| my.rtmark.net/gid.js?userId=1cd616bed1345f49badf9f67ec2c8904 | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=1cd616bed1345f49badf9f67ec2c8904 IP139.45.195.8:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash2a0d84945e701dd4cb566519f9638f5e 79769b69e6d35768dc369fe96fc831909b9bc67b 4b4717a3dad50a67c885346607ecf094c4a9ab77c84cde9588e363d31e1e9ac3
GET /gid.js?userId=1cd616bed1345f49badf9f67ec2c8904 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1cd616bed1345f49badf9f67ec2c8904; expires=Fri, 18 Apr 2025 06:14:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hashe11988e3e983a3a1261ff9bad7200ed7 39dcdd909a2049a16c5e6f545c5591c4ab1a06ec 16de92e193c9b25f8a980066bd4fa7cc7c0f9700947abe58be01db2b260196fd
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dcbffe9fe477410dadfa4406d81168f0; expires=Fri, 18 Apr 2025 06:14:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| littlecdn.com/apps/templates/questions/video-bg/css/style.css?v=123 | 104.22.25.116 | 200 OK | 18 kB |
URL GET HTTP/2littlecdn.com/apps/templates/questions/video-bg/css/style.css?v=123 IP104.22.25.116:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
Hashca1a961d96cf3953b6b75c8c39fe6132 b66855917cb1b7b10ac3282b7935911bf36eb49a d21f4f385b7a8e28691947d612fb2331831568d19df3717ceaf2748f5cbe7814
GET /apps/templates/questions/video-bg/css/style.css?v=123 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 11:33:14 GMT
vary: Accept-Encoding
etag: W/"661fb37a-1718"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 5863
server: cloudflare
cf-ray: 87628409bc4f0afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| staujaupsamt.com/zone?&pub=0&zone_id=6243280&is_mobile=false&domain=staujaupsamt.com&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&var_3=&var_4=&dsig=&tg=1&sw=3.1.500&trace_id=aa52ccc5-5081-4ac4-8775-56ee4b1316db&action=prerequest | 104.21.86.149 | 200 OK | 0 B |
URL POST HTTP/3staujaupsamt.com/zone?&pub=0&zone_id=6243280&is_mobile=false&domain=staujaupsamt.com&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&var_3=&var_4=&dsig=&tg=1&sw=3.1.500&trace_id=aa52ccc5-5081-4ac4-8775-56ee4b1316db&action=prerequest IP104.21.86.149:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerGoogle Trust Services LLC Subjectstaujaupsamt.com Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22 ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6243280&is_mobile=false&domain=staujaupsamt.com&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&var_3=&var_4=&dsig=&tg=1&sw=3.1.500&trace_id=aa52ccc5-5081-4ac4-8775-56ee4b1316db&action=prerequest HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-length: 0
x-trace-id: 5d920abbd266816afe1681b063df8512
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lCZB9EavbV31%2Bww77eO2ajsGfWwdhX06sJ%2BA4Yk%2F0jjqqi6Fclosc05HPjBDWis1U%2BgpDcLRHJx7zGMeaFuMOy0jKRB95EsT%2FLtl3yNxNasW3erpN3cqYpFC%2BhUrbXQgYzyn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840adfb2712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 313
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 68e084614444fa2d251521d39ae267ab
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 315
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6d293234bc1b5f1b3b702b865f1a624c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| jouteetu.net/custom | 139.45.197.251 | 200 OK | 39 B |
IP139.45.197.251:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerLet's Encrypt Subjectjouteetu.net FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65 ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT
Hash058b158c2be925f556454ef762d93538 cc6fc563b4b6baee880fdbc7fcfaa134978e33c9 ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 316
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d73930f4e425ae9c838972c822ddc75e
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 0 B |
IP139.45.197.250:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://staujaupsamt.com/
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2
|
|
| amunfezanttor.com/event | 139.45.197.250 | 200 OK | 94 B |
IP139.45.197.250:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerLet's Encrypt Subjectamunfezanttor.com FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT
Hashc694f7a0bea7ab2c844946ded595b56a 72fc64041dd59e2b140a8e628e91fbc097880de6 4ab92143c6f4584ff99639a024049eeb4d7942c34628610f40e534a33dc385b9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/
Content-Type: application/json
Content-Length: 1181
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://staujaupsamt.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| staujaupsamt.com/favicon.ico | 104.21.86.149 | 204 No Content | 0 B |
URL GET HTTP/3staujaupsamt.com/favicon.ico IP104.21.86.149:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerGoogle Trust Services LLC Subjectstaujaupsamt.com Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22 ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=dcbffe9fe477410dadfa4406d81168f0; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 18 Apr 2024 06:14:38 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcycyBtMx6Qn2RWHD2xU1ObNtEBdfGPAV1YwEpHsINqEXYe93M4LQMILZql0wyIub1F1pX0MgIYTiDEeFVHBFCD%2FoZa%2FG2SWuR6qrL5BaBMLg6trMb00R8dZczz6ZtrtVyXK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8762840c495f712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| staujaupsamt.com/rotate?zz=6243414&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uid=dcbffe9fe477410dadfa4406d81168f0&os_version=x86.64 | 104.21.86.149 | 200 OK | 6.5 kB |
URL GET HTTP/3staujaupsamt.com/rotate?zz=6243414&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uid=dcbffe9fe477410dadfa4406d81168f0&os_version=x86.64 IP104.21.86.149:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerGoogle Trust Services LLC Subjectstaujaupsamt.com Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22 ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT
Hashfb6d1186c9d9618929ec64c337078cab ed0d8530fa487a1c322988a126760447c27080f8 66627c0ebd8619f459dee3260d15fa1be6b0d370b3e266a377452c0c02ee9375
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=6243414&var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uid=dcbffe9fe477410dadfa4406d81168f0&os_version=x86.64 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
DNT: 1
Connection: keep-alive
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: b64c8b4b24de81198cfa3e645f29c275
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://staujaupsamt.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=dcbffe9fe477410dadfa4406d81168f0; expires=Fri, 18 Apr 2025 06:14:38 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Rj9iSlOWkI8YF3yL8tzyea11vD2f01a8H6jI4KGoqybRy7b21fJelgLIO62y0fqOO0aX8V%2BJXKsZPWmkyDre5jR9zcSpTwHl04ap0DhAwveL2yhfgRqfrnMjuW%2BWewBsROc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840b1fed712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| staujaupsamt.com/contents/s/1c/2c/1e/0d5c59daf90ddc532c788e8a1a/0495677411714.jpeg | 104.21.86.149 | 200 OK | 16 kB |
URL GET HTTP/3staujaupsamt.com/contents/s/1c/2c/1e/0d5c59daf90ddc532c788e8a1a/0495677411714.jpeg IP104.21.86.149:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerGoogle Trust Services LLC Subjectstaujaupsamt.com Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22 ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x480, components 3 Hash1c2c1e0d5c59daf90ddc532c788e8a1a 6956916cdd7a357b4215d99d79abb0a54bc26ca8 4ecc07cc1d7ab222e7245c6734734ac72b77ceafff00c4c2326e845d536fa3fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /contents/s/1c/2c/1e/0d5c59daf90ddc532c788e8a1a/0495677411714.jpeg HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: image/jpeg
content-length: 16097
last-modified: Mon, 27 Feb 2023 09:26:05 GMT
vary: Accept-Encoding
etag: "63fc772d-3ee1"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=86400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L2YCEqItAjiGI4AnLJPJld6wEmkOVCOMGXkiUmnFUR9NgTY6tq7Sg%2FX0zyLrzkM6rW1Dx6fJ%2BG02AlnByve0q7i9hPAyOGkEck9tqW1x9PLkqOqJFQEAIymWDU%2BDyVfBNDiZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840a2ec1712d-OSL
alt-svc: h3=":443"; ma=86400
|
|
| littlecdn.com/apps/templates/questions/video-bg/css/theme/green.css?v=123 | 104.22.25.116 | 200 OK | 432 B |
URL GET HTTP/2littlecdn.com/apps/templates/questions/video-bg/css/theme/green.css?v=123 IP104.22.25.116:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerLet's Encrypt Subjectlittlecdn.com Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT
File typeASCII text, with very long lines (445), with no line terminators Hashd72725a1b3fca0012fb1c489698e851b 235b773f0779434ad997fb4b072a315dd84ec445 958ad2f46e1d5f81e1f8226fa392cafe2a363381bb18e28ae06e4cf7cda579d3
GET /apps/templates/questions/video-bg/css/theme/green.css?v=123 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: text/css
last-modified: Wed, 17 Apr 2024 11:33:14 GMT
vary: Accept-Encoding
etag: W/"661fb37a-1b0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 5863
server: cloudflare
cf-ray: 87628409bc510afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| staujaupsamt.com/sw-check-permissions/6243280?var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uhd=1&zoneId=6243280 | 104.21.86.149 | 200 OK | 1.3 kB |
URL GET HTTP/3staujaupsamt.com/sw-check-permissions/6243280?var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uhd=1&zoneId=6243280 IP104.21.86.149:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerGoogle Trust Services LLC Subjectstaujaupsamt.com Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22 ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT
File typeASCII text, with very long lines (1422), with no line terminators Hash7d8ac50f006ff6982cceb8768e329838 19254f02fdc0d52b55a9eff5eb0d091f22a8052c 5ec4b46640482ca384a1846ac928b2501354351bcc198387c9978f8a610e3e9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw-check-permissions/6243280?var=%7Bzoneid%7D&ymid=%7Brequest_var%7D&uhd=1&zoneId=6243280 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bUSXmNoZ68aAcioyVtIBRGu%2BoEk%2FkranYpy2sCmEqFzmKh8JVmZcWXvJxYtypAtH7wwUZJvoS2qV%2F3Y%2B3U3sSTI93i3g7XQxxxTcynC4bzDhqtfnj6%2F0ZetmL4W3QyG8TwPi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840b1fe4712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| staujaupsamt.com/?l=QZMsMkz8VL07Y6L | 104.21.86.149 | 200 OK | 61 kB |
URL User Request GET HTTP/2staujaupsamt.com/?l=QZMsMkz8VL07Y6L IP104.21.86.149:443
CertificateIssuerGoogle Trust Services LLC Subjectstaujaupsamt.com Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22 ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT
File typeHTML document, ASCII text, with very long lines (3300) Hash0aa5e8efbccb80917c93c7997fc7e1a5 677664c6d3053692f4e5d5a94a8432dd2f968e40 12e8d383e36017f782878c3d0ceeb7b68bd5141587c9476222805aeccbad800f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /?l=QZMsMkz8VL07Y6L HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; expires=Thu, 18-Apr-2024 07:14:38 GMT; Max-Age=3600; path=/
OAID=1cd616bed1345f49badf9f67ec2c8904; expires=Fri, 04-Aug-2079 12:29:16 GMT; Max-Age=1744956878; path=/
oaidts=1713420878; expires=Fri, 04-Aug-2079 12:29:16 GMT; Max-Age=1744956878; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJpVhrA9MY0XOUw5Xt9AGPS9uFAd251dZI23vUNUKoEILp%2Bl6otvZ%2BsGnXD542Mhy5iKbuIVHFOlD2mZzGQanYDwvjyeXn%2B7JT145WwYYqTr7GtHTShjz77kDYT47XXOzjYF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628407499fb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| staujaupsamt.com/pfe/current/micro.tag.min.js?uhd=1&z=6243280&ymid={request_var}&var={zoneid}&sw=/sw-check-permissions/6243280&os_version=x86.64 | 104.21.86.149 | 200 OK | 36 kB |
URL GET HTTP/3staujaupsamt.com/pfe/current/micro.tag.min.js?uhd=1&z=6243280&ymid={request_var}&var={zoneid}&sw=/sw-check-permissions/6243280&os_version=x86.64 IP104.21.86.149:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerGoogle Trust Services LLC Subjectstaujaupsamt.com Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22 ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT
File typeJavaScript source, ASCII text, with very long lines (36528), with no line terminators Hashb64d3763f9aa99e7edc76dc0dd29d030 9b5d6da9384fe75fcc5a4f79ad2cde0399bfd523 e64712048ba884038027c9037196f430b7ae020a3ec9679dfd577a6fb58f9de3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?uhd=1&z=6243280&ymid={request_var}&var={zoneid}&sw=/sw-check-permissions/6243280&os_version=x86.64 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/javascript
last-modified: Tue, 16 Apr 2024 15:57:13 GMT
vary: Accept-Encoding
etag: W/"661e9fd9-8eb0"
access-control-allow-credentials: true
cache-control: max-age=86400
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bNcZ6joC%2Bj5ZOrtSpXBUJsmtOroX4aqwKwnPi5rcdzBoOu0pw0R1XZWSxyMH%2BbVFKmrxMNN%2B5JmmD8V95dU42jjchBUVFlgRGK2sLmw6Dp2yxgmkVHxH4GXW39acfYNUvDIA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87628409ae2d712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| staujaupsamt.com/?l=QZMsMkz8VL07Y6L&mprtr=1&os_version=x86.64 | 104.21.86.149 | 200 OK | 2 B |
URL POST HTTP/3staujaupsamt.com/?l=QZMsMkz8VL07Y6L&mprtr=1&os_version=x86.64 IP104.21.86.149:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerGoogle Trust Services LLC Subjectstaujaupsamt.com Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22 ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /?l=QZMsMkz8VL07Y6L&mprtr=1&os_version=x86.64 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://staujaupsamt.com
DNT: 1
Connection: keep-alive
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VtcU8E1Botju4CYAc03NjMorOH2kU9IBWCNIWd59cXHjQUtWA8XTb%2FcgFyLDASfRTYZs2lpquodo7x8K0zdUK7dZtqXLXWYTkCPDhe%2FFVLMN0e04qetJF41qqwpbhVZjc6mO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840adfa2712d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| staujaupsamt.com/track-impression-applab?z={zoneid}&b={bannerid}&ymid=&var=&var_3=&redirect=false&redirectUrl=https%3A%2F%2Fattr.itpub.cc%2Fiha%2Fxfle98%2Fmt%2Fc%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3D324728%253A%7Bzoneid%7D%253A%7Brequest_var%7D%253A1%253A%7Bbrowser%7D%26mt_sub2%3D%7Bzoneid%7D%26mt_creative%3D%7Bbannerid%7D%26land_state%3Dbefore_render%26land_id%3DQZMsMkz8VL07Y6L%26land_generation_time%3D2024-04-18_01%3A14%3A38%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D1cd616bed1345f49badf9f67ec2c8904%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64 | 104.21.86.149 | 200 OK | 802 B |
URL GET HTTP/3staujaupsamt.com/track-impression-applab?z={zoneid}&b={bannerid}&ymid=&var=&var_3=&redirect=false&redirectUrl=https%3A%2F%2Fattr.itpub.cc%2Fiha%2Fxfle98%2Fmt%2Fc%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3D324728%253A%7Bzoneid%7D%253A%7Brequest_var%7D%253A1%253A%7Bbrowser%7D%26mt_sub2%3D%7Bzoneid%7D%26mt_creative%3D%7Bbannerid%7D%26land_state%3Dbefore_render%26land_id%3DQZMsMkz8VL07Y6L%26land_generation_time%3D2024-04-18_01%3A14%3A38%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D1cd616bed1345f49badf9f67ec2c8904%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64 IP104.21.86.149:443
Requested byhttps://staujaupsamt.com/?l=QZMsMkz8VL07Y6L CertificateIssuerGoogle Trust Services LLC Subjectstaujaupsamt.com Fingerprint9F:41:3C:60:F4:A1:C1:5D:9F:DB:3C:FF:0B:8A:85:24:59:74:48:22 ValidityFri, 05 Apr 2024 09:44:54 GMT - Thu, 04 Jul 2024 09:44:53 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (858), with no line terminators Hash946465070aca7079866fbe5df2fc5bbf 990bd9b80f092d963358c77f54aa36ff7f785a34 828b791139f337a8314392a9b391823c79b352f648e0b9ef76eeb512a3c9efca
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track-impression-applab?z={zoneid}&b={bannerid}&ymid=&var=&var_3=&redirect=false&redirectUrl=https%3A%2F%2Fattr.itpub.cc%2Fiha%2Fxfle98%2Fmt%2Fc%3Fmt_gaid%3D%7Bmt_gaid%7D%26did%3D%24%7BSUBID%7D%26mt_sub1%3D324728%253A%7Bzoneid%7D%253A%7Brequest_var%7D%253A1%253A%7Bbrowser%7D%26mt_sub2%3D%7Bzoneid%7D%26mt_creative%3D%7Bbannerid%7D%26land_state%3Dbefore_render%26land_id%3DQZMsMkz8VL07Y6L%26land_generation_time%3D2024-04-18_01%3A14%3A38%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D1cd616bed1345f49badf9f67ec2c8904%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64 HTTP/1.1
Host: staujaupsamt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://staujaupsamt.com/?l=QZMsMkz8VL07Y6L
DNT: 1
Connection: keep-alive
Cookie: reverse=B8Ah0AZW9XrfBuoRiCBvvlxW-9dwPhN4UQxPZO8Na58; OAID=1cd616bed1345f49badf9f67ec2c8904; oaidts=1713420878; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 06:14:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 0223d680eed4a33a9002b8c3979cc8b5
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=emS7Mi8HsGSJbpbwxnJ6PYutE372ay7ETmN5j7DeSN6R%2F%2FL3WbfgNDqDKxOVtt6MVVgU472Asl1hbmegUKnmVEKs9Glp3knB1GqpDzb%2F%2Be5%2BuFE9JCd3e%2BPzsJJ7HI3boVcE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8762840aefb7712d-OSL
alt-svc: h3=":443"; ma=86400
|
|