Report - staujaupsamt.com/?l=QZMsMkz8VL07Y6L

Report Overview

Submitted URL
staujaupsamt.com/?l=QZMsMkz8VL07Y6L
IP
104.21.86.149
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 06:15:04
Access
public
Website Title
THANK YOU!
Final URL
staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-04-17	904 B	1.5 kB	139.45.195.8
littlecdn.com	11785	2019-06-04	2019-06-04	2024-04-15	920 B	20 kB	104.22.25.116
staujaupsamt.com	unknown	2024-04-05	2024-04-08	2024-04-17	6.4 kB	132 kB	104.21.86.149
jouteetu.net	260109	2021-07-08	2021-07-15	2024-04-18	1.3 kB	1.9 kB	139.45.197.251
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-04-16	1.0 kB	1.1 kB	139.45.197.250

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-18	medium	staujaupsamt.com	Sinkholed
2024-04-18	medium	amunfezanttor.com	Sinkholed
2024-04-18	medium	amunfezanttor.com	Sinkholed
2024-04-18	medium	staujaupsamt.com	Sinkholed
2024-04-18	medium	staujaupsamt.com	Sinkholed
2024-04-18	medium	staujaupsamt.com	Sinkholed
2024-04-18	medium	staujaupsamt.com	Sinkholed
2024-04-18	medium	staujaupsamt.com	Sinkholed
2024-04-18	medium	staujaupsamt.com	Sinkholed
2024-04-18	medium	staujaupsamt.com	Sinkholed
2024-04-18	medium	staujaupsamt.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (23)

	URL	Size	First Seen	Last Seen
	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	86 B	2024-04-18	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 08:15:07 Last Seen2024-04-18 08:15:07 Times Seen1 Hash 262a9f62f8dddf9f0733c80e78a1efa7 a41b59e7cd66eb60555511a63270caf15de62e78 bf680a4215c9481fed5a33193cfc974f20b1937e11ecf914603fed14d79c456e Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	390 B	2024-01-23	2024-04-30
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-23 11:20:02 Last Seen2024-04-30 21:41:49 Times Seen2093 Hash 5247fca34d34a05ed1f8838aeba83b47 564b1f3eacda75db2aa6b35b218bedb8a0388cd2 6c3667edbc99573fa96be6a762d2d1a3cbf7269e3f40031b03f3766a5f6cd8ba Loading...

	staujaupsamt.com/pfe/current/micro.tag.min.js?uhd=1&z=6243280&ymid={request_var}&var={zoneid}&sw=/sw-check-permissions/6243280&os_version=x86.64	36 kB	2024-04-17	2024-04-19
Pretty URL staujaupsamt.com/pfe/current/micro.tag.min.js?uhd=1&z=6243280&ymid={request_var}&var={zoneid}&sw=/sw-check-permissions/6243280&os_version=x86.64 IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 01:10:02 Last Seen2024-04-19 09:40:11 Times Seen95 Hash b64d3763f9aa99e7edc76dc0dd29d030 9b5d6da9384fe75fcc5a4f79ad2cde0399bfd523 e64712048ba884038027c9037196f430b7ae020a3ec9679dfd577a6fb58f9de3 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	679 B	2023-09-30	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-30 06:56:02 Last Seen2024-04-18 13:14:14 Times Seen5065 Hash 81f2b3d0597f5fb3e59f0de7c72e56b0 f7fe43ee0344359c42a4501460b2d06dfcbeb46a 5fe54923fddbb41708ee1edb5375baafddf99ddca22cbb74e0350e498cbf4b3e Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	1.0 kB	2023-09-15	2024-04-30
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-15 06:48:32 Last Seen2024-04-30 21:41:49 Times Seen5199 Hash 1e000d88343060c761e3d7ae644a8732 98f67005a3b038378596137e93681310c394d980 cea17ebf90b967d519365b4f2c3a89f73e6b70003e81841d6b8696df4304210e Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	2.9 kB	2023-12-24	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-24 14:09:59 Last Seen2024-04-18 08:15:07 Times Seen18 Hash 23c286f629d47169dc437df2d53e3768 240da901690cd285ee556da0060f415def06fc64 d3ade8bbe231fa51d9ffde0bcf23c400b8aae8c5e0ff7424a65e1ea06bd38651 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	321 B	2024-03-16	2024-04-30
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-16 20:53:06 Last Seen2024-04-30 21:41:49 Times Seen98 Hash 7871eb351b7621935fa9c7235ea23fec dc9e9141d124263e37f8f36a2a9a3a04fe48e34a 35a2fe87f3d74d7791097c7670e83fbd42c90b97cc393527309235d358809683 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	97 B	2024-03-16	2024-04-30
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-16 20:53:06 Last Seen2024-04-30 21:41:49 Times Seen98 Hash 77b5a2581e051e76ee3c38a50a873548 029ab99e3748ace3d701b0d8e22f2eca860ff701 6cdef993f9cba362e089f1dc186ebd08a995de0fdb582440ba0d892f34325c48 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	2.0 kB	2024-02-19	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-19 20:50:32 Last Seen2024-04-18 08:15:07 Times Seen3 Hash 792f319a309d5127c06029bb56b7ba03 c2c75c9498ec9e897c08d17b45575b96cde13384 ef059525bbea729515b5dbc1c738addd5d8f146099f0432b46763588180e90f4 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	38 B	2023-03-13	2024-04-30
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 22:51:58 Last Seen2024-04-30 21:41:49 Times Seen5387 Hash 3ea1379d18e4ec6bccefeba76a1b33b4 90afb068cee6917494ddd820bcb2fe44de7e5e43 15c832dee58f1c08fb6bf51935a10f95cb0482d19441cefbb469a82278e54bae Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	11 kB	2024-04-18	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 08:15:07 Last Seen2024-04-18 08:15:07 Times Seen1 Hash 68a1d9b605a8b2450f057a3761711395 cc8299f2b8f831ccca7d619aff758a06e437ad0a 22de2c10ee07c5c17d9ac8bc685dae38448cd9d8342fd1661548c4c2fc47110f Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	3.5 kB	2024-04-06	2024-04-30
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 22:19:16 Last Seen2024-04-30 21:41:49 Times Seen23 Hash e5380ae0a235fbdc5e33afdb4af4acd5 dba073f817c4f31269e29c04f4055306aadec631 696253f67e5035923d4e83bd3f49f34e3ccfdf4bdcb879b955f7707ae166520f Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	462 B	2024-04-18	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 08:15:07 Last Seen2024-04-18 08:15:07 Times Seen1 Hash 0149dedf9edd7df1bb5a89c5241d60a2 0875578a7e041396ef77afde0d3945845e2d50e1 d2f44fe1f881fa61e251b06b17017c5a34ea07352e867a03ada5cba1bc319368 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	432 B	2023-08-15	2024-04-30
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-15 17:07:57 Last Seen2024-04-30 21:41:49 Times Seen5219 Hash a68df917a9d58006028bbbc7b6f30aa0 8412b7650e9351c4826eee83dc944ab8e7a5a660 003c5bfe078f1901b11f14e32f824a1696e54b3a72cd7462395986063f0cd571 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	4.0 kB	2024-04-18	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 08:15:07 Last Seen2024-04-18 08:15:07 Times Seen1 Hash 02af68cbea21a041a8a6f1ff81804385 e3bdffe982103b41838de35089fce5a7b9eb37db cc6b4c39a6ec102a1f3068af681d6be7073e1bd9d1eaed31d7805b0a9482ed9f Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	27 B	2023-03-07	2024-04-30
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:27:36 Last Seen2024-04-30 21:41:49 Times Seen3021 Hash dcdca1271ff14fa2a37aac2fdd562ad7 6f8d97801b33f24f2a736c00e1bc5805d9fd5eb7 66d82b0643143d1e9fa6ec2c7e07af701b2b274bc4db74b60ee4dcf5862d229c Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	7.2 kB	2024-04-18	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 08:15:07 Last Seen2024-04-18 08:15:07 Times Seen1 Hash 2f258dcb8a39f639d45a135b9229e043 58c66849762e1202c394785c05b1ab722486df84 d7cac22de246fd2cef3f58643a51c28535d2709ab74c0d314d27d4361121ad79 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	2.8 kB	2023-03-26	2024-04-29
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 05:18:26 Last Seen2024-04-29 08:38:22 Times Seen857 Hash fb795700058b50216760c6c0106b5986 61fb020ce71c0f2e0279fbf4181f53193b91e6e8 bc7a22aa06586c1dcd0ac89f0329e96dd2936308987969b449395a2e3d0eda78 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	243 B	2023-03-07	2024-04-29
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 13:21:30 Last Seen2024-04-29 08:38:22 Times Seen1022 Hash 9c8b4c2757a2ba84e7374a4a2fb73e6d 824c4afa2e871938c12f7c5698fe98f3f19a95c5 415d44cc3ea93f4be94854a2677c8fef5a136343c45546c218d0fb25d5092bc1 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	4.0 kB	2024-02-16	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-16 05:21:04 Last Seen2024-04-18 08:15:07 Times Seen5 Hash 90b86938b154c938472119a57f46c31f b617df2f5f635d04095523cf1c687d6f9b5d7a08 7754bc9302e17572f47c189bc9957aaf306925ec7e704bd8b149dbf18bf95cd0 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	3.1 kB	2024-04-18	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 08:15:07 Last Seen2024-04-18 08:15:07 Times Seen1 Hash d0e0759d9047b37fadd0c4ef851dc804 555e7f65790e3d9766de2cad1156361f0b3da564 d823eb77e3e74cf54dd44a0bd0435d9cfac3919e51cbfa8c83b8cb39463d9686 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	2.8 kB	2024-04-18	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 08:15:07 Last Seen2024-04-18 08:15:07 Times Seen1 Hash f329c22b57e614c68513387d342ca19b 6893a12766011157062f0dbd95cab2acec367a1b 26583146a94868e352857666851240ef97f45d864861ca004a463ad4632e94f8 Loading...

	staujaupsamt.com/?l=QZMsMkz8VL07Y6L	2.0 kB	2024-02-16	2024-04-18
Pretty URL staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP 104.21.86.149 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-16 05:21:04 Last Seen2024-04-18 08:15:07 Times Seen5 Hash e9680de18209aec9176be1b093dd4ed5 9a9065baa4c8bdf018e544adfd7538e90c8c3173 4b3b21d671c4bb9f0f4162a99c06579344b0a40145a40f143db857791108a0de Loading...

HTTP Transactions (18)

URL IP Response Size

my.rtmark.net/gid.js?userId=1cd616bed1345f49badf9f67ec2c8904

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=1cd616bed1345f49badf9f67ec2c8904
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
2a0d84945e701dd4cb566519f9638f5e
79769b69e6d35768dc369fe96fc831909b9bc67b
4b4717a3dad50a67c885346607ecf094c4a9ab77c84cde9588e363d31e1e9ac3

HTTP Headers

GET /gid.js?userId=1cd616bed1345f49badf9f67ec2c8904 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1cd616bed1345f49badf9f67ec2c8904; expires=Fri, 18 Apr 2025 06:14:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
e11988e3e983a3a1261ff9bad7200ed7
39dcdd909a2049a16c5e6f545c5591c4ab1a06ec
16de92e193c9b25f8a980066bd4fa7cc7c0f9700947abe58be01db2b260196fd

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dcbffe9fe477410dadfa4406d81168f0; expires=Fri, 18 Apr 2025 06:14:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

littlecdn.com/apps/templates/questions/video-bg/css/style.css?v=123

104.22.25.116

200 OK

18 kB

URL GET HTTP/2
littlecdn.com/apps/templates/questions/video-bg/css/style.css?v=123
IP
104.22.25.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerLet's Encrypt
Subjectlittlecdn.com
Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A
ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT

File type
ASCII text
Size
18 kB (17686 bytes)
Hash
ca1a961d96cf3953b6b75c8c39fe6132
b66855917cb1b7b10ac3282b7935911bf36eb49a
d21f4f385b7a8e28691947d612fb2331831568d19df3717ceaf2748f5cbe7814

HTTP Headers

GET /apps/templates/questions/video-bg/css/style.css?v=123 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 11:33:14 GMT
vary: Accept-Encoding
etag: W/"661fb37a-1718"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 5863
server: cloudflare
cf-ray: 87628409bc4f0afe-OSL
content-encoding: br
X-Firefox-Spdy: h2

staujaupsamt.com/zone?&pub=0&zone_id=6243280&is_mobile=false&domain=staujaupsamt.com&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&var_3=&var_4=&dsig=&tg=1&sw=3.1.500&trace_id=aa52ccc5-5081-4ac4-8775-56ee4b1316db&action=prerequest

104.21.86.149

200 OK

0 B

URL POST HTTP/3
staujaupsamt.com/zone?&pub=0&zone_id=6243280&is_mobile=false&domain=staujaupsamt.com&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&var_3=&var_4=&dsig=&tg=1&sw=3.1.500&trace_id=aa52ccc5-5081-4ac4-8775-56ee4b1316db&action=prerequest
IP
104.21.86.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerGoogle Trust Services LLC
Subjectstaujaupsamt.com
Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22
ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=6243280&is_mobile=false&domain=staujaupsamt.com&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&var_3=&var_4=&dsig=&tg=1&sw=3.1.500&trace_id=aa52ccc5-5081-4ac4-8775-56ee4b1316db&action=prerequest HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-length: 0
x-trace-id: 5d920abbd266816afe1681b063df8512
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lCZB9EavbV31%2Bww77eO2ajsGfWwdhX06sJ%2BA4Yk%2F0jjqqi6Fclosc05HPjBDWis1U%2BgpDcLRHJx7zGMeaFuMOy0jKRB95EsT%2FLtl3yNxNasW3erpN3cqYpFC%2BhUrbXQgYzyn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840adfb2712d-OSL
alt-svc: h3=":443"; ma=86400

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 313
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 68e084614444fa2d251521d39ae267ab
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 315
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6d293234bc1b5f1b3b702b865f1a624c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 316
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d73930f4e425ae9c838972c822ddc75e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://staujaupsamt.com/
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type
JSON text data
Size
94 B (94 bytes)
Hash
c694f7a0bea7ab2c844946ded595b56a
72fc64041dd59e2b140a8e628e91fbc097880de6
4ab92143c6f4584ff99639a024049eeb4d7942c34628610f40e534a33dc385b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/
Content-Type: application/json
Content-Length: 1181
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

staujaupsamt.com/favicon.ico

104.21.86.149

204 No Content

0 B

URL GET HTTP/3
staujaupsamt.com/favicon.ico
IP
104.21.86.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerGoogle Trust Services LLC
Subjectstaujaupsamt.com
Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22
ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=dcbffe9fe477410dadfa4406d81168f0; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 18 Apr 2024 06:14:38 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcycyBtMx6Qn2RWHD2xU1ObNtEBdfGPAV1YwEpHsINqEXYe93M4LQMILZql0wyIub1F1pX0MgIYTiDEeFVHBFCD%2FoZa%2FG2SWuR6qrL5BaBMLg6trMb00R8dZczz6ZtrtVyXK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762840c495f712d-OSL
alt-svc: h3=":443"; ma=86400

staujaupsamt.com/rotate?zz=6243414&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uid=dcbffe9fe477410dadfa4406d81168f0&os_version=x86.64

104.21.86.149

200 OK

6.5 kB

URL GET HTTP/3
staujaupsamt.com/rotate?zz=6243414&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uid=dcbffe9fe477410dadfa4406d81168f0&os_version=x86.64
IP
104.21.86.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerGoogle Trust Services LLC
Subjectstaujaupsamt.com
Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22
ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT

File type
JSON text data
Size
6.5 kB (6542 bytes)
Hash
fb6d1186c9d9618929ec64c337078cab
ed0d8530fa487a1c322988a126760447c27080f8
66627c0ebd8619f459dee3260d15fa1be6b0d370b3e266a377452c0c02ee9375

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rotate?zz=6243414&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uid=dcbffe9fe477410dadfa4406d81168f0&os_version=x86.64 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
DNT: 1
Connection: keep-alive
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: b64c8b4b24de81198cfa3e645f29c275
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://staujaupsamt.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=dcbffe9fe477410dadfa4406d81168f0; expires=Fri, 18 Apr 2025 06:14:38 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Rj9iSlOWkI8YF3yL8tzyea11vD2f01a8H6jI4KGoqybRy7b21fJelgLIO62y0fqOO0aX8V%2BJXKsZPWmkyDre5jR9zcSpTwHl04ap0DhAwveL2yhfgRqfrnMjuW%2BWewBsROc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840b1fed712d-OSL
alt-svc: h3=":443"; ma=86400

staujaupsamt.com/contents/s/1c/2c/1e/0d5c59daf90ddc532c788e8a1a/0495677411714.jpeg

104.21.86.149

200 OK

16 kB

URL GET HTTP/3
staujaupsamt.com/contents/s/1c/2c/1e/0d5c59daf90ddc532c788e8a1a/0495677411714.jpeg
IP
104.21.86.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerGoogle Trust Services LLC
Subjectstaujaupsamt.com
Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22
ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x480, components 3
Size
16 kB (16097 bytes)
Hash
1c2c1e0d5c59daf90ddc532c788e8a1a
6956916cdd7a357b4215d99d79abb0a54bc26ca8
4ecc07cc1d7ab222e7245c6734734ac72b77ceafff00c4c2326e845d536fa3fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /contents/s/1c/2c/1e/0d5c59daf90ddc532c788e8a1a/0495677411714.jpeg HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: image/jpeg
content-length: 16097
last-modified: Mon, 27 Feb 2023 09:26:05 GMT
vary: Accept-Encoding
etag: "63fc772d-3ee1"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L2YCEqItAjiGI4AnLJPJld6wEmkOVCOMGXkiUmnFUR9NgTY6tq7Sg%2FX0zyLrzkM6rW1Dx6fJ%2BG02AlnByve0q7i9hPAyOGkEck9tqW1x9PLkqOqJFQEAIymWDU%2BDyVfBNDiZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840a2ec1712d-OSL
alt-svc: h3=":443"; ma=86400

littlecdn.com/apps/templates/questions/video-bg/css/theme/green.css?v=123

104.22.25.116

200 OK

432 B

URL GET HTTP/2
littlecdn.com/apps/templates/questions/video-bg/css/theme/green.css?v=123
IP
104.22.25.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerLet's Encrypt
Subjectlittlecdn.com
Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A
ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT

File type
ASCII text, with very long lines (445), with no line terminators
Size
432 B (432 bytes)
Hash
d72725a1b3fca0012fb1c489698e851b
235b773f0779434ad997fb4b072a315dd84ec445
958ad2f46e1d5f81e1f8226fa392cafe2a363381bb18e28ae06e4cf7cda579d3

HTTP Headers

GET /apps/templates/questions/video-bg/css/theme/green.css?v=123 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 11:33:14 GMT
vary: Accept-Encoding
etag: W/"661fb37a-1b0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 5863
server: cloudflare
cf-ray: 87628409bc510afe-OSL
content-encoding: br
X-Firefox-Spdy: h2

staujaupsamt.com/sw-check-permissions/6243280?var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uhd=1&zoneId=6243280

104.21.86.149

200 OK

1.3 kB

URL GET HTTP/3
staujaupsamt.com/sw-check-permissions/6243280?var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uhd=1&zoneId=6243280
IP
104.21.86.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerGoogle Trust Services LLC
Subjectstaujaupsamt.com
Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22
ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT

File type
ASCII text, with very long lines (1422), with no line terminators
Size
1.3 kB (1338 bytes)
Hash
7d8ac50f006ff6982cceb8768e329838
19254f02fdc0d52b55a9eff5eb0d091f22a8052c
5ec4b46640482ca384a1846ac928b2501354351bcc198387c9978f8a610e3e9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw-check-permissions/6243280?var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uhd=1&zoneId=6243280 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bUSXmNoZ68aAcioyVtIBRGu%2BoEk%2FkranYpy2sCmEqFzmKh8JVmZcWXvJxYtypAtH7wwUZJvoS2qV%2F3Y%2B3U3sSTI93i3g7XQxxxTcynC4bzDhqtfnj6%2F0ZetmL4W3QyG8TwPi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840b1fe4712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

staujaupsamt.com/?l=QZMsMkz8VL07Y6L

104.21.86.149

200 OK

61 kB

URL User Request GET HTTP/2
staujaupsamt.com/?l=QZMsMkz8VL07Y6L
IP
104.21.86.149:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectstaujaupsamt.com
Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22
ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT

File type
HTML document, ASCII text, with very long lines (3300)
Size
61 kB (61134 bytes)
Hash
0aa5e8efbccb80917c93c7997fc7e1a5
677664c6d3053692f4e5d5a94a8432dd2f968e40
12e8d383e36017f782878c3d0ceeb7b68bd5141587c9476222805aeccbad800f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?l=QZMsMkz8VL07Y6L HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; expires=Thu, 18-Apr-2024 07:14:38 GMT; Max-Age=3600; path=/
OAID=1cd616bed1345f49badf9f67ec2c8904; expires=Fri, 04-Aug-2079 12:29:16 GMT; Max-Age=1744956878; path=/
oaidts=1713420878; expires=Fri, 04-Aug-2079 12:29:16 GMT; Max-Age=1744956878; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJpVhrA9MY0XOUw5Xt9AGPS9uFAd251dZI23vUNUKoEILp%2Bl6otvZ%2BsGnXD542Mhy5iKbuIVHFOlD2mZzGQanYDwvjyeXn%2B7JT145WwYYqTr7GtHTShjz77kDYT47XXOzjYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628407499fb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

staujaupsamt.com/pfe/current/micro.tag.min.js?uhd=1&z=6243280&ymid={request_var}&var={zoneid}&sw=/sw-check-permissions/6243280&os_version=x86.64

104.21.86.149

200 OK

36 kB

URL GET HTTP/3
staujaupsamt.com/pfe/current/micro.tag.min.js?uhd=1&z=6243280&ymid={request_var}&var={zoneid}&sw=/sw-check-permissions/6243280&os_version=x86.64
IP
104.21.86.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerGoogle Trust Services LLC
Subjectstaujaupsamt.com
Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22
ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT

File type
JavaScript source, ASCII text, with very long lines (36528), with no line terminators
Size
36 kB (36528 bytes)
Hash
b64d3763f9aa99e7edc76dc0dd29d030
9b5d6da9384fe75fcc5a4f79ad2cde0399bfd523
e64712048ba884038027c9037196f430b7ae020a3ec9679dfd577a6fb58f9de3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?uhd=1&z=6243280&ymid={request_var}&var={zoneid}&sw=/sw-check-permissions/6243280&os_version=x86.64 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 15:57:13 GMT
vary: Accept-Encoding
etag: W/"661e9fd9-8eb0"
access-control-allow-credentials: true
cache-control: max-age=86400
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNcZ6joC%2Bj5ZOrtSpXBUJsmtOroX4aqwKwnPi5rcdzBoOu0pw0R1XZWSxyMH%2BbVFKmrxMNN%2B5JmmD8V95dU42jjchBUVFlgRGK2sLmw6Dp2yxgmkVHxH4GXW39acfYNUvDIA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628409ae2d712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

staujaupsamt.com/?l=QZMsMkz8VL07Y6L&mprtr=1&os_version=x86.64

104.21.86.149

200 OK

2 B

URL POST HTTP/3
staujaupsamt.com/?l=QZMsMkz8VL07Y6L&mprtr=1&os_version=x86.64
IP
104.21.86.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerGoogle Trust Services LLC
Subjectstaujaupsamt.com
Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22
ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /?l=QZMsMkz8VL07Y6L&mprtr=1&os_version=x86.64 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VtcU8E1Botju4CYAc03NjMorOH2kU9IBWCNIWd59cXHjQUtWA8XTb%2FcgFyLDASfRTYZs2lpquodo7x8K0zdUK7dZtqXLXWYTkCPDhe%2FFVLMN0e04qetJF41qqwpbhVZjc6mO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840adfa2712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

staujaupsamt.com/track-impression-applab?z={zoneid}&b={bannerid}&ymid=&var=&var_3=&redirect=false&redirectUrl=https%3A%2F%2Fattr.itpub.cc%2Fiha%2Fxfle98%2Fmt%2Fc%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3D324728%253A%7Bzoneid%7D%253A%7Brequest_var%7D%253A1%253A%7Bbrowser%7D%26mt_sub2%3D%7Bzoneid%7D%26mt_creative%3D%7Bbannerid%7D%26land_state%3Dbefore_render%26land_id%3DQZMsMkz8VL07Y6L%26land_generation_time%3D2024-04-18_01%3A14%3A38%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D1cd616bed1345f49badf9f67ec2c8904%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64

104.21.86.149

200 OK

802 B

URL GET HTTP/3
staujaupsamt.com/track-impression-applab?z={zoneid}&b={bannerid}&ymid=&var=&var_3=&redirect=false&redirectUrl=https%3A%2F%2Fattr.itpub.cc%2Fiha%2Fxfle98%2Fmt%2Fc%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3D324728%253A%7Bzoneid%7D%253A%7Brequest_var%7D%253A1%253A%7Bbrowser%7D%26mt_sub2%3D%7Bzoneid%7D%26mt_creative%3D%7Bbannerid%7D%26land_state%3Dbefore_render%26land_id%3DQZMsMkz8VL07Y6L%26land_generation_time%3D2024-04-18_01%3A14%3A38%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D1cd616bed1345f49badf9f67ec2c8904%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64
IP
104.21.86.149:443
ASN
#13335 CLOUDFLARENET

Requested by
https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Certificate
IssuerGoogle Trust Services LLC
Subjectstaujaupsamt.com
Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22
ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (858), with no line terminators
Size
802 B (802 bytes)
Hash
946465070aca7079866fbe5df2fc5bbf
990bd9b80f092d963358c77f54aa36ff7f785a34
828b791139f337a8314392a9b391823c79b352f648e0b9ef76eeb512a3c9efca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /track-impression-applab?z={zoneid}&b={bannerid}&ymid=&var=&var_3=&redirect=false&redirectUrl=https%3A%2F%2Fattr.itpub.cc%2Fiha%2Fxfle98%2Fmt%2Fc%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3D324728%253A%7Bzoneid%7D%253A%7Brequest_var%7D%253A1%253A%7Bbrowser%7D%26mt_sub2%3D%7Bzoneid%7D%26mt_creative%3D%7Bbannerid%7D%26land_state%3Dbefore_render%26land_id%3DQZMsMkz8VL07Y6L%26land_generation_time%3D2024-04-18_01%3A14%3A38%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D1cd616bed1345f49badf9f67ec2c8904%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
DNT: 1
Connection: keep-alive
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 0223d680eed4a33a9002b8c3979cc8b5
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emS7Mi8HsGSJbpbwxnJ6PYutE372ay7ETmN5j7DeSN6R%2F%2FL3WbfgNDqDKxOVtt6MVVgU472Asl1hbmegUKnmVEKs9Glp3knB1GqpDzb%2F%2Be5%2BuFE9JCd3e%2BPzsJJ7HI3boVcE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840aefb7712d-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (23)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML