow0jyj9qfh0HgfZ4lqYRtm6rxdHAaQV0tbMBSBxKmexx4X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c5df21d99b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5180418&ymid=sfYDYSUJE1&b=20686851&campaignid=8067447&click_id=804797970682748929&ab2r=&rhd=1&var_3=8067447&oaid=g4hxw1n6l6ix5uow45jbvmpnran4f0ix&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 | 172.67.186.52 | 200 OK | 18 kB |
URL GET HTTP/3peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5180418&ymid=sfYDYSUJE1&b=20686851&campaignid=8067447&click_id=804797970682748929&ab2r=&rhd=1&var_3=8067447&oaid=g4hxw1n6l6ix5uow45jbvmpnran4f0ix&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (27012) Hash4d5fdbf5a5eaf9b73b515e58aaea8ab1 af206657baadc54af340d9b32738e9797934eaff 05b026bb4f34d6fd3b5db29bffb1ba5be6f9b11d954fa44fd4d57acd997ecb2d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5180418&ymid=sfYDYSUJE1&b=20686851&campaignid=8067447&click_id=804797970682748929&ab2r=&rhd=1&var_3=8067447&oaid=g4hxw1n6l6ix5uow45jbvmpnran4f0ix&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
vary: Accept-Encoding
etag: W/"66223393-6985"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1096
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4P1BaAog8TKCDk%2BcEqG0zwVHw5cPQv%2BsufZ5f8LiZWXZr30BPMrWkjCujLLib9C7jBuv3focixU2tnFmS0DeEf8EUwtEJC2do76xlNy%2B09wh3Nsdze78KytH4U3a7DG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5df02c1ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js | 172.67.186.52 | 200 OK | 26 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (26042), with no line terminators Hash499fb17b15c09c2d76681f27dde9a031 5564d317c33112db56918ec372d392caabec70f2 9350c53e2fe847ec629962106d01d6af28a0d9c69feb57e7609b3c096935cdb2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-3281cb961088a9a3.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-65ba"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDgoqDmtainBMdA5IKbbwN4t9610SQBEz%2BtWTqOXAdrnZcDijkiWRlua0HN5MVevNqmF1NFpuyGD%2BO5xNNCVZLVQQIWDX%2BJU%2FEishTuWcfuHE515v81dp%2B40Tkx%2BxDJ1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8c9b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js | 172.67.186.52 | 200 OK | 925 B |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (939), with no line terminators Hashe370c58940efd9305daf2c9601a7da0d ac6f3895617e4817d7bf86b7c637a231b13a12b7 acba948084ac297d876a066617c1a4c6d9f5a664d43514af605a4c6d1fe37315
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8904.6fbc0cfd51623cbf.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-39d"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jm9Epx30JZVCjqc6O3KKbdsSNEKoTDJWIdVIs7OmLtlFZo3tKOIDR9ImVjvZZx37prh4c8cIkriQmmMenWVEDzQsvUwNAZV3%2F%2FxJMNH7CkDyLG9tzctcGxHeFQJzB7J%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5dee19b0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/track?dry=true&request_var=sfYDYSUJE1&oaid=g4hxw1n6l6ix5uow45jbvmpnran4f0ix&os_version=&var=5180418&var_3=8067447&var_4=&variable2=804797970682748929&ymid=sfYDYSUJE1&z=5180418 | 172.67.186.52 | 200 OK | 182 B |
URL GET HTTP/3peeglauwa.com/track?dry=true&request_var=sfYDYSUJE1&oaid=g4hxw1n6l6ix5uow45jbvmpnran4f0ix&os_version=&var=5180418&var_3=8067447&var_4=&variable2=804797970682748929&ymid=sfYDYSUJE1&z=5180418 IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe6246b04b7d99b675f7086e756e1f242 9f3b5f5cb9b34830dc20448a0acc83bcce5d2727 5ecadcf1c19edd16643f48e47f530b024c97a5653f98a47e14c61d5270dd7881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=true&request_var=sfYDYSUJE1&oaid=g4hxw1n6l6ix5uow45jbvmpnran4f0ix&os_version=&var=5180418&var_3=8067447&var_4=&variable2=804797970682748929&ymid=sfYDYSUJE1&z=5180418 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
DNT: 1
Connection: keep-alive
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: 9bfae7adec5688302259b6c08fbf6539
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bofZFnfND%2FkFtbT78j5%2FKp8WH3hqgy5%2FZn77eMtk6nHJsmaucZyscXJeom7SQIk417r%2FYSY34wnIRhsoI4HSbyYovNmwElGYPCCFnoNq%2BTStEpOuj57%2FTIL43i9TCinn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5df00be1b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js | 172.67.186.52 | 200 OK | 1.3 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1340), with no line terminators Hash928a78a6ff2acfdfc2b133e09c23a898 80992f60be4eeaa5e9ee31c4912fc8fd15806007 af03ac8ae373bd61c0ac2106d2837e74bf0f3c2d02682c018909684f3e6af5bf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-512"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8ENkiCriF3xwKm%2BJ6vMM0wbMPsjK8QcBcSfpD%2F9C8oc0bautc4fmEOfez%2FscwTVukZCY6lWAWTx1rRZWbKyyjlU9Rf7FUmeY0uThXy583TC44h0eR5uveKFRsvmN0bD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5dee29bbb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 104.21.36.146 | 200 OK | 19 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP104.21.36.146:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com FingerprintC0:94:F3:BC:8E:7A:FB:B0:2A:C5:0A:53:D3:08:2E:63:6B:02:E8:70 ValidityFri, 23 Feb 2024 02:35:13 GMT - Thu, 23 May 2024 02:35:12 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2792
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQkl15NfNgY6HHnt8VappyF5ZQCEiwFwSyf2nLF35QdYCX9xJmd4NeapB6uk4HpffcqNQ9kUlTnmMrhgA1%2F23dT8p8p60%2BN36ZlGeHxBPSqhLFakNW63r5xOSw5ZkEvwnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876c5def4df95688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 | 172.67.186.52 | 301 Moved Permanently | 39 kB |
URL User Request GET HTTP/2peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 IP172.67.186.52:443
CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: text/html
location: http://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AwiW4bYccJVkdod%2FRK6HYAmRp2DmdtsFH3jtEyf%2Fjcq1IjV3Ej5yPJK33Nr59JUWxu8dgoxoH1XVkko6zeT5lblwvZGLW1stuTgim0hVj1f7bEZLXHWEJtuL3RSIzImC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5deaeffe0b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/_next/static/chunks/5927.10a9d67f6732d4d8.js | 172.67.186.52 | 200 OK | 18 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/5927.10a9d67f6732d4d8.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (18514), with no line terminators Hasha430ce709a2b2e9b144810c17115f6c7 b0d435157a5614b2d58efdc0f2b5d94bfbfb5c2b d2461dafb3c86b97148ce5a6fe69d9f050cfe2aba4ba5fa311ebc3349504a7e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5927.10a9d67f6732d4d8.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-4852"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 5983
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cxRuwOjYq0b69sGDE61kN0zFpfX4KoRN0Vco%2BfC9FqEoTZrExXBs6HwpSdYI7BCbXTqG3jxG8f2GWS6M7BGRTXgDlHm7kV%2Fh2TGkBXhee8pcT0eh4oaMC1Cp014Qdy7B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5dede998b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js | 172.67.186.52 | 200 OK | 3.8 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (3870), with no line terminators Hash1d892f4ab084b8290d79dcf9ec65b79a 17b0c18b7201dd8eb4bbd3db5be2f1d784000948 77e68c0c19f773bcf939398361c922509f29268cea7afe93f3f7050183115e14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6223.36a8be3b6724c1ee.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-eee"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BB5c7dHfteDXAoH0sLi4Khu%2BrjhIbuMo%2FBRyX67jb3zBcm2j0KA2uVeSNlk77%2BV9c32toLpWx0pu47H9pzymGxQ%2BQ6HH91TWKg%2BXxPhJ8qwo9KPHsknIGimL0gj3qNf1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5dee19b7b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js | 172.67.186.52 | 200 OK | 2.2 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (2203), with no line terminators Hash1ed18362d677042a624f3bc202896366 fc2e55c96b3a6c990e940d2311cb48cdc0674a1f d67a66a1cd76d834cd5fd7b0007519596d3defc938b6ea3e6749c0cec336fa99
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.c8175d9042cf8d52.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-871"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25IMDfEz6z3L%2F2%2Fxoy0a8Seyk0%2B48GWbal2zL%2BLPrJzcfPQtG95a9ciyun5ssjz6NHivOXUqChlh6nh0JrorgbkNygl15zOEDQnuz7bLg1IDx%2BsIpo7%2F1yHuskj7mJ4f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5dee19b9b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/finance-survey/icon-survey.svg | 172.67.186.52 | 200 OK | 2.7 kB |
URL GET HTTP/3peeglauwa.com/finance-survey/icon-survey.svg IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeSVG Scalable Vector Graphics image Hasha000ba4d0e7570d810feafb22bc50bef af8fce44a683d3dfebe69cbe856e747739c9a666 9ae848c180201d8ae5c59ce118b0b7ef395a01295fb04d57e81cfe0566100679
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/icon-survey.svg HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
vary: Accept-Encoding
etag: W/"66223393-a72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2136
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2wmPiUGsBAcCLQEtpi%2FQpmgK8fuTKNTdaosN831N3dphRCMV42eQB3HxpaTv2buXteL7HivvbAyvOMQXZq9Cc8QOvYgwA8jSAYAsPokLUoUMLKoMYjoV6QQ4RBCWYNvK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5defdb86b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/webpack-2e14e341f6f1b397.js | 172.67.186.52 | 200 OK | 6.0 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/webpack-2e14e341f6f1b397.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (6254), with no line terminators Hash16a9dc11dda1f98f0836ccb15a2bcf88 f5fbb26aca10b3e59be519ddef326391afc58063 90681a2af1af929c51fbfe0d8cc659651e4ef6b4820b4d634f6c6a11faf5cbb3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-2e14e341f6f1b397.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-178c"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dW1iDOzZ2HtRpcUFDwOwcQuIaBmwQ0Hj4TAf4jLa8o8NgvhF85h6bOv%2BVQI9GOc8IuM6CO3D9f29Rxh3Lo%2FGTAgwUPXVy0hiYPpmveLu7sdkaNIlhg5u0IlQIXObIAcB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8c6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js | 172.67.186.52 | 200 OK | 32 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-7c98"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NsCYXtZGmRrV5uQJZ5PdmgrZ3iKobf34HGQ0YzNtjIajMxXdDJzIMtf4ZzACFSbn3fSkuO5OmCX8v5D3KJa0hGXoNggANKvVJcf7TE21XRTrYvQrqBYae635AiXq43p4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8d1b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/2090-159c6013c0b88770.js | 172.67.186.52 | 200 OK | 11 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/2090-159c6013c0b88770.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (10748), with no line terminators Hash6c1a736cbf8e2c6cc4238e685195244b 1cdeb81eb7f74c867f928f5ee7e7274f02a7f038 2a938076a9ac0e1e821faa320571db871201b066504032b8cd248db1f1aae072
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-159c6013c0b88770.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223207-29fc"
last-modified: Fri, 19 Apr 2024 08:57:43 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 7048
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBrxUdgFzWPoZ38n7YKBh0VjZ1y59oZ8S7nFHNxe58XjVNMNe69jkxy9wW20opGK31X4ZKDJ97F5%2BtPvib7%2BrFoo9%2FQd3fI4CFAZd4BeFSeTYTzjhgSQClnfVObGjdpx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5ded08d6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/css/0bc0cde260d08b97.css | 172.67.186.52 | 200 OK | 1.8 kB |
URL GET HTTP/3peeglauwa.com/_next/static/css/0bc0cde260d08b97.css IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with very long lines (1841), with no line terminators Hashff1d3d5d24ca0172d59b02e7505ddaa1 41e83ee08e21f369886b0fdad0ba01d8b20897b6 939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"66223393-733"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RCJTkbI%2BsO79%2FGt31XNYZ3BjNK%2BV%2FrV32NlJ6xEDnEjcj%2BmzBxR2csYhlaQNakrv7yg1HyYPf%2F8TuIHVXJuolPLgDK4qSABxJhPZ0hF5RnopAnGq3kukR2r7IvhRBhx%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8bbb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=g4hxw1n6l6ix5uow45jbvmpnran4f0ix | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=g4hxw1n6l6ix5uow45jbvmpnran4f0ix IP139.45.195.8:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashd28ec5e21c4d2708638e645e2085a0cf 07a0a7ab4da6ed425a15f44e00fdc2779dd0496b b6f01cec55590435e84ef4e3fe8d296212fd66a195c7a001028ed4d2ee12bb6a
GET /gid.js?userId=g4hxw1n6l6ix5uow45jbvmpnran4f0ix HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://peeglauwa.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; expires=Sat, 19 Apr 2025 10:56:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=5180418&ymid=sfYDYSUJE1&ab2r=&var_3=8067447&var_4=&os_version=&uid=g4hxw1n6l6ix5uow45jbvmpnran4f0ix | 172.67.186.52 | 200 OK | 6.4 kB |
URL GET HTTP/3peeglauwa.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=5180418&ymid=sfYDYSUJE1&ab2r=&var_3=8067447&var_4=&os_version=&uid=g4hxw1n6l6ix5uow45jbvmpnran4f0ix IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (6427), with no line terminators Hashec5e16f1be4113caa8685a270dbb3922 549c7864b8a52257b162be92495a04ddf930a07a 0a19f6c188ea142bc1b735fa0dba72053b189a65a40777805e96029acd7170e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=5180418&ymid=sfYDYSUJE1&ab2r=&var_3=8067447&var_4=&os_version=&uid=g4hxw1n6l6ix5uow45jbvmpnran4f0ix HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
DNT: 1
Connection: keep-alive
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 979d7b8694f08b2595ebd5b8e0bc7d51
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; expires=Sat, 19 Apr 2025 10:56:15 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FdyvE3MP7cPB6L9wT6SB2I%2BAphSd5q6W%2BuhzYI9RXG7r7P9uedaIKaIIZ7WzoMWE3vSVU5gIZJzWxRO3MNmRHS6GJM6BdWS11MPrTN%2BlZZ33ekRY4dtbKF5m551SfkSj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5df01be8b509-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/sw/universal.js?var=5180418&var_3=8067447&ymid=sfYDYSUJE1&ab2_ttl=5184000&zoneId=7085340 | 172.67.186.52 | 200 OK | 1.2 kB |
URL GET HTTP/3peeglauwa.com/sw/universal.js?var=5180418&var_3=8067447&ymid=sfYDYSUJE1&ab2_ttl=5184000&zoneId=7085340 IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with very long lines (1235), with no line terminators Hashdd0b5076f7df915b30c5dd9bbfda384e 9d872a41735a575fe000724c11a5c9bbc246c539 6120f1a81b74d500834a6088cbca7f608f597128df8d629c76af4761a9e96454
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=5180418&var_3=8067447&ymid=sfYDYSUJE1&ab2_ttl=5184000&zoneId=7085340 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1461
etag: W/"66223393-5b5"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1096
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=owmO3beP4be7C7uvt3SgBQJQLG8qE5yjFf7CgNtaIUhDZogTiHdBKfwWCq0UMw2O2695zuVmCDZnKSheS46L5LjwT0Ebzhc7oDI4CyMWTuVmTCcoNvqipfvAjRb%2FuAmA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5df08c73b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/825.6a9bbb769f2c0ed3.js | 172.67.186.52 | 200 OK | 40 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/825.6a9bbb769f2c0ed3.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (40162), with no line terminators Hasha7b670a04c10ab2c32a43cbca2ec732f c1d0678d6253a3d55c35d15e1ecad2d51a7edef2 77d32c31ff8da053f04ad4d272d742740df9d4d55f6860e7e1ffee674d99a989
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/825.6a9bbb769f2c0ed3.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-9ce2"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7sjRHN9vYC35uZyjXpWCFMvH8E4IN7NITZLr6xSAlbHLbMLOwXD96XdW1lq1b9s05d%2FUVo0DmPTJW1NPkpyoqh8%2BjJFBI309t7yXcINjNlj1ZaukmdsttfVfsMEznhnD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8c5b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/1155-d0700c0f9c0d55c0.js | 172.67.186.52 | 200 OK | 78 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/1155-d0700c0f9c0d55c0.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashe0e4f238d0fff098b16f51a7efc48cff 537978977a99591d246c579012072ceb1fa8c5ee 7570720b13f4fabe3b58105cd50e22132c9eede4100805bf5cdc89d1f38b3cd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1155-d0700c0f9c0d55c0.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66224c4d-12eb1"
last-modified: Fri, 19 Apr 2024 10:49:49 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvcV%2BDB9Uwacb1fs%2BRa7bGFC5I5%2BMSngVrwOjpAbdSeLQSNsMyY2hOwtvdtvq48xAhxPpLxMtUEI0c5Ihxby0nGeQt%2FXig0ow%2F5l%2FW23yIR3%2FRKQlYMP0k2buY4MTj2y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5ded08dab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js | 172.67.186.52 | 200 OK | 3.0 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (3033), with no line terminators Hash74bc667253313da76d87a4a986be1be8 9fa4f4b0ef93eb4d387552e257796321d197540f 1c06c61294617665f38c1276deec5d74330236351921feeef0061359cdf139c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3978.f48a53d50c258a97.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-b8b"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIjeJINAkcLxEeR1ol5GCBh953nkBIey4RFtruxbS9ajaEedicmf5Z4dkr%2Ff%2FlOJ2uHzw2Nn0iAfOh1UbmKR0CZMkv%2BR%2BQObx8ehD9uNR6BXPg0jo6vGryOWo9P7Q2v1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5dede997b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/1754.9cd5cec6a6099ad4.js | 172.67.186.52 | 200 OK | 12 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/1754.9cd5cec6a6099ad4.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (12011), with no line terminators Hash97a720cc805d2afba1d18c848124b92e 600abde3f10a7008dcf63a06a38ddcee64d57824 67f19c84ea29e05d552357bf00c539946706d764dbe36d184af3b711ebd663b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1754.9cd5cec6a6099ad4.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Cookie: OAID=g4hxw1n6l6ix5uow45jbvmpnran4f0ix; syncedCookie=true; oaidts=1713524175
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:15 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-2eeb"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 5983
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E9eo4ykh2BEswG%2BFeIGbHRorAhO1vnxyjDR6%2B4CSabBfAPmLv8mnVDKyEZzQbtFEE33z5JUvsJVkjlN0ZrxWMArrlDJ56LWAScs%2B6n7zdUmIRD22mJb0t1bKPkQGTVEY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5defeba9b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/6hA5Viqe29e7UdXf73Q1A/_ssgManifest.js | 172.67.186.52 | 200 OK | 182 B |
URL GET HTTP/3peeglauwa.com/_next/static/6hA5Viqe29e7UdXf73Q1A/_ssgManifest.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/6hA5Viqe29e7UdXf73Q1A/_ssgManifest.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66224c4d-b6"
last-modified: Fri, 19 Apr 2024 10:49:49 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 317
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=av4y5t2NtHwqXqMeYe0bCSqZW1zZmubdpv7DPtWaDNb%2BiMX24HLxgxA8zMrQPICdZA5%2F89E7DaNDoNxBdhG8IGX10NxirZqovqGq1fkJdzl%2BcCePXKUZQCWyYtqg4xTl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5ded08e0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 | 172.67.186.52 | 200 OK | 39 kB |
URL User Request GET HTTP/2peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 IP172.67.186.52:443
CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: text/html
last-modified: Fri, 19 Apr 2024 10:49:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRW9H%2BWAFQWol5oJIgxJ7SjApznHhmx8O5tuv5eNmHYUu8%2BQyxadUmO9PAfPSPWfZ%2BSHXT5uB%2FTMJzOoUTnruA6bk2TFVjj5P9GM0w0UriKm0Y25%2FOZ2ifhKrW9BWsmx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5deb78760b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/_next/static/chunks/2610.1baf2de4c8779a0e.js | 172.67.186.52 | 200 OK | 13 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/2610.1baf2de4c8779a0e.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (13124), with no line terminators Hash285f6dd54ac88cdc30a796895c98adb3 f4ff40359e70d2a28b3ba2773e180ac93ce29a37 6dff74775e02f0f3618dcd683ce01b570ed044fca2a250051e6f7e6bb0cc2974
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2610.1baf2de4c8779a0e.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-3344"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6164
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OLPKq8kqbSXmPVk3LBFm0wSgS4965NwYDgZVYqorLs5YQ0pPov%2Ff45GKiCL%2BJZ94S2AD2dujC8r62sef3oNTC02M8L4ZnFvdK6J1Tf0rBD1o%2Fjd5VQuZtZhhWjB09NTA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8bfb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js | 172.67.186.52 | 200 OK | 109 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (108886 bytes) Hash49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"66223393-1a957"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tst68yn8lmBBj0tHj1ZLn7lqvSCrb01W34R%2B1%2BtFaQATEOvG00PkylFyI0fEMksdDS1DgLnUwab6%2FQeN3zjHLlE%2FlcG%2Fn5ZgYrEetIqCka9rELNiOFXaQFNrSdY4YAOI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8cbb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js | 172.67.186.52 | 200 OK | 39 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (39394), with no line terminators Hash78af260e6345bb993cf649622f4d7ecf bcad2770feaa6e0df7dbb92c24da90c56da29559 cca988f276fd684064d3ff252d813ca24f18f73cb16e18a1edece86f25f60e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-0755fe53a86fd6ab.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-99e2"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xko%2BVGXhFAqBxC0XERHgLqT2GNV6e1Scn5LtQO3OQxOf8YnEK4cNUCjlUzLEV1aBGHbPAYkzfp%2Bm5yNHc18onH9s6liWYvek9CIkvQf4k5FDkhxJPKLVnFV2GII2JY0v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5decf8cfb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js | 172.67.186.52 | 200 OK | 662 B |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js IP172.67.186.52:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (666), with no line terminators Hash49f9c13e383477050c867416e60b3222 eeb57b5af30601d21511ff1eb94001b86d0c6465 1430b1cd7eaade1b7ba5b3a245f9221c0f6067efd03fc812821d0762b5d10ad4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804797970682748929&z=5180418&var=sfYDYSUJE1&campaignid=8067447&b=20686851&ymid=804797970682748929&designId=[1,2]&var_3=8067447
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 10:56:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66223393-296"
last-modified: Fri, 19 Apr 2024 09:04:19 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2402
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhwRT4kQVl662h5Qo64u7pG8k5xEKx1Z66L8bodqcrHd26yqqL4OLNk3eN6bVP4qz7OADi4gaMBH7i%2BeGIgPAEfqh6omd4QHjT%2FKrMpGyeScG3VY6S6CQJh1cYixql26"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876c5ded08dcb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|