GET phaubsunsi.com/_next/static/media/person-23.2dcc174b.webp
200 OK 2.7 kB URL GET phaubsunsi.com/_next/static/media/person-23.2dcc174b.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 4746d6a5440c9d2bf1d664cc20728712
6a0c11ef040b9fbba1c6d3817580830ff1c7d241
64b4ba5c7c8318844916c00ed13e9853a4453b9ef1f2c7d49292200e45e69d30
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/person-23.2dcc174b.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 2678
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-a76"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1154
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fb6e960b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
OPTIONS shoalteftuh.net/event
200 OK 0 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80ff3ba2b4ee-OSL
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/chunks/9695121bd9a7fe25-1741188826621-946071a7570e0cdb.js
200 OK 109 kB URL GET phaubsunsi.com/_next/static/chunks/9695121bd9a7fe25-1741188826621-946071a7570e0cdb.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (109045 bytes)
Hash f0cf941f62457cf06c31736327d88bdf
cbfd6e1399241d17a3283d96abae10600ea71e32
ee6528aa1d16ef12fe13a5cbb75dc65d5bb0e1e3315c40aa04c9b6ceba7b9b9a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/9695121bd9a7fe25-1741188826621-946071a7570e0cdb.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:45 GMT
vary: Accept-Encoding
etag: W/"67c870f5-1a9f5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4217
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f45c390b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/3c56943bad654b4d-1741188826621.9a7fc97fdc6c3974.js
200 OK 449 B URL GET phaubsunsi.com/_next/static/chunks/3c56943bad654b4d-1741188826621.9a7fc97fdc6c3974.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (455), with no line terminators
Hash fa05ba44235dbda2b264298db0cc6c79
0af61b59314f2e84e0d57b480a4d520ed5c2cad2
f7666b5ee4bef26bef8ad075329c87253f7448ec4aeb54a1a984c7dd0878424a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/3c56943bad654b4d-1741188826621.9a7fc97fdc6c3974.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f85ac80b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/13c65fd13463b31b-1741188826621.d14fb864611e4790.js
200 OK 445 B URL GET phaubsunsi.com/_next/static/chunks/13c65fd13463b31b-1741188826621.d14fb864611e4790.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (451), with no line terminators
Hash 661d21f3a41e56a53cb44ddb62369251
0f70f2195b6db85f669894fce7c33740b7de1d0f
81fbf2c2174c4f07a9f0a6b4d53b3c6bc0d068e2a92017e52f6727d2ab932228
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/13c65fd13463b31b-1741188826621.d14fb864611e4790.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1bd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f8bb500b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/media/megaphone.ab784acd.webp
200 OK 770 B URL GET phaubsunsi.com/_next/static/media/megaphone.ab784acd.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 66a5e8404b4514c579de67193ceae684
f41725c0b728ace6b8a7a328104ab25ae12eb778
71550ce5c0583f2db91a7644ae869cb122cbc76f5718915e789243d6297d5f89
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/megaphone.ab784acd.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: image/webp
content-length: 770
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-302"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80f5ae250b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/146d76bf3d5fb8b9-1741188826621.10f1a530b815df9e.js
200 OK 473 B URL GET phaubsunsi.com/_next/static/chunks/146d76bf3d5fb8b9-1741188826621.10f1a530b815df9e.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (479), with no line terminators
Hash f86fc3501f2234d05f9f68e2694f8134
2dbd1c47b12f68fe9ebbc0e40398a140f7eb00d5
085e37417994fa7412bb575dcad10375f44069b136aaa4f2c34ac279a1e46f68
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/146d76bf3d5fb8b9-1741188826621.10f1a530b815df9e.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1d9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f738ff0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/5f80e97b59861eae-1741188826621.d796ee7b26b320ae.js
200 OK 485 B URL GET phaubsunsi.com/_next/static/chunks/5f80e97b59861eae-1741188826621.d796ee7b26b320ae.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (491), with no line terminators
Hash dfda463ac50781d113391d36396e4a2b
7d7cfd8b7e8455fc1af3e1423a6ccd3236035e4c
33f6f13e47fccc038f1978972d4a70bd2febf340b05ab713c13e726509e30b49
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/5f80e97b59861eae-1741188826621.d796ee7b26b320ae.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1e5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f84aab0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/03e2b47bcba3c890-1741188826621.b726b27e9fc71bcd.js
200 OK 6.2 kB URL GET phaubsunsi.com/_next/static/chunks/03e2b47bcba3c890-1741188826621.b726b27e9fc71bcd.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (6273), with no line terminators
Hash 183547e910e9d9ed863cf18a814336aa
3832a716f5b6abd51ad86de2ff6a196d9d6d76e2
b61c4c90bda46986828adfc72579122541a3dd73d10249a5bd10f36a2771418e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/03e2b47bcba3c890-1741188826621.b726b27e9fc71bcd.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:38 GMT
vary: Accept-Encoding
etag: W/"67c870ee-1823"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f61eef0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
POST phaubsunsi.com/sync-metrics
200 OK 17 B URL POST phaubsunsi.com/sync-metrics
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 225f751e75610b98f8b287e79370be3a
9e29d2c966fb36f3d233dfb232be6eeeee8f1341
0b19f26f50f17771f6562e4cf8c7bead37ba5aeeeec7cbfaf2576a6647401569
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /sync-metrics HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 511
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 03c32be85c4ec7b91460aa23552b7948
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
priority: u=6,i=?0
server: cloudflare
cf-ray: 91bb80f718b90b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/8fc6f0c1ec74df4d-1741188826621.a6b08a46df5a07d6.js
200 OK 449 B URL GET phaubsunsi.com/_next/static/chunks/8fc6f0c1ec74df4d-1741188826621.a6b08a46df5a07d6.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (455), with no line terminators
Hash 2899abaaca7ebca8137f9956f49255bc
b0299ff2146427d399f3f7d90121bd3cc104299e
3a9d084b7f77f91b4734a6c73a9b57846ee38ef859b90d6e761db6946b78fe24
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/8fc6f0c1ec74df4d-1741188826621.a6b08a46df5a07d6.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f728df0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/media/person-22.cbaa9850.webp
200 OK 3.2 kB URL GET phaubsunsi.com/_next/static/media/person-22.cbaa9850.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 377c84ac3a10263b980eeed8ab2a73f7
ad73fc8367fc194d5e83ea5aa22822268eaf16e4
b9031957e3bd988575ea286e1da3a9dda53e4bcf133acc33fae1176208c48924
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/person-22.cbaa9850.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 3178
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-c6a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fb6e9a0b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
POST shoalteftuh.net/event
200 OK 0 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 461
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80fd6ced56c9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/chunks/2317b809a320dff8-1741188826621.d045a2102aa0b159.js
200 OK 15 kB URL GET phaubsunsi.com/_next/static/chunks/2317b809a320dff8-1741188826621.d045a2102aa0b159.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (15184), with no line terminators
Hash 14e0b9e1d48cb10fd74d9e33f84c356b
bfbc7d86ab058c1494cbb887c2bb04ba6c419b41
b148f7adaa2bea0f0839cb77119ea059165d9519728c6fb4f13884478b26ffa9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/2317b809a320dff8-1741188826621.d045a2102aa0b159.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:39 GMT
vary: Accept-Encoding
etag: W/"67c870ef-3b50"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4335
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f42bf30b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/SBxuFMOQtDce80OblAePN/_ssgManifest.js
200 OK 120 B URL GET phaubsunsi.com/_next/static/SBxuFMOQtDce80OblAePN/_ssgManifest.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type ASCII text, with no line terminators
Hash 7b10cb073fc3ca3fdaccfa110b5cc938
c4ee546a6f5be40a010c40cc5324024617e4a7a4
ce24007874bc6c23d831eb1c13fdf623e33f4a524a88ac6f3b67813942bc95b0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/SBxuFMOQtDce80OblAePN/_ssgManifest.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:38 GMT
vary: Accept-Encoding
etag: W/"67c870ee-78"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4214
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f46c600b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/media/heart.53f2cd83.webp
200 OK 866 B URL GET phaubsunsi.com/_next/static/media/heart.53f2cd83.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 5ccd0e0b546c18b101aee4ddd519981d
9713e1200e35c8c3f682fa792fda89b898cf7aca
b489e2b31ce3037d8e68aa8acb36df8d726f489ea28a0aa2bb107487cf371348
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/heart.53f2cd83.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: image/webp
content-length: 866
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-362"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80f5ae230b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/242ad9848e8ece8a-1741188826621.b1943e20729c92aa.js
200 OK 457 B URL GET phaubsunsi.com/_next/static/chunks/242ad9848e8ece8a-1741188826621.b1943e20729c92aa.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (463), with no line terminators
Hash 4143f6c793bb98263870ac8c849f4970
7ba56dcc28f306b6c41971f84c2eb6f98bf11d00
2562831b622957f9c72ee7c215709c63a5c14ab92260a591f7cb6ebe78726b82
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/242ad9848e8ece8a-1741188826621.b1943e20729c92aa.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1c9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f85ac30b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/38dae10dbd075567-1741188826621.6d500431489e3107.js
200 OK 449 B URL GET phaubsunsi.com/_next/static/chunks/38dae10dbd075567-1741188826621.6d500431489e3107.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (455), with no line terminators
Hash c3909e39f684d50598cd82eebdcaf59b
3e8002d90756209e1df519b7d3cfe4bc675f6e7b
4af3aada23b3341b12e82b280d69a8dc53c525af41fd4122244ed7bde42675dc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/38dae10dbd075567-1741188826621.6d500431489e3107.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f88b070b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
POST shoalteftuh.net/event
200 OK 0 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 463
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80ff481b56c9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
POST shoalteftuh.net/event
200 OK 81 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash e6b32e9311859feaefcd54df31dc6d47
ec698ac0fb468c35c4e118d77f6c82f2fcd902c1
72baaec2b6b3788d10cafb89a2a500c6c97c55f776c83f6782b07419d82c1119
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 539
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb8100298456c9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/chunks/bf7348b0f0f41677-1741188826621.c33e54f82eec272e.js
200 OK 30 kB URL GET phaubsunsi.com/_next/static/chunks/bf7348b0f0f41677-1741188826621.c33e54f82eec272e.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (30026), with no line terminators
Hash e355310f27c8059ff791634ff21732be
52686ba1870e0eae23aadc029bdb631b6262662f
ecef836065811aca160b94c51f6fbe46e7a49944e7a3f919ed44dfdbecadcc29
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/bf7348b0f0f41677-1741188826621.c33e54f82eec272e.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:47 GMT
vary: Accept-Encoding
etag: W/"67c870f7-754a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4164
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f43c0f0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/d7439aca7a8b9941-1741188826621.8c1253f2c9c376e0.js
200 OK 465 B URL GET phaubsunsi.com/_next/static/chunks/d7439aca7a8b9941-1741188826621.8c1253f2c9c376e0.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (471), with no line terminators
Hash 5070444a5a78ee0ece4f94b7160645fa
16c99c4e57dd99a6e8deded831fb6da7eebfa485
aced97608de9880d8279a915c52c7a22772d9abeb88130166f5a5d19ea32e546
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/d7439aca7a8b9941-1741188826621.8c1253f2c9c376e0.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1d1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f7594b0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/e5f78f6f8e725c3d-1741188826621.b91bf7e15b6154bb.js
200 OK 453 B URL GET phaubsunsi.com/_next/static/chunks/e5f78f6f8e725c3d-1741188826621.b91bf7e15b6154bb.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (459), with no line terminators
Hash 33014746e0401d5b543e8023042ee62f
599d33cf6fe6eb0b555145b2af56136cc278e83b
0c0f1e65045edffc1ef8bdda1eea4e92646327fdc3d4b2653f7100cf346edd55
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/e5f78f6f8e725c3d-1741188826621.b91bf7e15b6154bb.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1c5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f80a2e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=8805346&ymid=434_u702706&b=22951561&campaignid=9051085&click_id=921211770555871664&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=shoalteftuh.net&var_2=921211770555871664
200 OK 46 kB URL GET phaubsunsi.com/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=8805346&ymid=434_u702706&b=22951561&campaignid=9051085&click_id=921211770555871664&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=shoalteftuh.net&var_2=921211770555871664
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (46502), with no line terminators
Hash 0f8225a5ef3eb8007c8d38ecfb10bcd4
555a8d9a9ef0b18c231093994e9e2222c150333c
9abc73166d06037dab9ba6bbb952ceb992f31f169862568463483e521ebd60f4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=8805346&ymid=434_u702706&b=22951561&campaignid=9051085&click_id=921211770555871664&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=shoalteftuh.net&var_2=921211770555871664 HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Tue, 04 Mar 2025 11:33:21 GMT
vary: Accept-Encoding
etag: W/"67c6e501-b5a6"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
cf-cache-status: MISS
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f58dfc0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/16642289520928c9-1741188826621.cce7c766f8de695c.js
200 OK 385 B URL GET phaubsunsi.com/_next/static/chunks/16642289520928c9-1741188826621.cce7c766f8de695c.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (391), with no line terminators
Hash 4f4cca3bbbc43c9202524018cf7d8620
d9512e432b82a98e62d5f27d1373d9ff973c002f
0d6847aef607b198a1ee240473114614a93ada5936a1167594481d769f76f6d6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/16642289520928c9-1741188826621.cce7c766f8de695c.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-181"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f728dc0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET cdntechone.com/stattag.js
200 OK 16 kB URL GET cdntechone.com/stattag.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintDC:31:A0:CC:76:0E:5C:E3:45:17:43:52:62:B5:29:18:F1:70:D7:FE
ValidityTue, 11 Feb 2025 05:59:25 GMT - Mon, 12 May 2025 06:58:07 GMT
File type JavaScript source, ASCII text, with very long lines (15840)
Hash 80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4225
etag: W/"668fb2b6-406a"
content-encoding: br
cf-ray: 91bb80f91c3556af-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/media/views.3ac91604.webp
200 OK 1.1 kB URL GET phaubsunsi.com/_next/static/media/views.3ac91604.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash e97abf6f136d9497fc14cb9e72b2c636
51f062d0abe008f75f96ad377deea587d47c381c
b462d5f38bf4519ff8232bcaa8c7e7420ed95c2a5e0d180565013aa7f3437776
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/views.3ac91604.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: image/webp
content-length: 1074
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-432"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80f5ae290b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
OPTIONS shoalteftuh.net/event
200 OK 0 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80fefae8b4ee-OSL
X-Firefox-Spdy: h2
GET set.safesendclub.com/click?pid=434&offer_id=25516&sub2=434_u702706&sub6=67c890d9908ccd0001786759
302 Found 116 kB URL User Request GET set.safesendclub.com/click?pid=434&offer_id=25516&sub2=434_u702706&sub6=67c890d9908ccd0001786759
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerSectigo Limited
Subjectset.safesendclub.com
FingerprintA4:77:4E:04:CB:23:06:EA:00:5A:9B:A2:59:B6:39:34:35:E4:34:10
ValidityThu, 13 Feb 2025 00:00:00 GMT - Fri, 13 Feb 2026 23:59:59 GMT
Size 116 kB (116084 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=434&offer_id=25516&sub2=434_u702706&sub6=67c890d9908ccd0001786759 HTTP/1.1
Host: set.safesendclub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 05 Mar 2025 17:58:49 GMT
content-length: 0
location: https://cumpaubekeeheed.net/link?z=8805346&var=434_u702706&ymid=67c890d9333ff700010c6c21
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=67c890d9333ff700010c6c21; expires=Thu, 05 Mar 2026 17:58:49 GMT; secure; SameSite=None
afoffers={"25516":1741197529}; expires=Thu, 05 Mar 2026 17:58:49 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/chunks/3cacc58ea516fe6f-1741188826621.4d666b3ce7dcd66f.js
200 OK 30 kB URL GET phaubsunsi.com/_next/static/chunks/3cacc58ea516fe6f-1741188826621.4d666b3ce7dcd66f.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (29982), with no line terminators
Hash f6ad5b7a5dfc198984b0f2f9dd8aa9a0
0c3bb432b998f3638fe41081b19ef96b953f88b6
ce950b2111c9e70202bb55f16d2995155499ad9a6c842fa5946367536f130216
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/3cacc58ea516fe6f-1741188826621.4d666b3ce7dcd66f.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:41 GMT
vary: Accept-Encoding
etag: W/"67c870f1-751e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4335
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f42be60b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/e4edbed7db9cae2e-1741188826621.8120f47cfc0fa520.js
200 OK 6.9 kB URL GET phaubsunsi.com/_next/static/chunks/e4edbed7db9cae2e-1741188826621.8120f47cfc0fa520.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (6949), with no line terminators
Hash daa20628c01723a3d9c329640c0ee47b
0d65a5b6f6ecf9d08ca3b15711b8e97cb296123f
bfab7aceba1141891807caf517ddb5ce61c2513411ca734f169294f826d6270c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/e4edbed7db9cae2e-1741188826621.8120f47cfc0fa520.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:49 GMT
vary: Accept-Encoding
etag: W/"67c870f9-1ace"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4164
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f43bf50b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/media/person-25.ac4643c8.webp
200 OK 3.5 kB URL GET phaubsunsi.com/_next/static/media/person-25.ac4643c8.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash deb40bd76e48cd42768b79209e86a3e1
f1c245678ceb1c1b44a22fb00b200df9163f759f
50e6d80fe2e54da55690357d51c6dc8526bada04ec1cbb454ec6d5501170c5d2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/person-25.ac4643c8.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 3542
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-dd6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1154
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fb3e4e0b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
POST shoalteftuh.net/event
200 OK 0 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 464
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80ff380f56c9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
POST shoalteftuh.net/event
200 OK 81 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash d78ef1843665d1c392d94903ee512f00
c6fce5613153a0e7cc5902a33a628c1a3365b10d
f0e0ac4f5cdf1861db4ba51d08c1615410f821c7c21cafea26e19d877504fc1d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 533
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb810089fd56c9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/css/0bc0cde260d08b97.css
200 OK 1.8 kB URL GET phaubsunsi.com/_next/static/css/0bc0cde260d08b97.css
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type ASCII text, with very long lines (1843), with no line terminators
Hash 64b2b4fa42c7d558d735e2cd28ecf88a
03d6da6e55b1201b51689590520da495a9233d67
2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: text/css
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4335
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=2,i=?0
server: cloudflare
cf-ray: 91bb80f42be20b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/c0f3edd3515d9c5f-1741188826621.188d10dcf199966c.js
200 OK 2.2 kB URL GET phaubsunsi.com/_next/static/chunks/c0f3edd3515d9c5f-1741188826621.188d10dcf199966c.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (2276), with no line terminators
Hash 671742ed9aac5da698d38d80a90eb775
999e8bbdb575a3a3909abe0161f08046c7f9e82e
c8eed3e775bb4b273a6d033c9279834cc6e20aed06e2824506140a3c6845884e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/c0f3edd3515d9c5f-1741188826621.188d10dcf199966c.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-891"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4164
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f43c010b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/e349ffdbb65d6c93-1741188826621-660e5b7e2e3b7996.js
200 OK 11 kB URL GET phaubsunsi.com/_next/static/chunks/e349ffdbb65d6c93-1741188826621-660e5b7e2e3b7996.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (10696), with no line terminators
Hash a74e00413e639345f10d6d747a26073c
2ccea9e922104c2196ab706f445065fc5ad80dc1
4a0379bb0dad363ff14fff27cb471060748fe29f7f4986c5cfa64de51926f23b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/e349ffdbb65d6c93-1741188826621-660e5b7e2e3b7996.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:49 GMT
vary: Accept-Encoding
etag: W/"67c870f9-29c8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4217
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f46c500b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/3587430f1831359a-1741188826621-a3f1e71c2487cc92.js
200 OK 42 kB URL GET phaubsunsi.com/_next/static/chunks/3587430f1831359a-1741188826621-a3f1e71c2487cc92.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (41505), with no line terminators
Hash 8016d6e939cd0aa5820b4b7ca9f01e8d
a74b0511504f92cc0b1217f80fbd31ce1f5f5492
45edab3281ab66899d228bef2e286632858ae049c9433d83c76b849afcc1771a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/3587430f1831359a-1741188826621-a3f1e71c2487cc92.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:41 GMT
vary: Accept-Encoding
etag: W/"67c870f1-a221"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4217
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f45c400b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/9f1c06aba0c14c68-1741188826621.ee78737e76521d31.js
200 OK 574 B URL GET phaubsunsi.com/_next/static/chunks/9f1c06aba0c14c68-1741188826621.ee78737e76521d31.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (576), with no line terminators
Hash 1f5c5bca5e2f055b1792b279d63b0579
35feb0cea898bc2a2173c05f10c5c7ca698a4ccf
261d8e4d7686726e007c83864b340e07e4ba81f12bbc6a7267b22449d526ab71
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/9f1c06aba0c14c68-1741188826621.ee78737e76521d31.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:46 GMT
vary: Accept-Encoding
etag: W/"67c870f6-23e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f6a8120b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET my.rtmark.net/gid.js?userId=9sb6zzphudqsjes2w3w2rx390mh5jqji
200 OK 65 B URL GET my.rtmark.net/gid.js?userId=9sb6zzphudqsjes2w3w2rx390mh5jqji
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint03:52:6A:BD:35:83:43:81:AF:25:BB:A3:26:97:D1:78:25:73:A4:C9
ValidityTue, 04 Mar 2025 10:39:32 GMT - Mon, 02 Jun 2025 11:39:29 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 8e7df77199dc73533b50419253a9e83d
6b721babb736676afdb91d46dd1293fcf47fd9cb
acf6a870a45bd875822d5104b7b28cb755ed5de6657e05f9434df70788cc537f
GET /gid.js?userId=9sb6zzphudqsjes2w3w2rx390mh5jqji HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=9sb6zzphudqsjes2w3w2rx390mh5jqji; expires=Thu, 05 Mar 2026 17:58:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80f718a97127-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/chunks/87d4f301da90027c-1741188826621.6c924336fe91d465.js
200 OK 469 B URL GET phaubsunsi.com/_next/static/chunks/87d4f301da90027c-1741188826621.6c924336fe91d465.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (475), with no line terminators
Hash a076bf21751bc141e97406fbb584fac5
8064e789e206492b6038a0ee3756f6c2d384df7b
9ae20e9dcbb6a5533157562cd1834a3d304dcd6b77d3788b113ad86ad9daafe5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/87d4f301da90027c-1741188826621.6c924336fe91d465.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1d5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f88b170b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/media/confetti-1.7ba08d11.webp
200 OK 12 kB URL GET phaubsunsi.com/_next/static/media/confetti-1.7ba08d11.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash eb224b5a86e8c9f478bd6f2a8c3c53ac
0bdc5a91bb1c87fe55b023ee6cef886edb64967e
e910f36c92776b4e4a415316307a6cbb4d4f039bb8d66dd094c7b90d76f6fa1c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/confetti-1.7ba08d11.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 11774
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-2dfe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fa9d930b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/81e2e5c30e8af1ae-1741188826621.1347f88c113f97c5.js
200 OK 25 kB URL GET phaubsunsi.com/_next/static/chunks/81e2e5c30e8af1ae-1741188826621.1347f88c113f97c5.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/81e2e5c30e8af1ae-1741188826621.1347f88c113f97c5.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:44 GMT
vary: Accept-Encoding
etag: W/"67c870f4-605d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4335
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f42beb0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/8a7d810c6e1be66c-1741188826621.b4e3489aaa830908.js
200 OK 4.9 kB URL GET phaubsunsi.com/_next/static/chunks/8a7d810c6e1be66c-1741188826621.b4e3489aaa830908.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (5169), with no line terminators
Hash e8ef03c1ba9d9af8f9a08aefbc566661
094eeea65bc66afa1f141e7c46edbf1641845d75
216dd62b6acc3ec38a3a97d6d008ac12463c1104f32a93d9aa3bfcdc9b65edf9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/8a7d810c6e1be66c-1741188826621.b4e3489aaa830908.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1353"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4164
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f44c1d0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/1c02c3e681ea9f6d-1741188826621-ebf163de3da5e125.js
200 OK 27 kB URL GET phaubsunsi.com/_next/static/chunks/1c02c3e681ea9f6d-1741188826621-ebf163de3da5e125.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (26652), with no line terminators
Hash 13e53dcb0fdd948fbae71fc9917d49fb
4675d37e2bf9648c797ae16186ac79d657152030
267cc8e20007a5dbeaf155c721cdbe4a2d49b003719fc9fc4b73cc738a54a5f3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/1c02c3e681ea9f6d-1741188826621-ebf163de3da5e125.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:39 GMT
vary: Accept-Encoding
etag: W/"67c870ef-681c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4217
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f45c330b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/6d79ccd3b608095e-1741188826621.becb6280ad7b6c58.js
200 OK 6.1 kB URL GET phaubsunsi.com/_next/static/chunks/6d79ccd3b608095e-1741188826621.becb6280ad7b6c58.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (6238), with no line terminators
Hash 26175787038d9ccf2e640590d87a4514
107618c3d5d1014c72e0791fb62c1b25902cc029
3379e8363345f9b02a6e05c3b9629620390fa671dd5349017417d1da6c6b3cec
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/6d79ccd3b608095e-1741188826621.becb6280ad7b6c58.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:43 GMT
vary: Accept-Encoding
etag: W/"67c870f3-17fc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f63f1d0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/d6bae2fb8d6a34c3-1741188826621.c0db0e3a6b59783d.js
200 OK 457 B URL GET phaubsunsi.com/_next/static/chunks/d6bae2fb8d6a34c3-1741188826621.c0db0e3a6b59783d.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (463), with no line terminators
Hash b78106ee1be6d0d8070e800b49763a13
40e4d16723a86d128d23bb87cdb322a33482df4f
1bd2926c524c586552e6e35f6df241b7dfbc8889664a73aea410cdeb00f5a191
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/d6bae2fb8d6a34c3-1741188826621.c0db0e3a6b59783d.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1c9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f7fa180b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/media/person-30.5b232ba9.webp
200 OK 3.8 kB URL GET phaubsunsi.com/_next/static/media/person-30.5b232ba9.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 994b3a71a57969afe8d521fd99a21516
b1514932a55c1f324b7fb7796ed129af08d3e419
b5b6aded70b2da4c2e3a2245b6540765e9b9e89f425051523a060d1a6da4f28a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/person-30.5b232ba9.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 3816
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-ee8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fb6e9f0b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
OPTIONS shoalteftuh.net/event
200 OK 0 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80fdb859b4ee-OSL
X-Firefox-Spdy: h2
GET app.fast2cloud.com/sl?id=66fda0ddbb23f2139d89e989&pid=2&sub2=u702706&sub3=&sub4=&sub5=s1EqUeQMSXnmJ6CNTyRJidS7&sub6=&sub7=rfsmrturl.co&sub8=rdsmrturl.co&sub15=&sub14=663&sub13=trafficback
302 Found 116 kB URL User Request GET app.fast2cloud.com/sl?id=66fda0ddbb23f2139d89e989&pid=2&sub2=u702706&sub3=&sub4=&sub5=s1EqUeQMSXnmJ6CNTyRJidS7&sub6=&sub7=rfsmrturl.co&sub8=rdsmrturl.co&sub15=&sub14=663&sub13=trafficback
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerSectigo Limited
Subjectfast2cloud.com
FingerprintA7:FC:AE:15:53:D5:31:EA:48:75:4D:A5:1D:A0:81:00:51:89:8B:98
ValidityMon, 10 Feb 2025 00:00:00 GMT - Tue, 10 Feb 2026 23:59:59 GMT
Size 116 kB (116084 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sl?id=66fda0ddbb23f2139d89e989&pid=2&sub2=u702706&sub3=&sub4=&sub5=s1EqUeQMSXnmJ6CNTyRJidS7&sub6=&sub7=rfsmrturl.co&sub8=rdsmrturl.co&sub15=&sub14=663&sub13=trafficback HTTP/1.1
Host: app.fast2cloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 05 Mar 2025 17:58:49 GMT
content-length: 0
location: https://set.safesendclub.com/click?pid=434&offer_id=25516&sub2=434_u702706&sub6=67c890d9908ccd0001786759
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=67c890d9908ccd0001786759; expires=Thu, 05 Mar 2026 17:58:49 GMT; secure; SameSite=None
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET cumpaubekeeheed.net/link?z=8805346&var=434_u702706&ymid=67c890d9333ff700010c6c21
302 Found 116 kB URL User Request GET cumpaubekeeheed.net/link?z=8805346&var=434_u702706&ymid=67c890d9333ff700010c6c21
IP
Certificate IssuerGoogle Trust Services
Subjectcumpaubekeeheed.net
FingerprintA9:9B:CC:7B:13:73:3F:87:00:1D:4E:FA:81:B7:F6:A2:A1:92:FA:29
ValidityFri, 31 Jan 2025 09:33:17 GMT - Thu, 01 May 2025 10:33:11 GMT
Size 116 kB (116084 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /link?z=8805346&var=434_u702706&ymid=67c890d9333ff700010c6c21 HTTP/1.1
Host: cumpaubekeeheed.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Wed, 05 Mar 2025 17:58:49 GMT
content-length: 0
location: https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
link: <https://phaubsunsi.com>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=048183cdceee4826fbde8af41fbdda8e; expires=Thu, 05 Mar 2026 17:58:49 GMT
oaidts=1741197529; expires=Thu, 05 Mar 2026 17:58:49 GMT
OXCCLK=9051085.1; expires=Thu, 05 Mar 2026 17:58:49 GMT
allcnt=1; expires=Thu, 05 Mar 2026 17:58:49 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80efea59569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
200 OK 116 kB URL User Request GET phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
IP
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
Size 116 kB (116084 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:49 GMT
content-type: text/html
cf-ray: 91bb80f10daf56a3-OSL
cf-cache-status: HIT
age: 6
cache-control: public, max-age=3600
expires: Wed, 05 Mar 2025 18:58:49 GMT
last-modified: Wed, 05 Mar 2025 15:40:32 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
OPTIONS shoalteftuh.net/event
200 OK 0 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
OPTIONS /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb81002db9b4ee-OSL
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/chunks/4a836005f8bcf7a4-1741188826621.fff493d2a43c55d5.js
200 OK 453 B URL GET phaubsunsi.com/_next/static/chunks/4a836005f8bcf7a4-1741188826621.fff493d2a43c55d5.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (459), with no line terminators
Hash 4ee9a52fa5b221544de592b9b9658c44
36a90b9107106989de9b10c9aec69c1d50d055de
adb8d405568e5be15d68e01bd893732448cfc5e1aa1c047257d6b8258e556a90
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/4a836005f8bcf7a4-1741188826621.fff493d2a43c55d5.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1c5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f88b0e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
POST shoalteftuh.net/event
200 OK 81 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6894d1dfbb8a7b870405387da26049c9
6fde9bafcdb3e381ec9c83ebffb63625c531634c
a1da0d9ce32eb4412112fc85bee5de7189716deb4cb3ae232bf4b616cb454824
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 535
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80ff582e56c9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdntechone.com/stattag.js
200 OK 16 kB URL GET cdntechone.com/stattag.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintDC:31:A0:CC:76:0E:5C:E3:45:17:43:52:62:B5:29:18:F1:70:D7:FE
ValidityTue, 11 Feb 2025 05:59:25 GMT - Mon, 12 May 2025 06:58:07 GMT
File type JavaScript source, ASCII text, with very long lines (15840)
Hash 80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4226
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yclpjENyUlmO6KtMWv34y3mIPqXMnmQpEgtibk1xegm2pRriAwqzjMzqjUTyvTtewGMVGlVqpfymxT72FgjrDFd57%2BetBMLGlwtD676tcWLbidPgezFV3mqgrM20GKHG7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91bb81021a9ab500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4285&min_rtt=3602&rtt_var=1838&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4212&recv_bytes=1255&delivery_rate=164863&cwnd=12000&unsent_bytes=0&cid=64b5bf72efac45f9&ts=1431&x=1", cfExtPri, cfHdrFlush;dur=0
GET app.fast2cloud.com/click?pid=2&offer_id=663&sub2=u702706&sub5=s1EqUeQMSXnmJ6CNTyRJidS7&sub7=rfsmrturl.co&sub8=rdsmrturl.co
302 Found 116 kB URL User Request GET app.fast2cloud.com/click?pid=2&offer_id=663&sub2=u702706&sub5=s1EqUeQMSXnmJ6CNTyRJidS7&sub7=rfsmrturl.co&sub8=rdsmrturl.co
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
Certificate IssuerSectigo Limited
Subjectfast2cloud.com
FingerprintA7:FC:AE:15:53:D5:31:EA:48:75:4D:A5:1D:A0:81:00:51:89:8B:98
ValidityMon, 10 Feb 2025 00:00:00 GMT - Tue, 10 Feb 2026 23:59:59 GMT
Size 116 kB (116084 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=2&offer_id=663&sub2=u702706&sub5=s1EqUeQMSXnmJ6CNTyRJidS7&sub7=rfsmrturl.co&sub8=rdsmrturl.co HTTP/1.1
Host: app.fast2cloud.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 05 Mar 2025 17:58:49 GMT
content-length: 0
location: https://app.fast2cloud.com/sl?id=66fda0ddbb23f2139d89e989&pid=2&sub2=u702706&sub3=&sub4=&sub5=s1EqUeQMSXnmJ6CNTyRJidS7&sub6=&sub7=rfsmrturl.co&sub8=rdsmrturl.co&sub15=&sub14=663&sub13=trafficback
x-adjust-use-original-forwarded-for: 1
access-control-allow-origin: *
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/chunks/c360d44ead919d7f-1741188826621.8e64f8e332b18007.js
200 OK 5.7 kB URL GET phaubsunsi.com/_next/static/chunks/c360d44ead919d7f-1741188826621.8e64f8e332b18007.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (5852), with no line terminators
Hash 02b0b02eee2c7bff2db3746d69069ae2
e9813188a3c66050555aa6a96e9dd04482b346d4
83955c2edeab43f1764c82908120a4a36c61e62a88a74e7ed6caf3587eaa54e0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/c360d44ead919d7f-1741188826621.8e64f8e332b18007.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:47 GMT
vary: Accept-Encoding
etag: W/"67c870f7-1620"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4164
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f45c2f0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/6c6f40314822b7bc-1741188826621.4efce0441b8579a1.js
200 OK 3.4 kB URL GET phaubsunsi.com/_next/static/chunks/6c6f40314822b7bc-1741188826621.4efce0441b8579a1.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (3545), with no line terminators
Hash 388170b8a956ca09e3d2840fee805a2b
37c1e70206b0433ad9d8aba17b2f59f8ba928c1a
44284f63a7924f7e4300c0a1fd15ade737156b31603d7d2b70e2171f62df3eca
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/6c6f40314822b7bc-1741188826621.4efce0441b8579a1.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-d72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f67fba0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/sw-check-permissions/universal.js?var=8805346&ymid=434_u702706&zoneId=8565771&tg=1
200 OK 1.2 kB URL GET phaubsunsi.com/sw-check-permissions/universal.js?var=8805346&ymid=434_u702706&zoneId=8565771&tg=1
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type ASCII text, with very long lines (1194), with no line terminators
Hash 1ebe5996321bd979d17c67f96d2a7cb7
67d8601f8dbc0aed55273222d54c3cf43c48c8e9
7a8a55b64174336827b0953bdf62c46bc13efff5fb72620728556bbc4a886f45
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sw-check-permissions/universal.js?var=8805346&ymid=434_u702706&zoneId=8565771&tg=1 HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:38 GMT
vary: Accept-Encoding
etag: W/"67c870ee-494"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5053
expires: Wed, 05 Mar 2025 18:58:52 GMT
cache-control: public, max-age=3600
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80ff5c460b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/9c0646d75b632435-1741188826621-a6dd55b799679bfe.js
200 OK 29 kB URL GET phaubsunsi.com/_next/static/chunks/9c0646d75b632435-1741188826621-a6dd55b799679bfe.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (28638), with no line terminators
Hash 6bcc8f392bf0b1f72d93bccf411c9e86
30005753178891e2235d5dfb78043d671a7634a2
32e5e02e25575b3b28c8879e16f6d4e003fd98f5c547928003565db61fce3bed
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/9c0646d75b632435-1741188826621-a6dd55b799679bfe.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:45 GMT
vary: Accept-Encoding
etag: W/"67c870f5-6fde"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4164
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f45c310b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET cdntechone.com/stattag.js
200 OK 16 kB URL GET cdntechone.com/stattag.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintDC:31:A0:CC:76:0E:5C:E3:45:17:43:52:62:B5:29:18:F1:70:D7:FE
ValidityTue, 11 Feb 2025 05:59:25 GMT - Mon, 12 May 2025 06:58:07 GMT
File type JavaScript source, ASCII text, with very long lines (15840)
Hash 80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4225
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9R9aZLOU5GHPR9K8aw6WNH9Yg6lIy6%2B84JLcIX9MVG84kyHj1ZbdlCImrWnNlM8B8OplzXQRNRTcXYgMxsSMUEgm0dA%2BmrN0h6mG%2Be7cNgyLDhUzyeThwKKEpIZBjo2wDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91bb80f91c3056af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=658&min_rtt=497&rtt_var=320&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3284&recv_bytes=1245&delivery_rate=6304789&cwnd=247&unsent_bytes=0&cid=2b07e68486eb358b&ts=52&x=0"
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/media/confetti-2.c36ea98d.webp
200 OK 4.3 kB URL GET phaubsunsi.com/_next/static/media/confetti-2.c36ea98d.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 483d298f3477d9b9a9ed85e2997eb888
52e1956082c558621f102ba813e7bdcee3fcb31d
24763cff62c7e5d6aa028e7bc528010333a062aef7c5682c2dfdc7bfbcece822
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/confetti-2.c36ea98d.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 4258
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-10a2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fa9d950b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/127efc6b078804ef-1741188826621.836af60a55ea3e5d.js
200 OK 461 B URL GET phaubsunsi.com/_next/static/chunks/127efc6b078804ef-1741188826621.836af60a55ea3e5d.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (467), with no line terminators
Hash b614b0376e5f81de8cdce6303de0841e
3db3b10e3e48dd1dcd0c1cfa14e482b460137c34
9e03ab4cb6ab1ff090e69771327a534dffee7b9322cb3e9e8cf7e1bdfdf88823
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/127efc6b078804ef-1741188826621.836af60a55ea3e5d.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1cd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f728cd0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
POST shoalteftuh.net/event
200 OK 81 B IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 34c1c765056d48fddfe8f93f36e666be
5a182316f76c11690af5e2d13c56d8fc209d9f4e
64e677e6d115ca95146779f928375d550ac6c13aaee0ca40761b9f32e1c75092
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /event HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1870
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:52 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb81013b1956c9-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
POST datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=43f4f674-f26f-4f78-8354-0d6ff190ffb4
200 OK 12 B URL POST datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=43f4f674-f26f-4f78-8354-0d6ff190ffb4
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerSectigo Limited
Subjectdatatechonert.com
FingerprintED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72
ValidityWed, 11 Dec 2024 00:00:00 GMT - Tue, 23 Dec 2025 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash 6949f52318584a4b51c719a9b84a7287
9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905
72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=43f4f674-f26f-4f78-8354-0d6ff190ffb4 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1558
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 05 Mar 2025 17:58:52 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://phaubsunsi.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
GET phaubsunsi.com/_next/static/media/person-29.73effde7.webp
200 OK 3.3 kB URL GET phaubsunsi.com/_next/static/media/person-29.73effde7.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash f056fca1ff4905abc7f176ac97a51b4e
aa36ec73e22e130f0222d3403c590b7c1bf2a501
2f4095eedb5fad7a3d85414d111fc1578da4e3cd8377512b5d9eff81409e54ee
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/person-29.73effde7.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 3282
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-cd2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1154
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fb4e700b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/8f2581ca04431b22-1741188826621.fe378dc874d64db4.js
200 OK 89 kB URL GET phaubsunsi.com/_next/static/chunks/8f2581ca04431b22-1741188826621.fe378dc874d64db4.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash 2b1036f3f7e993b27ea343f4444d8057
5d61b8721d09170a57fbd61f12e9a40407af637a
cb292d22c13d5e549822898597c873e23096130d3d7985cf44f690052aa85fd0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/8f2581ca04431b22-1741188826621.fe378dc874d64db4.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:44 GMT
vary: Accept-Encoding
etag: W/"67c870f4-15d38"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4164
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f43bf90b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/06ff87a69ffa8402-1741188826621.20ef2bdcef5c98e3.js
200 OK 15 kB URL GET phaubsunsi.com/_next/static/chunks/06ff87a69ffa8402-1741188826621.20ef2bdcef5c98e3.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/06ff87a69ffa8402-1741188826621.20ef2bdcef5c98e3.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:39 GMT
vary: Accept-Encoding
etag: W/"67c870ef-3bb2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f63f190b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/media/person-26.a4c1d2a6.webp
200 OK 2.7 kB URL GET phaubsunsi.com/_next/static/media/person-26.a4c1d2a6.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash b74c9fa59f2d0405ec351240c503dcb8
6e9522c102f8b78f9fbd2ff8f81fd32e6f615a7b
a9af5e537bf204b98e8adb21c130e2bd71a30bb1808da53e043de6ae203fa979
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/person-26.a4c1d2a6.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 2712
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-a98"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1154
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fb3e510b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/624f56eeee3114bf-1741188826621.26e21342eb44f646.js
200 OK 654 B URL GET phaubsunsi.com/_next/static/chunks/624f56eeee3114bf-1741188826621.26e21342eb44f646.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (681), with no line terminators
Hash 0d5d89266b8ecdf6ae599c7039c0afae
771b53f584040ae6aed3ce105915024990db3fd8
78dfe025bb7e494cfe67ab43354579ba1f6cda33342dff5e85928a9307288899
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/624f56eeee3114bf-1741188826621.26e21342eb44f646.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-28e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f728cc0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/media/confetti-3.22ce5e15.webp
200 OK 7.4 kB URL GET phaubsunsi.com/_next/static/media/confetti-3.22ce5e15.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash 6ffe537f32b7be06a870808ee94dadc5
598b8776ac199d0d8737969255c81da7c2cf16f2
e0ddaa01c812e3cdc7963b53edf9a53867a1930a7a566edeb872a0f36da94f7b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/confetti-3.22ce5e15.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 7428
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-1d04"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fa9d980b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
POST shoalteftuh.net/zone?pub=0&zone_id=8565771&is_mobile=false&domain=phaubsunsi.com&var=8805346&ymid=434_u702706&var_3=&var_4=&dsig=&tg=1&sw=3.1.597&trace_id=aa341bec-f548-43fa-9793-a9c03143794f&action=prerequest&drf=
200 OK 0 B URL POST shoalteftuh.net/zone?pub=0&zone_id=8565771&is_mobile=false&domain=phaubsunsi.com&var=8805346&ymid=434_u702706&var_3=&var_4=&dsig=&tg=1&sw=3.1.597&trace_id=aa341bec-f548-43fa-9793-a9c03143794f&action=prerequest&drf=
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectshoalteftuh.net
Fingerprint0E:47:D6:77:FB:5B:E6:EC:54:E5:0B:B2:9C:66:D6:91:F9:14:56:5E
ValiditySun, 02 Mar 2025 00:22:58 GMT - Sat, 31 May 2025 01:22:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /zone?pub=0&zone_id=8565771&is_mobile=false&domain=phaubsunsi.com&var=8805346&ymid=434_u702706&var_3=&var_4=&dsig=&tg=1&sw=3.1.597&trace_id=aa341bec-f548-43fa-9793-a9c03143794f&action=prerequest&drf= HTTP/1.1
Host: shoalteftuh.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91bb80fdfdf356c9-OSL
X-Firefox-Spdy: h2
GET phaubsunsi.com/_next/static/chunks/45eea05f350ab42a-1741188826621-e763d31468777ca4.js
200 OK 56 kB URL GET phaubsunsi.com/_next/static/chunks/45eea05f350ab42a-1741188826621-e763d31468777ca4.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (55453), with no line terminators
Hash 9e6b73be0a733ff1dc7836bc9e61098f
2a5a341243ec9c85faee141b2e84889bbcd7d799
39251de2f089f6fb53d77c0f13ef2db278dcddb1c1478133633b154a0ebbc6ec
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/45eea05f350ab42a-1741188826621-e763d31468777ca4.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:42 GMT
vary: Accept-Encoding
etag: W/"67c870f2-d89d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4215
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f46c530b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/SBxuFMOQtDce80OblAePN/_buildManifest.js
200 OK 1.1 kB URL GET phaubsunsi.com/_next/static/SBxuFMOQtDce80OblAePN/_buildManifest.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type ASCII text, with very long lines (1143), with no line terminators
Hash 4b6b376401e130cbc58ae59ce444918a
850fd1c38a6557f9722181a4935cf1b5aa360ad7
0f1aac859d51cc2ef02289947d8c60a1e193821b87e2e1dbc8c8ed95acd969f4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/SBxuFMOQtDce80OblAePN/_buildManifest.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-43d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4214
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f46c590b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/c298f066cdf5eea8-1741188826621.10859a08deafb1af.js
200 OK 6.6 kB URL GET phaubsunsi.com/_next/static/chunks/c298f066cdf5eea8-1741188826621.10859a08deafb1af.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (6895), with no line terminators
Hash aeff3de13f66fd44d8c02feb07c95c86
53646bb12db0aa5d16437c37c256a62cafc5f9ba
9bdd47d76debb0ecd9cd15a2c785502c273e67963924468a879e42dfe031339a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/c298f066cdf5eea8-1741188826621.10859a08deafb1af.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:47 GMT
vary: Accept-Encoding
etag: W/"67c870f7-19ce"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f63f2b0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/af846a0375549403-1741188826621.0d49c7577f644722.js
200 OK 465 B URL GET phaubsunsi.com/_next/static/chunks/af846a0375549403-1741188826621.0d49c7577f644722.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (471), with no line terminators
Hash 077416798998a684ff40fb3863cbc0a0
3641e4f818e4b2be2175e64a1f4be13510d17084
ec079bf75e188a1175a464e4e542cfa4c5edfd0e4473476df1db3dbadf7218b2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/af846a0375549403-1741188826621.0d49c7577f644722.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1d1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f7797e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/2bdd4d62f9c07d78-1741188826621.c58aa1c95e09907f.js
200 OK 449 B URL GET phaubsunsi.com/_next/static/chunks/2bdd4d62f9c07d78-1741188826621.c58aa1c95e09907f.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (455), with no line terminators
Hash 6856d9e4ade1e8756d20ff3f000e4011
a5ebe7acede23f1bbdb5c868112ef51b767a0277
7ebec28980bdf99f4a5571ed93ee10d8a3739ef067a084c4ccf40c434187fa33
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/2bdd4d62f9c07d78-1741188826621.c58aa1c95e09907f.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: W/"67c87066-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5051
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f80a2c0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/favicon.ico
204 No Content 0 B URL GET phaubsunsi.com/favicon.ico
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Wed, 05 Mar 2025 17:58:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
priority: u=6,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 91bb80fb2e3b0b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/media/person-35.f265dd88.webp
200 OK 3.4 kB URL GET phaubsunsi.com/_next/static/media/person-35.f265dd88.webp
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type RIFF (little-endian) data, Web/P image
Hash f9156d6d772f3ec15470562477442c0a
dd6ca65b5fd85f1f3df438db0e11939a88eceb52
10bbcd36cf90082cb926cbe234412404d454a84984e86f4d421ea15ce721e8c2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/media/person-35.f265dd88.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:51 GMT
content-type: image/webp
content-length: 3400
last-modified: Wed, 05 Mar 2025 15:40:22 GMT
vary: Accept-Encoding
etag: "67c87066-d48"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:51 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91bb80fb6e990b31-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/e1178574a1ad221d-1741188826621.7389e70158c8b007.js
200 OK 14 kB URL GET phaubsunsi.com/_next/static/chunks/e1178574a1ad221d-1741188826621.7389e70158c8b007.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (13995), with no line terminators
Hash 85ecf414640781ef1b7a0a7c54991237
c49804383f6b18ffb6c0ad122a357bf608a26c5d
be4184ae0d17a36a10d52baf63124decae4424840aa9d0714896b4958cde3962
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/e1178574a1ad221d-1741188826621.7389e70158c8b007.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:49 GMT
vary: Accept-Encoding
etag: W/"67c870f9-36ab"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4335
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f42be80b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/274741f174abf909-1741188826621.958405809ca3c63f.js
200 OK 43 kB URL GET phaubsunsi.com/_next/static/chunks/274741f174abf909-1741188826621.958405809ca3c63f.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (42949), with no line terminators
Hash 9afaf937d53ecac3a63b70d5b988b5fc
da3ec3b64b16c9a30f5e0710edaa433284fb21e2
10abbea3055739bcd94f45fcc3ce3373615e23780e404bbf257a545275fbad1b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/274741f174abf909-1741188826621.958405809ca3c63f.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:40 GMT
vary: Accept-Encoding
etag: W/"67c870f0-a7c5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4164
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f44c200b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET phaubsunsi.com/_next/static/chunks/f141f7458f59f103-1741188826621.7b1724452fb2a85f.js
200 OK 3.4 kB URL GET phaubsunsi.com/_next/static/chunks/f141f7458f59f103-1741188826621.7b1724452fb2a85f.js
IP
Requested by https://phaubsunsi.com/sweeps-survey/1383/?s=921211770555871664&z=8805346&var=434_u702706&campaignid=9051085&b=22951561&ymid=921211770555871664&city=oslo&svar=1741197529&ssk=5fd85f2d1209b5ea9db2d9c47ede9a3e
Certificate IssuerGoogle Trust Services
Subjectphaubsunsi.com
FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35
ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File type JavaScript source, ASCII text, with very long lines (3455), with no line terminators
Hash 6e546c711b4ac677652d2ccfe1044279
24dc123e33c29b0e8be2067b1047a6c7abe83a96
667d8b62d049e0a97606c7759940291358b1c2c4fd94329a12dd03dbf66acc06
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /_next/static/chunks/f141f7458f59f103-1741188826621.7b1724452fb2a85f.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 05 Mar 2025 17:58:50 GMT
content-type: application/javascript
last-modified: Wed, 05 Mar 2025 15:42:49 GMT
vary: Accept-Encoding
etag: W/"67c870f9-d37"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5052
expires: Wed, 05 Mar 2025 18:58:50 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91bb80f63f240b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
35.204.100.195
104.18.41.22
0.0.0.0