| gaunegeet.com/js/s-storageService.js.bb9f7a22.js | 188.114.97.1 | 200 OK | 886 B |
URL GET HTTP/3gaunegeet.com/js/s-storageService.js.bb9f7a22.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (2170), with no line terminators Hasha804db09269d602a8a7a50877b60fc86 7aa84eb6c94037c3bfabdf407060ba7b9ca73ff3 f5e3a988f32cdcd8ccdff165e33a1807acdde6426cecbb464c315306ff5e6f6f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/s-storageService.js.bb9f7a22.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-87a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=huS8vdYSqP8WudXX1xtchhhUtq%2FKghZmXshhC3tVzpB7DoXFGxdZRSTr1OkTy6WhYLUmVgTk9wARfwkZhVCToerzG8la1ZPSZS2TZGB8uQMK3hkPdo9q0BdogkpeofYE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31d9456ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-constants.js.49317f47.js | 188.114.97.1 | 200 OK | 861 B |
URL GET HTTP/3gaunegeet.com/js/v-constants.js.49317f47.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeASCII text, with very long lines (600), with no line terminators Hash973e735a355fd5b10428c250e8fd7236 bd3fb14c90e2700400c69b15a84e317d52493bd9 16f1d5ca604ad59b9e5b484b1a0cf2d43eebda055ecee80ac847fbcc4437f0b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-constants.js.49317f47.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-258"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G6wVp2fwjvTNEj2cX5MaymUsQYNWtzMppxxosfVXS1vGxa1NQssvFynA31Wet0M4G%2F1ckSCszIdwHNPwC6c3KzPmK4PB2rwxW9kwyQshiqlqDrQ6VGiSFx8rrIpZjoAY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd55eb256ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/SweepHeader.b279c2bf.js | 188.114.97.1 | 200 OK | 1.0 kB |
URL GET HTTP/3gaunegeet.com/js/SweepHeader.b279c2bf.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (1009), with no line terminators Hash0fe439de7df51eacd129903e89a15baa cd04958d3fa581e73b01c27ea41d97d5a430d75f b79bec35661387c45718f5592adf5634587c228d85d45c3b5139bac73214bdf9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/SweepHeader.b279c2bf.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-3f1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GWqH3EncsRyB4o8KQUuWdCs2hiixkvTQLyeHKtgXew2FcD2e1Lxc2%2F%2F2tg1CkbBNHG50uuPvnNfRwEnWKIY60%2FrLPcxulPNR0I%2Bx9qPU9bLPJLTSJwRzgseOUROVFKZ5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd53e9556ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-index.mjs.19622407.js | 188.114.97.1 | 200 OK | 8.0 kB |
URL GET HTTP/3gaunegeet.com/js/v-index.mjs.19622407.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (35287), with no line terminators Hash1de1ec2d8e7940b88970d8fbce40ed6d 510aa24127fb8bc3578d9ca4628b2eea5a84ce01 b473156bef833bcfb2e84658093f1ebc1e64011dcba904e26ccb31f1cad8b762
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-index.mjs.19622407.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-89d7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdn8eH86P0jA0lcp9RWYMPNntw0%2BsLjf9b5b5EA887PWGElECT45RIwT0DyYE%2BiAev26TMtwXG7xqYKCfsBcUsgrIppz8f9Cz8yhEXXKeV1%2Fc5%2B23PZCmOTJ9VbtygZS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd53e9856ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-domparser.js.97173b2e.js | 188.114.97.1 | 200 OK | 703 B |
URL GET HTTP/3gaunegeet.com/js/v-domparser.js.97173b2e.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (1720), with no line terminators Hash52ca18eed5d7b4a88f79e075608522fb 8332ab1afc8d9c23d127cbc785fb41af81563732 ce352016d1e917abce6b5552ae2fdc941a8998300566b138d04383ae461f0a9d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-domparser.js.97173b2e.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-6b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2jlHDBefZPTLrK5tLTY%2FOPc8iqIIl2aKEocxVtC8mWZFrkC2RQZIcGR7blQ3tmZWsHRjwdxB%2BTbQ4TImfJxOnaqn6SeZNuQIIRgNCLHZa%2BxglMQybntz1NPCq5eglfh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd54ea156ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 693
Origin: https://gaunegeet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 59c84c37fbbe42946019112b2404a07d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gaunegeet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gaunegeet.com/css/sweeps-survey.f5ae42b0.css | 188.114.97.1 | 200 OK | 118 kB |
URL GET HTTP/3gaunegeet.com/css/sweeps-survey.f5ae42b0.css IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeASCII text, with very long lines (46760) Size118 kB (117522 bytes) Hash009115228eec8ac69e3edb47a94029a3 81b1db77707b34ba69f798116975d95a4fa72694 6e782711eee2ca7a37a5e8e22288f3ffe774bc2a7ba5a200fb4807213b1ab701
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/sweeps-survey.f5ae42b0.css HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-16dfe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bgV5mioGji5DK%2B%2BeNi%2FUzSo%2Bm%2FKi8qvBNYb%2BpG7lbUINAMhNFMcXCta%2Bu4ArhkWR8AqXTzy1jyl76IoYR5uAi8G49X9wQwHVlMD7SHuVTbv5mrJPGQbxL4aSDFFBbCZv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31da656ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 175 B |
IP139.45.197.248:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hasha7fbccd9aed97a405c912f014e54e33d d1f5a4e6a184f566d272fb282c7719dac8da4d38 27abda38a3b61986ba145f4fc9a02407cc4649fb26b3cec1a4bda41b7cba21c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 153
Origin: https://gaunegeet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/json; charset=utf-8
content-length: 175
x-trace-id: cc5eb3c61c2b35da4dc7d1971afcd028
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gaunegeet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gaunegeet.com/js/v-dom-to-react.js.26fdf751.js | 188.114.97.1 | 200 OK | 660 B |
URL GET HTTP/3gaunegeet.com/js/v-dom-to-react.js.26fdf751.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (1085), with no line terminators Hashb9187a6f31bd6c7c0cfe0bcb37ecf60a 1150c33a65703059e43c0d85b1680aa04d4d60e6 a5f216a4ea67c8f005b6cededba525ee330a2d4f8caedc8232f44e4e163e5ebd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-dom-to-react.js.26fdf751.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-43d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7dUtXeQYlXDsdWKQSNY2gbE5dbJpg6ZTchWD3ZXs8VPjUIcJWZY5g096G%2FqgAxUkYbzLdpQivudWXyYUw1cwZ0umyheXDgIB6c%2B3mWdzZLMh1Tw5vILqSBVrKkQvfzL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd54ea256ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-1.webp | 188.114.97.1 | 200 OK | 862 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-1.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x52, Scaling: [none]x[none], YUV color, decoders should clamp Hash384118eb5e49870ad443d90051c692cb 35a73704dcf55b3232f2e9cfc333ff2ecfdcc19f 1ae21006f04f15e16a8057644615cdf8a8a9b39db706f53ba9a925327a6a1635
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-1.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: image/webp
content-length: 862
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-35e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VN%2FPHF3xcgJE8fw2Rdi1VeDhfqqFudex2y0gIit8NhF64h52iDMB%2B46hscXj7zq%2BzPGXEaRbY0HFnLNO7BQTYJTw22%2FX9951uC6%2FPV8IOkx7HMcv44fWJ0zdCFfnfzxM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd72f8156ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 886
Origin: https://gaunegeet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: b50c001bf8949cce8c1a3821c6aff015
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gaunegeet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gaunegeet.com/img/comments/person-sweep-9.webp | 188.114.97.1 | 200 OK | 818 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-9.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hasha61b1f29004e5a54130bc57051a49c0d 7f60eef07e311b3598895343111d90282a002ea0 b3de11ad2ace70aa9786af4a9e65db774466fe25aca16e16dabdfa7ec76b0a53
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-9.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: image/webp
content-length: 818
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-332"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F97KFFeo5ZDnQ1CsHCTtqJtskv59Aa%2BQIo0pCVGM2Y9jufH8EQWDN0TDPg07IxtNOahbtOvwu454JQ6oVdqrAbH7Z%2BKVyqwrPyizuuY7imSm58Bs7BSdkZS0ovdnE64g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd75f9f56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-10.webp | 188.114.97.1 | 200 OK | 572 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-10.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash206819c13484a7a818f1e4499be3704e ada2f34308d6eaa0d004ed0c732e5a3aa7fda1db f4eed862cbcf8f9ce2bde63cf3e13e73ed3e58ac93ec4bb14301b248c4d58e1f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-10.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: image/webp
content-length: 572
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-23c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RB51P2YOdq9qeJsoUGaXIpuqISU74Oxum%2FPHhjfJgFyWPTZP6%2FrGw8Md2Zt01TzE3dno1RQnzb6%2F%2BABwPfkuIgltAUTcjHjfx9tF7OOG%2BLCdvBIOQurPRtD0FofE0StV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd75fa056ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-14.webp | 188.114.97.1 | 200 OK | 626 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-14.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash7c494127025f1ec09a96c16bf0531a36 0c2f9302c41f99da9fb5eead2c364bdbdf435156 e6443a7cdcc5ee11ece88ce10824fd79851700e4bd3dc6259d1a816182b82e5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-14.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: image/webp
content-length: 626
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-272"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bPhy2okbPOvaGt9U9Eo%2FXAkkDY4%2FhnHyrQW4dsyVjEtNUjdg2YhfcmpKzFuMWM26Sqg4Kw%2Fse6B9tYc8PsKKxAQfh8PZTQ9W01ALdXfd11CbuA5K4%2Bh%2BV1gHVs0NCokr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd76faa56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/pfe/current/stattag.js | 188.114.97.1 | 200 OK | 7.9 kB |
URL GET HTTP/3gaunegeet.com/pfe/current/stattag.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (19053), with no line terminators Hash3a74216e872211a9c770302bb7d4a63f 7e63556174a7d66eee407218e503ec0aae2c0f9e 03405209d89a927b81d53eb13968663069760776389c5400bb79d11bd9f78f78
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/stattag.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-4a6d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmNZNN3BvRR6p%2FLEOUs1n1GuAX3OhfdanIHWrf%2F%2Bs%2FYPNtRAR2irew6bQA0KB4%2Ffg13v21na5UvEc7kplIC7wxPEc30ngtGKISZYniSuX%2FpUdALOLa%2BeyvznvfoMRhUD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd51e8856ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-2.webp | 188.114.97.1 | 200 OK | 538 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-2.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashe4d97f0d392aca4fa78b0928438d0168 55f713d8826a9a65e11fddf4c5fa4ea5939953b2 7058be64334990621fbc8cc06782aac5116c6e8a6d7700d892cb8b36f06c5866
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-2.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: image/webp
content-length: 538
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-21a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=amrVT%2Fhxkog%2FzEudL%2BISnKoac640QQ6FWlV1lDRWYry2cynZu7vy9r0ayKvEcHtyQS3KFAX3l1gjLO4kE%2B8rLGIPjlXYJ6bC9Grda8usTKnwmD4OLal%2BkHptrsFfsrSp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd72f8456ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-4.webp | 188.114.97.1 | 200 OK | 800 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-4.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashb1c95558f71bd6614c52433c225b6a28 7c903c12b48199ac1e1b3c8846baf12693b97a28 8e5987af9fd886b03617f6e4980035a877697b9ccdeb9f002c41baa1d6ee8912
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-4.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: image/webp
content-length: 800
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-320"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5QrH%2BYHdGirdZ7eEaqiTDjLHKn0hVWzBn%2B0W6O2GWrI8lEW2ITXqgu7izKhynaeV6SiNodZA2%2Fg8rjxQQ7UJKclCyVpXkydcKSBuUbxvcDmQ%2FvR5MQiDvtsNbBORe%2FPw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd73f8856ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-5.webp | 188.114.97.1 | 200 OK | 588 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-5.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash25e1107a0e365082ccd6093e0073f05c 7b0d3c741f2bbabbcac99f29bee8cf2f9eaa1841 935ec86b128c0bb7bfafc5915a46c0c3709c47b90509e26e4c994d8ef5587cf2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-5.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:55 GMT
content-type: image/webp
content-length: 588
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-24c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZLqWq%2FMpxcHRPmi8GUVtK%2BsWhRawtTrWl51Y1hyW9sLFqxNCpSAooCiPbsnrVcKQ03EuowLkqSi3KWhosypjibTfPBOgz7GLSbekk58dMholTTZvBL5MfTxq27IfAKfX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd74f9356ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-7.webp | 188.114.97.1 | 200 OK | 610 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-7.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hasheb52e160b8ea5a1e0de8b2453f46d642 4d28311b4ca822a0a74e318c9d1f54def088b509 2e9c67781abf2cfbabb240bfd08ca836658063849f3303b85027203eec1d37c5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-7.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:55 GMT
content-type: image/webp
content-length: 610
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-262"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSte1iPBBNLlFdMEOlXpBsF%2FrUCmY2CU8y2N%2BHq7aX9peE08RXeEHzDLtuVK4PZqBIL0qszraBvUG4BododJHkQi5p%2F27H%2Fn2sbNiLdsPp1fY6aE1Zm6Bd6WVJvcsasz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd74f9956ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-13.webp | 188.114.97.1 | 200 OK | 640 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-13.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash8532ec97225298a9c3ae5e393f62e462 fc26fa010830045fa91a16ac9b8c89c45bb35232 9c45568c99b7782b240341ba6729ecacc59d41a8ced9b9846ca4ac51e50c5320
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-13.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:55 GMT
content-type: image/webp
content-length: 640
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-280"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GidhRH6GQbsp0c3gw59eOPLHtDhxIbYIIoXR9KOCHRojiJnIgrjhDmoGQSs1QQh4xTsZMrVe%2Bb1M1iIdMXREt9Iycc8vSyckBlg8TbOWqesYdbeRpVFG%2F1WAvSwVy5Hu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd75fa956ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-12.webp | 188.114.97.1 | 200 OK | 668 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-12.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashc57b8a772545ee6e05fedb58c143beb1 6cb5aef79f86275a725cfdd406c7038b24d80aa9 03389ef007f0fd3486a5c71848fd2b67cc05341cf449bcdd34a81a1d4048b090
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-12.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:55 GMT
content-type: image/webp
content-length: 668
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-29c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L1G1XBBq9Jjo88yKZV9TFAAcGXsWuGb13xc%2BNcSnQLi2IT9YXMSZQOl6ApDyIvzBwRZ6Jef04XrgFasNHt12HjgtMilPKXKN9x0rTrYK0GSBZoeK2XArHAGOg%2FGnjcui"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd75fa856ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-6.webp | 188.114.97.1 | 200 OK | 462 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-6.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hashdfb961fdb848e75591268fde9c186902 2218e96a5c5081f5bef43fda74fd8f0cbb025003 4cf92de9b24fb1484bc1d97880c20589e113b9b1f065df1963e0648f3a38474d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-6.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:55 GMT
content-type: image/webp
content-length: 462
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-1ce"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUp0fCMWIKc0TzOW%2FwTq%2FaFB%2FvuEZNB80CddD6BvPnLW5soevpTfCyttd%2F8UUNVE8S8%2BP%2BKJ7hwKZ6p6scrDrgck9wgtdF1Zb0iDt0YPEWnmbjopTA1diQPfTzL9PhTs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd74f9556ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-8.webp | 188.114.97.1 | 200 OK | 696 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-8.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash6a6742fef0cd1bd74f6da94e9fb833e1 ccaae2ff48574bbb04072b2efc5864b9177017a5 96bf5ed5aa8149269a215cf19a17889c762b8cddb2fe36229849c8379c2d4aa6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-8.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:55 GMT
content-type: image/webp
content-length: 696
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-2b8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4hSAEicy8YFQSqJLWxfhCYPcCPxt%2F8x0nDk4Dw3cNjuzH2hi5KimywWYAAay6WMtJuW8a%2BYNNhLfYTKAUAP%2F%2BZ44c1oeBV47zDusCLqgrwswZW5JsVi1ES%2BDVvjFjWar"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd74f9c56ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-11.webp | 188.114.97.1 | 200 OK | 502 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-11.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash7ec874233fc75e1ec8df712b7ebbd7d2 cc219fb2b7e6057a8303283023dd1aa09a082455 9bb6b14a5a503d3c52bc6fc2e7c236a90e7971ceb41cb99e5245fcfc39ef328b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-11.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:55 GMT
content-type: image/webp
content-length: 502
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-1f6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7O5RLIes2dz%2BAFsAQ3xqtn0nUZfOKpRlrfwLtKbKv%2BD%2FwVBnyYOojV4OMyomPcJG2VD2KoQoy7LHSwDTea%2BaiuPM3ku5NhE%2BGhYX0NB9V%2BSNh%2Fyt6bA%2BujUp9p2U8AC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd75fa356ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://gaunegeet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 03:12:55 GMT
content-length: 0
access-control-allow-origin: https://gaunegeet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=7c9cb671-b25f-4840-8509-6ae3a7583a09 | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=7c9cb671-b25f-4840-8509-6ae3a7583a09 IP139.45.195.253:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=7c9cb671-b25f-4840-8509-6ae3a7583a09 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1347
Origin: https://gaunegeet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 04 May 2024 03:12:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://gaunegeet.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1544
Origin: https://gaunegeet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 03:12:55 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 76bdaeb580b36e462d9e67fb81355501
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gaunegeet.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gaunegeet.com/favicon.ico | 188.114.97.1 | 200 OK | 7.3 kB |
URL GET HTTP/3gaunegeet.com/favicon.ico IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hash668ba1a9fa1890ba16cb8adc28d3dad8 5e35223b2541265114eaf61b9da2556c812fea17 7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:55 GMT
content-type: image/x-icon
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-47e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tIKyWinTnC1H4nTGxOyW80X1cVrRy3NQsuuJJikgQsYCBqT82jYOhKy%2F1LPfGZQZRJd3jhes1ljmZgUjbM2cEFKNIfNSn7Ag2rGqbQpaTdzDgb0XEIBwKepF2LSmmyYu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd8681956ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 | 139.45.195.8 | | 43 B |
URL my.rtmark.net/img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 IP139.45.195.8:0
File typeGIF image data, version 89a, 1 x 1 Hashb4491705564909da7f9eaf749dbbfbb1 279315d507855c6a4351e1e2c2f39dd9cd2fccd8 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=sync&partner=37faba736e092fd0fbd4bb09c7ac1e23053143b486f9f8503431b4ff9f42fc60 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Cookie: ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 03:13:17 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: null
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=xbor873cc26bktd67wyh9g0inhdb0rwg; expires=Sun, 04 May 2025 03:13:17 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gaunegeet.com/js/config/comments/en-sweep.json | 188.114.97.1 | 200 OK | 4.9 kB |
URL GET HTTP/3gaunegeet.com/js/config/comments/en-sweep.json IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeASCII text, with very long lines (5602), with no line terminators Hashe365b2a50ff785aa57118984ebc86b5d 0cf187164eaa42ff7e244ba653bbde659feaa5bc 3094a84e8e909474fae4e0db6685d9b407d4493efd9389efe35caf326c95a6f0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/comments/en-sweep.json HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-12f9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0aHqDlme43AIWlWH7sJx2U8qrRm0UMqyuCdAwfR1oLIu%2FiFfiTSf0sRE3CoEhMr3HHCwXtvBe%2B9BXWrhmRizfgaOOYDoCfHcdq7q9IN86qr8h%2Bn%2BVIo1Rp8RwvbJ1s2G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd52e9156ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/SurveyContainer.e2959212.js | 188.114.97.1 | 200 OK | 57 kB |
URL GET HTTP/3gaunegeet.com/js/SurveyContainer.e2959212.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (57003) Hash1716bf0d79004adf0eb2cdcd64159891 67852b096bcc8817fb0b9b98abf264e40a59310c 56cd17eb9def743ef4bc4909a6eacb77266b749181cfcaec4d478336b1c6ff21
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/SurveyContainer.e2959212.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-defd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcRL6sD72qbnqPPVcPgblGNePnCVuY4v9p6h2tbprq25H8i%2B9ZdJ1u9iTYECi5OSSG9A5%2B69Ig7Fc3lEFws6sz2DgBLVjGtVTZq1XQDRvgjowOrKj5NzDcm2I9%2BAw3be"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd56eb456ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-react-dom.production.min.js.c3329619.js | 188.114.97.1 | 200 OK | 129 kB |
URL GET HTTP/3gaunegeet.com/js/v-react-dom.production.min.js.c3329619.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65440) Size129 kB (129359 bytes) Hashf5e47be85ac64238a6511377c99bef6b 14202f5ec5092ffcb622a84db5877f1c99493b4c 198b63ec93086fb7042c6052dc6558626c506852de0903547cd1b2d52780839e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-react-dom.production.min.js.c3329619.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-1f94f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nE5xvxmJHrFMWRVPdOo4un9N7ePbX4CuAaf6jwIG4%2Bx3azpVNA7MQFjWYGJEsfLqt%2FKgsxtfBAmMsKCsJ94%2F5vyuV81RhC%2BbvYzcRnVNjFA8C5QedPcxAswYk6qeVHAX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31d9f56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/sweep/tokens10k.png | 188.114.97.1 | 200 OK | 82 kB |
URL GET HTTP/3gaunegeet.com/img/sweep/tokens10k.png IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typePNG image data, 480 x 500, 8-bit colormap, non-interlaced Hash10337a4976db716ba3b8cad1f0f1f736 788015c74e561249cc5318fc178e564b68bce44d fef211dba7465da86e75019f78dcdf59af496394963b0bc6cc78b02286effe58
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/sweep/tokens10k.png HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: image/png
content-length: 82163
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-140f3"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1HlMTf%2BxdBeXHbUHBpnSZU0Q3m7asysX1I97EaHDl3K%2BN2KeRmPxBm%2BQaVII5wy0Ee%2Fp1dGKLYXey9fRZwJH25JXDz2PkRAc24xp53HRpeY33jvJQKHfpPy2PgoaPONt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd5fee756ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-possibleStandardNamesOptimized.js.205abacb.js | 188.114.97.1 | 200 OK | 7.6 kB |
URL GET HTTP/3gaunegeet.com/js/v-possibleStandardNamesOptimized.js.205abacb.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeASCII text, with very long lines (7923), with no line terminators Hashf80cb2aef29b4a80d135d1a598ce1dfa 0653306df1fd8d8591f84661643825e41684d3f6 43c16ae11cea687efa4ca55dec516b23257c3fcb22c9d3541041f1816aaa7b5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-possibleStandardNamesOptimized.js.205abacb.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-1d99"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zG9TD7bdNxXCfN8Ti3NbxBPqnRlBm5%2BbnWOQNkeqdZ4tM4Io0hDKRvCd8QZShwqNTlxd067L%2Fow0qHBQsOsHenZfrcTy84TTkR%2FN7MBesZZALVptTGv%2F%2BEVnz0hlJrxm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd54e9c56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-attributes-to-props.js.a2e7cd04.js | 188.114.97.1 | 200 OK | 702 B |
URL GET HTTP/3gaunegeet.com/js/v-attributes-to-props.js.a2e7cd04.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeASCII text, with very long lines (718), with no line terminators Hash4f868b7a0330d32e1450766a54886355 4b5952301185e7b02e2cdcba80f4aea3de700c47 2435c4b396d0b35fca9f618a201479cdcd64e84d43a386eec071a4082d7a781f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-attributes-to-props.js.a2e7cd04.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-2be"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5PBawAXBpuK8%2BGuKJyUR35aRBScQldoUKGCIPrj49ES6m%2Fk0CEqxE4EY2hqSR%2Bs4gSngH1A3Qcn2OXKNoT0tw1XEAEgoKLS2XPW%2FCARbFH2wUOJNrvPIeoVbyBWulKPd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd55ea356ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-html-to-dom.js.ff1ae7e0.js | 188.114.97.1 | 200 OK | 364 B |
URL GET HTTP/3gaunegeet.com/js/v-html-to-dom.js.ff1ae7e0.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (373), with no line terminators Hash57f543d4f79657dc92755e2f2031da65 4884f924743049d7812b58958633a40f65e159b5 0fcc39a4a2b765b1ed92a6093fe6dc70e0a886914746f5af6fda6e3d1dc7417d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-html-to-dom.js.ff1ae7e0.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-16c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ga9eLqeSX%2Ft2w8nTcyDna5m2xxLPzBET%2B19Gn3c5k9QKau2Hsly08yrcnT9Ps7EeR%2FOrEldz30e454wNbgrQmgwprAvyr1lBjn5UwZdbzbhcO%2FjGRJookELZuprGeDCx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd55ea756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-index.js.da9f7529.js | 188.114.97.1 | 200 OK | 41 kB |
URL GET HTTP/3gaunegeet.com/js/v-index.js.da9f7529.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (40911) Hashf0c16b073e12930f7cbd321dd6f8f9b9 af74daaab1c8cb17152c3352d40ab89afea0b29d 9058ace69791e8a1eb5f9849c20a6dcd6e0f9018696ed0e563c3da7082aec861
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-index.js.da9f7529.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-a01c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UihrZfPcCs2IflX3jGC1Y0T3EiT0W2qYB5IvXJ0GnXrJihTni8MyMk1jRjGQL3YV51B8Tu14CUFtGF1YXgzi%2FiCgouGCeI%2FpplNE%2FOQ01A7IIMx51kh1OgFwahyVW%2Fg1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd30d9356ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/css/_core-survey.d3ac2ee0.css | 188.114.97.1 | 200 OK | 84 B |
URL GET HTTP/3gaunegeet.com/css/_core-survey.d3ac2ee0.css IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeASCII text, with no line terminators Hash6a5389a102082103af302d75143e0dee 973aca6dfe59e2ffa6c60e28c38990c1eab24480 bbe86a1b8677d7959eb23b92c572e154a0067ad5263844e40f95d018857630fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/_core-survey.d3ac2ee0.css HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-54"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vYcH6VQ7Cjb3StBaKoJ61xipKg90i09DS8%2BKqJWLbXrhdBWa%2Feirh1eBvQfcW4SfZLGcsDY4%2BSqqBl5P5CO54BKYu6Tk79kzdUlE8cOmSz8NfkvTq1omXt08NMOcvV7w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31da556ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/sweeps-survey.html | 188.114.97.1 | 200 OK | 7.9 kB |
URL User Request GET HTTP/2gaunegeet.com/sweeps-survey.html IP188.114.97.1:443
CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeHTML document, ASCII text, with very long lines (8134), with no line terminators Hashf99d54c9ee3865f982d1099bdc61155f 83955028f7a58acbd0a2199f79ae501d6d3afa56 d122da6bad371a70444aede6db6ac774d49b2f913ef0c9b83a68dc38dfb48379
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sweeps-survey.html HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 03:12:53 GMT
content-type: text/html
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lQC%2FHKIjCpE7uIv3xdNOEfTsvOFu9fEcTgGb7Ox69UxTknieuvSn%2FMdnOXVR5osQ9k4UWJxpohWtOnSj1U3OJ%2BSVVewQ7IDLVpQIJrvsFVCgDgmsoBCsk4A9p9rXA5P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd0ddcbb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gaunegeet.com/js/s-checkSessionStorageAvailable.ts.e8412d91.js | 188.114.97.1 | 200 OK | 330 B |
URL GET HTTP/3gaunegeet.com/js/s-checkSessionStorageAvailable.ts.e8412d91.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (338), with no line terminators Hash6eb1ccbb769935debb74de9858287720 5302f94074f05eb22f05368dfe3464b85c89fb48 1e016cce8f09ded837e6e46c9e26d5dddccc19bbfa89c9dc583c04d85e2c7bb4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/s-checkSessionStorageAvailable.ts.e8412d91.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-14a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bKVXfEeKGQcYFuWWDpmv7oZlJ5I0COr%2Fq1jW54SXoTxGywpS0UhtoVLruot4Iuk%2FJiUExl9EFz4%2BwoesHO07OQ6LEqcX05RWg88kZk82UjJQORcpiCpYk3Crf4N5mitt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31d9556ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-node.js.28d8082c.js | 188.114.97.1 | 200 OK | 6.3 kB |
URL GET HTTP/3gaunegeet.com/js/v-node.js.28d8082c.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (6337), with no line terminators Hashb11cf8c1d8d8183e4d11a8f17a41189c 2f912e66ec3992d21e66e7c8e4ff40a2142a4d64 9e69f7af4cfb7fa8b5eb0d67ed8a36f5d23c276ba29b7209565faefab84b71ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-node.js.28d8082c.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-186b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mjySdOZgXF2MWBQ%2B32xxrDVyUCSM6ZGN3mEOBwG4x2sJcILNQZWLOa%2Fi1XpXSCmC6z22YAWiB1Cls6GuH4qqj%2BHCEQ5tkavBeiP9jmZc9vy0HSBn0KJ02x5vTl%2FU2eRD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd54e9b56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/_rtc.f86a36d7.js | 188.114.97.1 | 200 OK | 12 kB |
URL GET HTTP/3gaunegeet.com/js/_rtc.f86a36d7.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (12222), with no line terminators Hash128d6eec0793a7e02c314d2f6245f260 c9f09311c3f229b770f38d0cc69b422430f1c748 bf1606ac64db254cc565a094e7162a96f31f7e48ddece56fc92c654559e5abb8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_rtc.f86a36d7.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-2fbe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ceT%2BTcOS9csf%2FZpLIDtGp8vI%2BzGQ8bWNL%2BQljad0CdkDNbxaaL9RVnS7j2FOD%2FB4wpD9x8oL7kD0rTyg5nzVrcpUABO8wUvbr2Wt8501e3Zw7jCDpy1tzxDY2hNBi3B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd30d9256ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/s-checkLocalStorageAvailable.ts.f2fef93d.js | 188.114.97.1 | 200 OK | 330 B |
URL GET HTTP/3gaunegeet.com/js/s-checkLocalStorageAvailable.ts.f2fef93d.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (338), with no line terminators Hash9a78659da737fccc89546e61f0eb6213 84e705584bdbc81715e0326742f426c2f472d3a9 bb46fe2e65cc91e5a01a8e731754fdc9b8f30813835a673bd96b48672ac82d60
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/s-checkLocalStorageAvailable.ts.f2fef93d.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-14a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0IIPT5uXaVWfXVa9e3k4%2BgxrK3pL9Wyvccz98Vbi4bEaqHylPp50YY9HotjSCBbbOnHsCLprhrP2JE6GME1TB8WX%2FI73Pq5zowzxqaszHoL1%2BnLsEJE26qHVBf1AOwZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31d9756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/sweeps-survey.724f05c4.js | 188.114.97.1 | 200 OK | 5.8 kB |
URL GET HTTP/3gaunegeet.com/js/sweeps-survey.724f05c4.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (6111), with no line terminators Hash8f7b854a31f40bf9be7af8ea81b5f176 bd2ea265c24d6147930a142b34527dcb4d55879e 0f7d320f1c7de2e4777cf2a8c99fb464188c4d196fb82c640f6d1b3d6f592cce
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/sweeps-survey.724f05c4.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-16d0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h2%2FYEsaqMtSYdM57%2Bf3k1%2FopEzNBA%2B00LOAIwsAOjELxjy%2FXg8oXBZwGMexWOWpEKVvs0OS9x4IIifMbwwH5DPG0f2xcFkFYpvNAnWUaPkpwbAk7XnhuOg%2F8bYEc0PS0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31da456ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=xbor873cc26bktd67wyh9g0inhdb0rwg | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=xbor873cc26bktd67wyh9g0inhdb0rwg IP139.45.195.8:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash01ef84ee2f2bf53c63facec466a20ad7 f18488bc5ff0e3b3a653cc685fb60c826f14f3e7 5b41c2b4f3ba1b0ca32e33f65b2a2b8bcdb04aad1472358927e8ca2e3fbadf86
GET /gid.js?userId=xbor873cc26bktd67wyh9g0inhdb0rwg HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gaunegeet.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://gaunegeet.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=xbor873cc26bktd67wyh9g0inhdb0rwg; expires=Sun, 04 May 2025 03:12:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gaunegeet.com/js/config/dict/cookie-consent-1.json?v=10 | 188.114.97.1 | 200 OK | 6.8 kB |
URL GET HTTP/3gaunegeet.com/js/config/dict/cookie-consent-1.json?v=10 IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (6009), with no line terminators Hash4b2ff958e811a50d2f641818590b443d 6abae297812bb55fad869e953e7fdf7469cbe1ae 9c77a5f3d0028d9ba122ed15728ee7b144619431f8302503a19c5785ddaa06b8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/json
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4vh5XJXl8YZe1T7qwqcDLGNDWzKL2UuimTnpBvQzw8nRoZCe8KrADvvtQQx4k4dLt4VPVwa9D71j5Q5LFvQwExp1YkzjT4EV1MzTKzfmuDuXxB0qsO9ZxoZoWYGG6%2BMn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd4ee7956ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/css/SweepHeader.8e7220ee.css | 188.114.97.1 | 200 OK | 370 B |
URL GET HTTP/3gaunegeet.com/css/SweepHeader.8e7220ee.css IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeASCII text, with very long lines (371), with no line terminators Hash8886cb494486485bba50c48555e00391 e60d061452ad5c8d5a4a09e83591fc959d74eba3 def39210897ee7d5f49afef630fe6eaac980a81d905d2fd4785df53efb12b4f1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/SweepHeader.8e7220ee.css HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: text/css
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: W/"662b7650-172"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kbEzNLPlQXeHDOKVvyh8AUJ1FhtESzl5aAYS3KsFM7l2AKFU1V9S5ttrC8ciIYukWceNIlX4qkWk8IA3Z%2BWms8X6KJb%2FPmEfb1TaQiJvJpKDDcRG5TLZxAs0e0%2F%2B06SG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd53e9456ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/img/comments/person-sweep-3.webp | 188.114.97.1 | 200 OK | 582 B |
URL GET HTTP/3gaunegeet.com/img/comments/person-sweep-3.webp IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 50x50, Scaling: [none]x[none], YUV color, decoders should clamp Hash8347ebfbfa18beba17d356a3dbacb100 f1d66a05e07953cea27fe277e72a495a8e3de2e7 318e494a7bcf7cb28173e54feebeb44ba93b4c17a423c7036d2fcac40e4db6cd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/person-sweep-3.webp HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=xbor873cc26bktd67wyh9g0inhdb0rwg; syncedCookie=true; oaidts=1714792374; ID=xbor873cc26bktd67wyh9g0inhdb0rwg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: image/webp
content-length: 582
last-modified: Fri, 26 Apr 2024 09:39:28 GMT
vary: Accept-Encoding
etag: "662b7650-246"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4d7GZm8Ioys951hhuABrsBxHwHyc4hyMFW3GnnpqF2D6%2FekMAGKlWCbQsyJZhd7e3cgnJk2IfevLw4iG5SYZrJmusrbhYT0JhjaXbqcbh0eBfbwqOlwYN62QQBnKcMP0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd73f8656ae-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-redux-toolkit.esm.js.fe3487ca.js | 188.114.97.1 | 200 OK | 11 kB |
URL GET HTTP/3gaunegeet.com/js/v-redux-toolkit.esm.js.fe3487ca.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (11319), with no line terminators Hash5aa3676547abc9a38889c09e69ca968d d19ea919192e86f97c34c0a5959ad05c52299aec 21648e7ba668a077e403b6bd1a38f05d55d987737b959d57e3b3c53787107eb7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-redux-toolkit.esm.js.fe3487ca.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-2c37"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cMfz8%2BTH7IsQ%2BvzhM6C7XDoSnd1SUZ%2F30VuDM7BhZKkUF36G8WLnfusW24ssbrzzAhfgX8WpzMU7nsMkS4%2BeLyyWT%2BvKc8OG5sN%2Buw2GJMFYKfZDgoEdMdiRVg9Ve8a8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31d9856ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/_core-survey.1b09882a.js | 188.114.97.1 | 200 OK | 170 kB |
URL GET HTTP/3gaunegeet.com/js/_core-survey.1b09882a.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
Size170 kB (169676 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_core-survey.1b09882a.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-296cc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t56jUMnRmOYaJ5ScxDoswKcCx00VBXBAwNuN9EoILAVFDZPC6qYC%2FbOZIvU5n%2BsI%2FyaPrybuzY2bXQ0mLC50W9sMsaNuqPugRouD79MFufcQPbCGLUBiEJWaBNoGzhyM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31da356ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/_each-land-config.3299fec3.js | 188.114.97.1 | 200 OK | 72 kB |
URL GET HTTP/3gaunegeet.com/js/_each-land-config.3299fec3.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (65452) Hashe50959a36d50199dd1e5357099e71a21 e9bde06c83f10ac6300701792180dc50c298e79b 231a989a44135e73887bfa3a1a56a6205e7e00a00f746976bb4bc0601125ab77
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_each-land-config.3299fec3.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-1196b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0QmzHrJp%2Bne8CmoI3q5thy%2Bcv%2FMyF6veCD327ajrD3PgPsE87CgMQ2Cp4iaq59MOOo98XmBFmHmPbdmXPwLa7%2Fisgu7uWfjtzbeha%2F8V0cNBHxjuAy%2BQCBLvOtmQoZE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd31d9b56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/config/sd/sd-5-en.js?v=10 | 188.114.97.1 | 200 OK | 4.6 kB |
URL GET HTTP/3gaunegeet.com/js/config/sd/sd-5-en.js?v=10 IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeASCII text, with very long lines (4851), with no line terminators Hash8d34af22a6b8218aed82279232b927c5 f1a7743a6e773bf350e626fbe443597dce8647e8 367930856e79c401dd6207a329f77a0f060bd2884598187a2d4a62dfc3018248
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/sd/sd-5-en.js?v=10 HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:29 GMT
vary: Accept-Encoding
etag: W/"662b7651-1216"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uk8k%2FL2ttWQTjWSFdCJqYJsjU52TREWW4KVlcgfY3JykYTi%2FdApj2%2Bhn29DXu59NaixAuvw0O0cLzemqxXZSFEH3adYqSqjRcRX4T0NX7J1OwObbcWAJE3xVcK6Vc78v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd48e2f56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gaunegeet.com/js/v-utilities.js.d1112fc4.js | 188.114.97.1 | 200 OK | 2.6 kB |
URL GET HTTP/3gaunegeet.com/js/v-utilities.js.d1112fc4.js IP188.114.97.1:443
Requested byhttps://gaunegeet.com/sweeps-survey.html CertificateIssuerLet's Encrypt Subjectgaunegeet.com Fingerprint61:85:A9:BE:24:14:37:06:3C:CF:04:9B:92:84:DE:DA:51:C8:0D:62 ValidityFri, 12 Apr 2024 14:58:01 GMT - Thu, 11 Jul 2024 14:58:00 GMT
File typeJavaScript source, ASCII text, with very long lines (2645), with no line terminators Hash3f45699a0edf3555d230727e3e1ba866 f30b9f52153e77b9ce60a30ecb15f36657792908 1b312ac32a5c37ffe1c4bf861a048a76d807155fe494adf5dd356d067367f488
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-utilities.js.d1112fc4.js HTTP/1.1
Host: gaunegeet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 03:12:54 GMT
content-type: application/javascript
last-modified: Fri, 26 Apr 2024 09:39:30 GMT
vary: Accept-Encoding
etag: W/"662b7652-a11"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ajCwV%2BPduCScpMxUPsfjkOp5D5ZrQA6rtYrc61XSK3PtTtjaXqazTfMTSVIP%2FW%2BF9EERao9VLRi7E4zt0gbb6na4aUOrWkHGkjP54aAPsKfF9jlnJTIUOLAHxIpL8%2Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87e54fd54ea056ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|