| phaubsunsi.com/_next/static/chunks/c298f066cdf5eea8-1741265143266.10859a08deafb1af.js |  172.64.150.45 | 200 OK | 6.6 kB |
URL GET phaubsunsi.com/_next/static/chunks/c298f066cdf5eea8-1741265143266.10859a08deafb1af.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (6895), with no line terminators Hashaeff3de13f66fd44d8c02feb07c95c86 53646bb12db0aa5d16437c37c256a62cafc5f9ba 9bdd47d76debb0ecd9cd15a2c785502c273e67963924468a879e42dfe031339a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/c298f066cdf5eea8-1741265143266.10859a08deafb1af.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:54 GMT
vary: Accept-Encoding
etag: W/"67c99b5a-19ce"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551634acab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/4a836005f8bcf7a4-1741265143266.fff493d2a43c55d5.js | 172.64.150.45 | 200 OK | 453 B |
URL GET phaubsunsi.com/_next/static/chunks/4a836005f8bcf7a4-1741265143266.fff493d2a43c55d5.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (459), with no line terminators Hash4ee9a52fa5b221544de592b9b9658c44 36a90b9107106989de9b10c9aec69c1d50d055de adb8d405568e5be15d68e01bd893732448cfc5e1aa1c047257d6b8258e556a90
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4a836005f8bcf7a4-1741265143266.fff493d2a43c55d5.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1c5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55164fc11b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/38dae10dbd075567-1741265143266.6d500431489e3107.js | 172.64.150.45 | 200 OK | 449 B |
URL GET phaubsunsi.com/_next/static/chunks/38dae10dbd075567-1741265143266.6d500431489e3107.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (455), with no line terminators Hashc3909e39f684d50598cd82eebdcaf59b 3e8002d90756209e1df519b7d3cfe4bc675f6e7b 4af3aada23b3341b12e82b280d69a8dc53c525af41fd4122244ed7bde42675dc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/38dae10dbd075567-1741265143266.6d500431489e3107.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55164fc1ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/person-30.5b232ba9.webp | 172.64.150.45 | 200 OK | 3.8 kB |
URL GET phaubsunsi.com/_next/static/media/person-30.5b232ba9.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash994b3a71a57969afe8d521fd99a21516 b1514932a55c1f324b7fb7796ed129af08d3e419 b5b6aded70b2da4c2e3a2245b6540765e9b9e89f425051523a060d1a6da4f28a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-30.5b232ba9.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 3816
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-ee8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551677e36b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/person-23.2dcc174b.webp | 172.64.150.45 | 200 OK | 2.7 kB |
URL GET phaubsunsi.com/_next/static/media/person-23.2dcc174b.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4746d6a5440c9d2bf1d664cc20728712 6a0c11ef040b9fbba1c6d3817580830ff1c7d241 64b4ba5c7c8318844916c00ed13e9853a4453b9ef1f2c7d49292200e45e69d30
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-23.2dcc174b.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 2678
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-a76"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551677e39b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 0 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c551699e9a56c6-OSL
X-Firefox-Spdy: h2
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 0 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c5516a1f2a56c6-OSL
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea | 172.64.150.45 | 200 OK | 117 kB |
URL User Request GET phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea IP172.64.150.45:443
CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
Size117 kB (116780 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:33:58 GMT
content-type: text/html
cf-ray: 91c5515dfd40b512-OSL
cf-cache-status: HIT
age: 642
cache-control: public, max-age=3600
expires: Thu, 06 Mar 2025 23:33:58 GMT
last-modified: Thu, 06 Mar 2025 12:52:29 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/chunks/c0f3edd3515d9c5f-1741265143266.188d10dcf199966c.js | 172.64.150.45 | 200 OK | 2.2 kB |
URL GET phaubsunsi.com/_next/static/chunks/c0f3edd3515d9c5f-1741265143266.188d10dcf199966c.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2276), with no line terminators Hash671742ed9aac5da698d38d80a90eb775 999e8bbdb575a3a3909abe0161f08046c7f9e82e c8eed3e775bb4b273a6d033c9279834cc6e20aed06e2824506140a3c6845884e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/c0f3edd3515d9c5f-1741265143266.188d10dcf199966c.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-891"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160a858b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/624f56eeee3114bf-1741265143266.26e21342eb44f646.js | 172.64.150.45 | 200 OK | 654 B |
URL GET phaubsunsi.com/_next/static/chunks/624f56eeee3114bf-1741265143266.26e21342eb44f646.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (681), with no line terminators Hash0d5d89266b8ecdf6ae599c7039c0afae 771b53f584040ae6aed3ce105915024990db3fd8 78dfe025bb7e494cfe67ab43354579ba1f6cda33342dff5e85928a9307288899
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/624f56eeee3114bf-1741265143266.26e21342eb44f646.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-28e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55163db36b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/2bdd4d62f9c07d78-1741265143266.c58aa1c95e09907f.js | 172.64.150.45 | 200 OK | 449 B |
URL GET phaubsunsi.com/_next/static/chunks/2bdd4d62f9c07d78-1741265143266.c58aa1c95e09907f.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (455), with no line terminators Hash6856d9e4ade1e8756d20ff3f000e4011 a5ebe7acede23f1bbdb5c868112ef51b767a0277 7ebec28980bdf99f4a5571ed93ee10d8a3739ef067a084c4ccf40c434187fa33
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2bdd4d62f9c07d78-1741265143266.c58aa1c95e09907f.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55164fc10b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/favicon.ico | 172.64.150.45 | 204 No Content | 0 B |
URL GET phaubsunsi.com/favicon.ico IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Thu, 06 Mar 2025 22:34:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
priority: u=6,i=?0
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c551668d56b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/i3SvS8x8E4zyEJr051Ozh/_buildManifest.js | 172.64.150.45 | 200 OK | 1.1 kB |
URL GET phaubsunsi.com/_next/static/i3SvS8x8E4zyEJr051Ozh/_buildManifest.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeASCII text, with very long lines (1143), with no line terminators Hash9571e1eea08fbf923e92a7246d6f9be2 a09384ee3ea71b7d71951a4927bcd599eee2171c decd490225e67c650e4e1f963f65f605baf51336f394b5c6e7f29d523d58c6c2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/i3SvS8x8E4zyEJr051Ozh/_buildManifest.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-43d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160c8a7b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/megaphone.ab784acd.webp | 172.64.150.45 | 200 OK | 770 B |
URL GET phaubsunsi.com/_next/static/media/megaphone.ab784acd.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash66a5e8404b4514c579de67193ceae684 f41725c0b728ace6b8a7a328104ab25ae12eb778 71550ce5c0583f2db91a7644ae869cb122cbc76f5718915e789243d6297d5f89
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/megaphone.ab784acd.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: image/webp
content-length: 770
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-302"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4696
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551627a21b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/views.3ac91604.webp | 172.64.150.45 | 200 OK | 1.1 kB |
URL GET phaubsunsi.com/_next/static/media/views.3ac91604.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe97abf6f136d9497fc14cb9e72b2c636 51f062d0abe008f75f96ad377deea587d47c381c b462d5f38bf4519ff8232bcaa8c7e7420ed95c2a5e0d180565013aa7f3437776
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/views.3ac91604.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: image/webp
content-length: 1074
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-432"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4696
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551627a23b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/person-22.cbaa9850.webp | 172.64.150.45 | 200 OK | 3.2 kB |
URL GET phaubsunsi.com/_next/static/media/person-22.cbaa9850.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash377c84ac3a10263b980eeed8ab2a73f7 ad73fc8367fc194d5e83ea5aa22822268eaf16e4 b9031957e3bd988575ea286e1da3a9dda53e4bcf133acc33fae1176208c48924
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-22.cbaa9850.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 3178
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-c6a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551677e3eb4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 0 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 452
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c55169980e0b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/chunks/115eef6168793798-1741265143266-b688a7e6ecb13e03.js | 172.64.150.45 | 200 OK | 29 kB |
URL GET phaubsunsi.com/_next/static/chunks/115eef6168793798-1741265143266-b688a7e6ecb13e03.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (28638), with no line terminators Hash57ab06478da615dcb1773cb8219b45ad d38bd0b56aeba1c740e94a9f7c3a373feb2e76ea 8b480de9f777c4ff8a544b23c016e9468008df8b020f0df1a0ca39542c50310d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/115eef6168793798-1741265143266-b688a7e6ecb13e03.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:46 GMT
vary: Accept-Encoding
etag: W/"67c99b52-6fde"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160b888b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/f141f7458f59f103-1741265143266.7b1724452fb2a85f.js | 172.64.150.45 | 200 OK | 3.4 kB |
URL GET phaubsunsi.com/_next/static/chunks/f141f7458f59f103-1741265143266.7b1724452fb2a85f.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3455), with no line terminators Hash6e546c711b4ac677652d2ccfe1044279 24dc123e33c29b0e8be2067b1047a6c7abe83a96 667d8b62d049e0a97606c7759940291358b1c2c4fd94329a12dd03dbf66acc06
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/f141f7458f59f103-1741265143266.7b1724452fb2a85f.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:56 GMT
vary: Accept-Encoding
etag: W/"67c99b5c-d37"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551631a9db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/242ad9848e8ece8a-1741265143266.b1943e20729c92aa.js | 172.64.150.45 | 200 OK | 457 B |
URL GET phaubsunsi.com/_next/static/chunks/242ad9848e8ece8a-1741265143266.b1943e20729c92aa.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (463), with no line terminators Hash4143f6c793bb98263870ac8c849f4970 7ba56dcc28f306b6c41971f84c2eb6f98bf11d00 2562831b622957f9c72ee7c215709c63a5c14ab92260a591f7cb6ebe78726b82
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/242ad9848e8ece8a-1741265143266.b1943e20729c92aa.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1c9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55163eb40b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 0 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c5516a1f2b56c6-OSL
X-Firefox-Spdy: h2
|
|
| foogeetoary.net/link?z=8692407&var=9005588&ymid=cv525lirbtus739jqrk0 | 172.64.154.96 | 302 Found | 117 kB |
URL User Request GET foogeetoary.net/link?z=8692407&var=9005588&ymid=cv525lirbtus739jqrk0 IP172.64.154.96:80
Size117 kB (116780 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /link?z=8692407&var=9005588&ymid=cv525lirbtus739jqrk0 HTTP/1.1
Host: foogeetoary.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Thu, 06 Mar 2025 22:33:58 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Accept-Ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
Link: <https://saigopooramee.net>; rel="dns-prefetch preconnect"
Referrer-Policy: no-referrer
Location: https://saigopooramee.net/link?z=3956710&var=8692407
Set-Cookie: OAID=0481842fe85f46e0f24cc09de9590423; expires=Fri, 06 Mar 2026 22:33:58 GMT
oaidts=1741300438; expires=Fri, 06 Mar 2026 22:33:58 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
cf-cache-status: DYNAMIC
Server: cloudflare
CF-RAY: 91c5515c4a5c5685-OSL
|
|
| phaubsunsi.com/_next/static/chunks/87d4f301da90027c-1741265143266.6c924336fe91d465.js | 172.64.150.45 | 200 OK | 469 B |
URL GET phaubsunsi.com/_next/static/chunks/87d4f301da90027c-1741265143266.6c924336fe91d465.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (475), with no line terminators Hasha076bf21751bc141e97406fbb584fac5 8064e789e206492b6038a0ee3756f6c2d384df7b 9ae20e9dcbb6a5533157562cd1834a3d304dcd6b77d3788b113ad86ad9daafe5
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/87d4f301da90027c-1741265143266.6c924336fe91d465.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1d5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551642b7bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/e5f78f6f8e725c3d-1741265143266.b91bf7e15b6154bb.js | 172.64.150.45 | 200 OK | 453 B |
URL GET phaubsunsi.com/_next/static/chunks/e5f78f6f8e725c3d-1741265143266.b91bf7e15b6154bb.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (459), with no line terminators Hash33014746e0401d5b543e8023042ee62f 599d33cf6fe6eb0b555145b2af56136cc278e83b 0c0f1e65045edffc1ef8bdda1eea4e92646327fdc3d4b2653f7100cf346edd55
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/e5f78f6f8e725c3d-1741265143266.b91bf7e15b6154bb.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1c5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551643b80b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET cdntechone.com/stattag.js IP188.114.97.1:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectcdntechone.com FingerprintDC:31:A0:CC:76:0E:5C:E3:45:17:43:52:62:B5:29:18:F1:70:D7:FE ValidityTue, 11 Feb 2025 05:59:25 GMT - Mon, 12 May 2025 06:58:07 GMT
File typeJavaScript source, ASCII text, with very long lines (15840) Hash80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6293
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KTwrORjklvjdtttzKY9CTHFl5YFN4QupQ7txYY6RLAVS7Lz31WGBQWQeY%2BeomfSg4TWW5IoK1r9S%2Fkg5a5tjOEqGGKST6h9KRqx2Ek3ydOHWKHgmScBtQEIKXlGt6088GA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c551658db3b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1679&min_rtt=529&rtt_var=1770&sent=15&recv=13&lost=0&retrans=0&sent_bytes=11542&recv_bytes=1118&delivery_rate=18100000&cwnd=256&unsent_bytes=0&cid=a7424d9d54989d7d&ts=68&x=0"
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/media/person-24.d744f92b.webp | 172.64.150.45 | 200 OK | 2.7 kB |
URL GET phaubsunsi.com/_next/static/media/person-24.d744f92b.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash588ec8375786f1eca8d929945e56ce3c 776a27723c235d2ae8d59985c8c9e679effe6498 94e7731534edf0b837ca2d0df13c89976d94cf63e4b603396f08128962c6e90e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-24.d744f92b.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 2650
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-a5a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551677e3cb4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| roachezouy.com/zone?pub=0&zone_id=8565771&is_mobile=false&domain=phaubsunsi.com&var=3956710&ymid=8692407&var_3=&var_4=&dsig=&tg=1&sw=3.1.598&trace_id=770cd3d5-0f39-4993-bac2-ca746c049b1f&action=prerequest&drf= | 172.64.144.114 | 200 OK | 0 B |
URL POST roachezouy.com/zone?pub=0&zone_id=8565771&is_mobile=false&domain=phaubsunsi.com&var=3956710&ymid=8692407&var_3=&var_4=&dsig=&tg=1&sw=3.1.598&trace_id=770cd3d5-0f39-4993-bac2-ca746c049b1f&action=prerequest&drf= IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /zone?pub=0&zone_id=8565771&is_mobile=false&domain=phaubsunsi.com&var=3956710&ymid=8692407&var_3=&var_4=&dsig=&tg=1&sw=3.1.598&trace_id=770cd3d5-0f39-4993-bac2-ca746c049b1f&action=prerequest&drf= HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c5516a18710b65-OSL
X-Firefox-Spdy: h2
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 0 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 455
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c551694fc60b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=d868d971-29bb-40a0-9059-b5e691be580c |  139.45.195.253 | 200 OK | 12 B |
URL POST datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=d868d971-29bb-40a0-9059-b5e691be580c IP139.45.195.253:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerSectigo Limited Subjectdatatechonert.com FingerprintED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72 ValidityWed, 11 Dec 2024 00:00:00 GMT - Tue, 23 Dec 2025 23:59:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash6949f52318584a4b51c719a9b84a7287 9fbd870c6afd4bdd6fbbd87f52df2c81dd23e905 72603096ec3515dbc615ab8837fd1b15e91ee827bc7af41d71c9882b08699375
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=d868d971-29bb-40a0-9059-b5e691be580c HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1549
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Thu, 06 Mar 2025 22:34:01 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://phaubsunsi.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| phaubsunsi.com/_next/static/chunks/e1178574a1ad221d-1741265143266.7389e70158c8b007.js | 172.64.150.45 | 200 OK | 14 kB |
URL GET phaubsunsi.com/_next/static/chunks/e1178574a1ad221d-1741265143266.7389e70158c8b007.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (13995), with no line terminators Hash85ecf414640781ef1b7a0a7c54991237 c49804383f6b18ffb6c0ad122a357bf608a26c5d be4184ae0d17a36a10d52baf63124decae4424840aa9d0714896b4958cde3962
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/e1178574a1ad221d-1741265143266.7389e70158c8b007.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:55 GMT
vary: Accept-Encoding
etag: W/"67c99b5b-36ab"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2908
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160982eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/9695121bd9a7fe25-1741265143266-946071a7570e0cdb.js | 172.64.150.45 | 200 OK | 109 kB |
URL GET phaubsunsi.com/_next/static/chunks/9695121bd9a7fe25-1741265143266-946071a7570e0cdb.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (109045 bytes) Hashf0cf941f62457cf06c31736327d88bdf cbfd6e1399241d17a3283d96abae10600ea71e32 ee6528aa1d16ef12fe13a5cbb75dc65d5bb0e1e3315c40aa04c9b6ceba7b9b9a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9695121bd9a7fe25-1741265143266-946071a7570e0cdb.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:52 GMT
vary: Accept-Encoding
etag: W/"67c99b58-1a9f5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160c89bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=3956710&ymid=8692407&b=8160420&campaignid=4105106&click_id=921643377980879207&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=roachezouy.com&var_2=921643377980879207 | 172.64.150.45 | 200 OK | 46 kB |
URL GET phaubsunsi.com/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=3956710&ymid=8692407&b=8160420&campaignid=4105106&click_id=921643377980879207&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=roachezouy.com&var_2=921643377980879207 IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (46529), with no line terminators Hash07a245d2c69a92636bc072fde7af27f6 132e07d092df7206903bf189d16338c0a2597375 d46b06d0f554ef07147c36b70c070e542408c299e90192f340287fdd0beda5f1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=3956710&ymid=8692407&b=8160420&campaignid=4105106&click_id=921643377980879207&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=roachezouy.com&var_2=921643377980879207 HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 09:35:57 GMT
vary: Accept-Encoding
etag: W/"67c96c7d-b5c1"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
cf-cache-status: MISS
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551626a19b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/heart.53f2cd83.webp | 172.64.150.45 | 200 OK | 866 B |
URL GET phaubsunsi.com/_next/static/media/heart.53f2cd83.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5ccd0e0b546c18b101aee4ddd519981d 9713e1200e35c8c3f682fa792fda89b898cf7aca b489e2b31ce3037d8e68aa8acb36df8d726f489ea28a0aa2bb107487cf371348
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/heart.53f2cd83.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: image/webp
content-length: 866
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-362"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4696
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551626a1bb4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/6d79ccd3b608095e-1741265143266.becb6280ad7b6c58.js | 172.64.150.45 | 200 OK | 6.1 kB |
URL GET phaubsunsi.com/_next/static/chunks/6d79ccd3b608095e-1741265143266.becb6280ad7b6c58.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6238), with no line terminators Hash26175787038d9ccf2e640590d87a4514 107618c3d5d1014c72e0791fb62c1b25902cc029 3379e8363345f9b02a6e05c3b9629620390fa671dd5349017417d1da6c6b3cec
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6d79ccd3b608095e-1741265143266.becb6280ad7b6c58.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:50 GMT
vary: Accept-Encoding
etag: W/"67c99b56-17fc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4733
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551630a8bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/sync-metrics | 172.64.150.45 | 200 OK | 17 B |
URL POST phaubsunsi.com/sync-metrics IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash225f751e75610b98f8b287e79370be3a 9e29d2c966fb36f3d233dfb232be6eeeee8f1341 0b19f26f50f17771f6562e4cf8c7bead37ba5aeeeec7cbfaf2576a6647401569
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 593
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: f05633e5a35b94059850f2aa4e40d353
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
priority: u=6,i=?0
server: cloudflare
cf-ray: 91c55163ab22b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/af846a0375549403-1741265143266.0d49c7577f644722.js | 172.64.150.45 | 200 OK | 465 B |
URL GET phaubsunsi.com/_next/static/chunks/af846a0375549403-1741265143266.0d49c7577f644722.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (471), with no line terminators Hash077416798998a684ff40fb3863cbc0a0 3641e4f818e4b2be2175e64a1f4be13510d17084 ec079bf75e188a1175a464e4e542cfa4c5edfd0e4473476df1db3dbadf7218b2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/af846a0375549403-1741265143266.0d49c7577f644722.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1d1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551642b6fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET cdntechone.com/stattag.js IP188.114.97.1:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectcdntechone.com FingerprintDC:31:A0:CC:76:0E:5C:E3:45:17:43:52:62:B5:29:18:F1:70:D7:FE ValidityTue, 11 Feb 2025 05:59:25 GMT - Mon, 12 May 2025 06:58:07 GMT
File typeJavaScript source, ASCII text, with very long lines (15840) Hash80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:01 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6295
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uockvyCW%2F95SEnJx0E%2FtoK2iKJ3G%2FiLcgpRny1gUw9ZKQxIjtXtSFEMdXiDelBWTHbINCJ%2BB4Hh6hwKy%2BgHFvO3LxRKnm6ZYJ4K1ALMF5pYfMa%2FH0v7%2BCi6g80v6i%2F6QZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c551709ae0b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6726&min_rtt=5390&rtt_var=2975&sent=14&recv=8&lost=0&retrans=0&sent_bytes=4187&recv_bytes=1158&delivery_rate=109258&cwnd=12000&unsent_bytes=0&cid=8b97289e98a2afbd&ts=1755&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| phaubsunsi.com/_next/static/chunks/1c02c3e681ea9f6d-1741265143266-ebf163de3da5e125.js | 172.64.150.45 | 200 OK | 27 kB |
URL GET phaubsunsi.com/_next/static/chunks/1c02c3e681ea9f6d-1741265143266-ebf163de3da5e125.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (26652), with no line terminators Hash13e53dcb0fdd948fbae71fc9917d49fb 4675d37e2bf9648c797ae16186ac79d657152030 267cc8e20007a5dbeaf155c721cdbe4a2d49b003719fc9fc4b73cc738a54a5f3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1c02c3e681ea9f6d-1741265143266-ebf163de3da5e125.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:47 GMT
vary: Accept-Encoding
etag: W/"67c99b53-681c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160b88eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/81e2e5c30e8af1ae-1741265143266.1347f88c113f97c5.js | 172.64.150.45 | 200 OK | 25 kB |
URL GET phaubsunsi.com/_next/static/chunks/81e2e5c30e8af1ae-1741265143266.1347f88c113f97c5.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/81e2e5c30e8af1ae-1741265143266.1347f88c113f97c5.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:51 GMT
vary: Accept-Encoding
etag: W/"67c99b57-605d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551609830b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/person-25.ac4643c8.webp | 172.64.150.45 | 200 OK | 3.5 kB |
URL GET phaubsunsi.com/_next/static/media/person-25.ac4643c8.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashdeb40bd76e48cd42768b79209e86a3e1 f1c245678ceb1c1b44a22fb00b200df9163f759f 50e6d80fe2e54da55690357d51c6dc8526bada04ec1cbb454ec6d5501170c5d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-25.ac4643c8.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 3542
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-dd6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551677e32b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/3cacc58ea516fe6f-1741265143266.4d666b3ce7dcd66f.js | 172.64.150.45 | 200 OK | 30 kB |
URL GET phaubsunsi.com/_next/static/chunks/3cacc58ea516fe6f-1741265143266.4d666b3ce7dcd66f.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (29982), with no line terminators Hashf6ad5b7a5dfc198984b0f2f9dd8aa9a0 0c3bb432b998f3638fe41081b19ef96b953f88b6 ce950b2111c9e70202bb55f16d2995155499ad9a6c842fa5946367536f130216
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3cacc58ea516fe6f-1741265143266.4d666b3ce7dcd66f.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:48 GMT
vary: Accept-Encoding
etag: W/"67c99b54-751e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2908
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160982cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/bf7348b0f0f41677-1741265143266.c33e54f82eec272e.js | 172.64.150.45 | 200 OK | 30 kB |
URL GET phaubsunsi.com/_next/static/chunks/bf7348b0f0f41677-1741265143266.c33e54f82eec272e.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (30026), with no line terminators Hashe355310f27c8059ff791634ff21732be 52686ba1870e0eae23aadc029bdb631b6262662f ecef836065811aca160b94c51f6fbe46e7a49944e7a3f919ed44dfdbecadcc29
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/bf7348b0f0f41677-1741265143266.c33e54f82eec272e.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:54 GMT
vary: Accept-Encoding
etag: W/"67c99b5a-754a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160b879b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/8fc6f0c1ec74df4d-1741265143266.a6b08a46df5a07d6.js | 172.64.150.45 | 200 OK | 449 B |
URL GET phaubsunsi.com/_next/static/chunks/8fc6f0c1ec74df4d-1741265143266.a6b08a46df5a07d6.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (455), with no line terminators Hash2899abaaca7ebca8137f9956f49255bc b0299ff2146427d399f3f7d90121bd3cc104299e 3a9d084b7f77f91b4734a6c73a9b57846ee38ef859b90d6e761db6946b78fe24
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8fc6f0c1ec74df4d-1741265143266.a6b08a46df5a07d6.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55163db3cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/16642289520928c9-1741265143266.cce7c766f8de695c.js | 172.64.150.45 | 200 OK | 385 B |
URL GET phaubsunsi.com/_next/static/chunks/16642289520928c9-1741265143266.cce7c766f8de695c.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (391), with no line terminators Hash4f4cca3bbbc43c9202524018cf7d8620 d9512e432b82a98e62d5f27d1373d9ff973c002f 0d6847aef607b198a1ee240473114614a93ada5936a1167594481d769f76f6d6
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/16642289520928c9-1741265143266.cce7c766f8de695c.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-181"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551646b98b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/sw-check-permissions/universal.js?var=3956710&ymid=8692407&zoneId=8565771&tg=1 | 172.64.150.45 | 200 OK | 1.2 kB |
URL GET phaubsunsi.com/sw-check-permissions/universal.js?var=3956710&ymid=8692407&zoneId=8565771&tg=1 IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeASCII text, with very long lines (1194), with no line terminators Hash1ebe5996321bd979d17c67f96d2a7cb7 67d8601f8dbc0aed55273222d54c3cf43c48c8e9 7a8a55b64174336827b0953bdf62c46bc13efff5fb72620728556bbc4a886f45
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sw-check-permissions/universal.js?var=3956710&ymid=8692407&zoneId=8565771&tg=1 HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:01 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:45 GMT
vary: Accept-Encoding
etag: W/"67c99b51-494"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4697
expires: Thu, 06 Mar 2025 23:34:01 GMT
cache-control: public, max-age=3600
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c5516c5a0bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 81 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashcf100756b016c7f49b0c649b84727216 e6be9c37ab3d6bdea638966e16b83b2c51a9a541 00a2e7435c56baa64437a69cc1b0aa39ba7f3821c31047c52df5cc9b01853dc1
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 534
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:01 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c5516c8a0f0b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| girls-only.online/c3aml6k.php?key=31b5e5b66cb79f19795b&visitor_id=921643030916636672&cost=0.008200&zoneid=9005588&campaignid=9016732&banner=22888404&browser=safari&os=ios&osversion=ios17&country=GB&language=en&device=iphone&user_activity=high |  49.12.173.231 | 307 Temporary Redirect | 117 kB |
URL User Request GET girls-only.online/c3aml6k.php?key=31b5e5b66cb79f19795b&visitor_id=921643030916636672&cost=0.008200&zoneid=9005588&campaignid=9016732&banner=22888404&browser=safari&os=ios&osversion=ios17&country=GB&language=en&device=iphone&user_activity=high IP49.12.173.231:443 ASN#24940 Hetzner Online GmbH
CertificateIssuerLet's Encrypt Subjectgirls-only.online Fingerprint9F:DA:EF:D6:26:99:F4:BF:20:C0:DD:21:BF:67:FE:B7:47:D9:2E:9A ValidityMon, 03 Feb 2025 09:36:07 GMT - Sun, 04 May 2025 09:36:06 GMT
Size117 kB (116780 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c3aml6k.php?key=31b5e5b66cb79f19795b&visitor_id=921643030916636672&cost=0.008200&zoneid=9005588&campaignid=9016732&banner=22888404&browser=safari&os=ios&osversion=ios17&country=GB&language=en&device=iphone&user_activity=high HTTP/1.1
Host: girls-only.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Thu, 06 Mar 2025 22:33:58 GMT
location: http://foogeetoary.net/link?z=8692407&var=9005588&ymid=cv525lirbtus739jqrk0
server: Caddy
set-cookie: uclick=zumIlF1bO9k13uLyamCYtnQ1KscVzeCxX3nCDtjZAz5w+9DLslcrpOTRX4RtqwwNsAX6tj/c; Max-Age=31536000; SameSite=Lax
bcid=cv525lirbtus739jqrk0; Max-Age=31536000; SameSite=Lax
x-request-id: c128786d-7e82-45b7-b7c6-1ee9a1b70755
content-length: 0
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/media/person-20.09d1a896.webp | 172.64.150.45 | 200 OK | 3.0 kB |
URL GET phaubsunsi.com/_next/static/media/person-20.09d1a896.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1f78bc57129ea9b186a1e5188365a659 8ba65af5977878c8d3e73ea05530dc00fbe8cc96 76bf9c644dcfca01fa95f7a64d7338cb1088dc4ae45fbfc852718cc9bc9b226e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-20.09d1a896.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 2950
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-b86"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551677e33b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/274741f174abf909-1741265143266.958405809ca3c63f.js | 172.64.150.45 | 200 OK | 43 kB |
URL GET phaubsunsi.com/_next/static/chunks/274741f174abf909-1741265143266.958405809ca3c63f.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42949), with no line terminators Hash9afaf937d53ecac3a63b70d5b988b5fc da3ec3b64b16c9a30f5e0710edaa433284fb21e2 10abbea3055739bcd94f45fcc3ce3373615e23780e404bbf257a545275fbad1b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/274741f174abf909-1741265143266.958405809ca3c63f.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:47 GMT
vary: Accept-Encoding
etag: W/"67c99b53-a7c5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160b883b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/6c6f40314822b7bc-1741265143266.4efce0441b8579a1.js | 172.64.150.45 | 200 OK | 3.4 kB |
URL GET phaubsunsi.com/_next/static/chunks/6c6f40314822b7bc-1741265143266.4efce0441b8579a1.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3545), with no line terminators Hash388170b8a956ca09e3d2840fee805a2b 37c1e70206b0433ad9d8aba17b2f59f8ba928c1a 44284f63a7924f7e4300c0a1fd15ade737156b31603d7d2b70e2171f62df3eca
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6c6f40314822b7bc-1741265143266.4efce0441b8579a1.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-d72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551635ae6b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/9f1c06aba0c14c68-1741265143266.ee78737e76521d31.js | 172.64.150.45 | 200 OK | 574 B |
URL GET phaubsunsi.com/_next/static/chunks/9f1c06aba0c14c68-1741265143266.ee78737e76521d31.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (576), with no line terminators Hash1f5c5bca5e2f055b1792b279d63b0579 35feb0cea898bc2a2173c05f10c5c7ca698a4ccf 261d8e4d7686726e007c83864b340e07e4ba81f12bbc6a7267b22449d526ab71
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9f1c06aba0c14c68-1741265143266.ee78737e76521d31.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:53 GMT
vary: Accept-Encoding
etag: W/"67c99b59-23e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551638b03b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/127efc6b078804ef-1741265143266.836af60a55ea3e5d.js | 172.64.150.45 | 200 OK | 461 B |
URL GET phaubsunsi.com/_next/static/chunks/127efc6b078804ef-1741265143266.836af60a55ea3e5d.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (467), with no line terminators Hashb614b0376e5f81de8cdce6303de0841e 3db3b10e3e48dd1dcd0c1cfa14e482b460137c34 9e03ab4cb6ab1ff090e69771327a534dffee7b9322cb3e9e8cf7e1bdfdf88823
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/127efc6b078804ef-1741265143266.836af60a55ea3e5d.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1cd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551643b81b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/3c56943bad654b4d-1741265143266.9a7fc97fdc6c3974.js | 172.64.150.45 | 200 OK | 449 B |
URL GET phaubsunsi.com/_next/static/chunks/3c56943bad654b4d-1741265143266.9a7fc97fdc6c3974.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (455), with no line terminators Hashfa05ba44235dbda2b264298db0cc6c79 0af61b59314f2e84e0d57b480a4d520ed5c2cad2 f7666b5ee4bef26bef8ad075329c87253f7448ec4aeb54a1a984c7dd0878424a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3c56943bad654b4d-1741265143266.9a7fc97fdc6c3974.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551645b8eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/person-34.06e19fb9.webp | 172.64.150.45 | 200 OK | 3.3 kB |
URL GET phaubsunsi.com/_next/static/media/person-34.06e19fb9.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash493a8bc5ee16e54e62892df5aa14b219 b1dc6e8e6a6384f3f4a878c02d117ebae7cc3c62 619b0b3512138a42972fa24f0d6d9cdb6f8b79ddf79c23374d3f411075b3988b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-34.06e19fb9.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 3342
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-d0e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551678e43b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 81 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash77db151a42cfd53905b59e2ec4678106 052dc55aedf2230ede65f39bba4f8fba3ff57441 4c4e771ab2eefce5dd63fe2c6a136646c35dbe5376dfb5bef4c917f062829ff3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 530
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c5516be9a80b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/css/0bc0cde260d08b97.css | 172.64.150.45 | 200 OK | 1.8 kB |
URL GET phaubsunsi.com/_next/static/css/0bc0cde260d08b97.css IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeASCII text, with very long lines (1843), with no line terminators Hash64b2b4fa42c7d558d735e2cd28ecf88a 03d6da6e55b1201b51689590520da495a9233d67 2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: text/css
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2908
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=2,i=?0
server: cloudflare
cf-ray: 91c551609828b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/8f2581ca04431b22-1741265143266.fe378dc874d64db4.js | 172.64.150.45 | 200 OK | 89 kB |
URL GET phaubsunsi.com/_next/static/chunks/8f2581ca04431b22-1741265143266.fe378dc874d64db4.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash2b1036f3f7e993b27ea343f4444d8057 5d61b8721d09170a57fbd61f12e9a40407af637a cb292d22c13d5e549822898597c873e23096130d3d7985cf44f690052aa85fd0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8f2581ca04431b22-1741265143266.fe378dc874d64db4.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:51 GMT
vary: Accept-Encoding
etag: W/"67c99b57-15d38"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160a84cb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/d7439aca7a8b9941-1741265143266.8c1253f2c9c376e0.js | 172.64.150.45 | 200 OK | 465 B |
URL GET phaubsunsi.com/_next/static/chunks/d7439aca7a8b9941-1741265143266.8c1253f2c9c376e0.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (471), with no line terminators Hash5070444a5a78ee0ece4f94b7160645fa 16c99c4e57dd99a6e8deded831fb6da7eebfa485 aced97608de9880d8279a915c52c7a22772d9abeb88130166f5a5d19ea32e546
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/d7439aca7a8b9941-1741265143266.8c1253f2c9c376e0.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1d1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551642b74b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 81 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashcee8fddf18db325fefa81acce790d09a fb717402e153c0368ba7738033d1ed304699f744 3a44605dba0b40ce7723eecb0385d9c3e97bd8fce15e245e71b36d8872e7a0d3
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 528
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:01 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c5516d0a720b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/chunks/06ff87a69ffa8402-1741265143266.20ef2bdcef5c98e3.js | 172.64.150.45 | 200 OK | 15 kB |
URL GET phaubsunsi.com/_next/static/chunks/06ff87a69ffa8402-1741265143266.20ef2bdcef5c98e3.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/06ff87a69ffa8402-1741265143266.20ef2bdcef5c98e3.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:46 GMT
vary: Accept-Encoding
etag: W/"67c99b52-3bb2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55162ea73b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 0 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
OPTIONS /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c5516a5f7256c6-OSL
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/chunks/c360d44ead919d7f-1741265143266.8e64f8e332b18007.js | 172.64.150.45 | 200 OK | 5.7 kB |
URL GET phaubsunsi.com/_next/static/chunks/c360d44ead919d7f-1741265143266.8e64f8e332b18007.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (5852), with no line terminators Hash02b0b02eee2c7bff2db3746d69069ae2 e9813188a3c66050555aa6a96e9dd04482b346d4 83955c2edeab43f1764c82908120a4a36c61e62a88a74e7ed6caf3587eaa54e0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/c360d44ead919d7f-1741265143266.8e64f8e332b18007.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:54 GMT
vary: Accept-Encoding
etag: W/"67c99b5a-1620"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160b886b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/e349ffdbb65d6c93-1741265143266-660e5b7e2e3b7996.js | 172.64.150.45 | 200 OK | 11 kB |
URL GET phaubsunsi.com/_next/static/chunks/e349ffdbb65d6c93-1741265143266-660e5b7e2e3b7996.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (10696), with no line terminators Hasha74e00413e639345f10d6d747a26073c 2ccea9e922104c2196ab706f445065fc5ad80dc1 4a0379bb0dad363ff14fff27cb471060748fe29f7f4986c5cfa64de51926f23b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/e349ffdbb65d6c93-1741265143266-660e5b7e2e3b7996.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:56 GMT
vary: Accept-Encoding
etag: W/"67c99b5c-29c8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160c8a1b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/e549923cec806ad1-1741265143266-762a7fc421fa78ec.js | 172.64.150.45 | 200 OK | 55 kB |
URL GET phaubsunsi.com/_next/static/chunks/e549923cec806ad1-1741265143266-762a7fc421fa78ec.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (55291), with no line terminators Hashd118d52e06f1d498ac16e7255a59a2ad 9b42c033c966130bc8a863daec316b77cb326f52 31695216fb8ed1ac60a4e8cd3220bb3deee77fdffdc30d311ae1c69202b69e7d
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/e549923cec806ad1-1741265143266-762a7fc421fa78ec.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:56 GMT
vary: Accept-Encoding
etag: W/"67c99b5c-d7fb"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160c8a4b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/03e2b47bcba3c890-1741265143266.b726b27e9fc71bcd.js | 172.64.150.45 | 200 OK | 6.2 kB |
URL GET phaubsunsi.com/_next/static/chunks/03e2b47bcba3c890-1741265143266.b726b27e9fc71bcd.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (6273), with no line terminators Hash183547e910e9d9ed863cf18a814336aa 3832a716f5b6abd51ad86de2ff6a196d9d6d76e2 b61c4c90bda46986828adfc72579122541a3dd73d10249a5bd10f36a2771418e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/03e2b47bcba3c890-1741265143266.b726b27e9fc71bcd.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:46 GMT
vary: Accept-Encoding
etag: W/"67c99b52-1823"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4742
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55162da6eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/5f80e97b59861eae-1741265143266.d796ee7b26b320ae.js | 172.64.150.45 | 200 OK | 485 B |
URL GET phaubsunsi.com/_next/static/chunks/5f80e97b59861eae-1741265143266.d796ee7b26b320ae.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (491), with no line terminators Hashdfda463ac50781d113391d36396e4a2b 7d7cfd8b7e8455fc1af3e1423a6ccd3236035e4c 33f6f13e47fccc038f1978972d4a70bd2febf340b05ab713c13e726509e30b49
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5f80e97b59861eae-1741265143266.d796ee7b26b320ae.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1e5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551643b82b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/d6bae2fb8d6a34c3-1741265143266.c0db0e3a6b59783d.js | 172.64.150.45 | 200 OK | 457 B |
URL GET phaubsunsi.com/_next/static/chunks/d6bae2fb8d6a34c3-1741265143266.c0db0e3a6b59783d.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (463), with no line terminators Hashb78106ee1be6d0d8070e800b49763a13 40e4d16723a86d128d23bb87cdb322a33482df4f 1bd2926c524c586552e6e35f6df241b7dfbc8889664a73aea410cdeb00f5a191
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/d6bae2fb8d6a34c3-1741265143266.c0db0e3a6b59783d.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1c9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55164dc00b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/confetti-1.7ba08d11.webp | 172.64.150.45 | 200 OK | 12 kB |
URL GET phaubsunsi.com/_next/static/media/confetti-1.7ba08d11.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasheb224b5a86e8c9f478bd6f2a8c3c53ac 0bdc5a91bb1c87fe55b023ee6cef886edb64967e e910f36c92776b4e4a415316307a6cbb4d4f039bb8d66dd094c7b90d76f6fa1c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/confetti-1.7ba08d11.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 11774
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-2dfe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3905
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c55166dd9db4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 0 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 454
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c551694fc70b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| roachezouy.com/event | 172.64.144.114 | 200 OK | 81 B |
IP172.64.144.114:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectroachezouy.com Fingerprint3B:47:12:A4:D1:12:63:A9:7A:D6:5E:75:6F:9F:BA:1F:81:53:DD:9A ValidityTue, 04 Mar 2025 02:06:14 GMT - Mon, 02 Jun 2025 03:06:04 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash15c4227f1fccd132a4451814fc6043e4 956122482bafa318ccd47bc75b4ed12924ba0d99 a44cd35df394e9c15a1124ed35abcbb8ee071a3959d37837a591e2751dc3765a
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: roachezouy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1835
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:34:01 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c5516d6ab60b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| saigopooramee.net/link?z=3956710&var=8692407 | 104.18.41.59 | 302 Found | 117 kB |
URL User Request GET saigopooramee.net/link?z=3956710&var=8692407 IP104.18.41.59:443
CertificateIssuerGoogle Trust Services Subjectsaigopooramee.net FingerprintF2:3E:26:9F:41:41:61:D9:EE:FF:3F:21:F8:62:9B:AE:97:25:36:86 ValidityTue, 18 Feb 2025 22:38:35 GMT - Mon, 19 May 2025 23:38:23 GMT
Size117 kB (116780 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /link?z=3956710&var=8692407 HTTP/1.1
Host: saigopooramee.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Thu, 06 Mar 2025 22:33:58 GMT
content-length: 0
location: https://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
link: <https://phaubsunsi.com>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=048184a2f2b54141e8975f18f7900233; expires=Fri, 06 Mar 2026 22:33:58 GMT
oaidts=1741300438; expires=Fri, 06 Mar 2026 22:33:58 GMT
OXCCLK=4105106.1; expires=Fri, 06 Mar 2026 22:33:58 GMT
allcnt=1; expires=Fri, 06 Mar 2026 22:33:58 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c5515d0fd0b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/chunks/2317b809a320dff8-1741265143266.d045a2102aa0b159.js | 172.64.150.45 | 200 OK | 15 kB |
URL GET phaubsunsi.com/_next/static/chunks/2317b809a320dff8-1741265143266.d045a2102aa0b159.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (15184), with no line terminators Hash14e0b9e1d48cb10fd74d9e33f84c356b bfbc7d86ab058c1494cbb887c2bb04ba6c419b41 b148f7adaa2bea0f0839cb77119ea059165d9519728c6fb4f13884478b26ffa9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2317b809a320dff8-1741265143266.d045a2102aa0b159.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:47 GMT
vary: Accept-Encoding
etag: W/"67c99b53-3b50"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160a834b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| my.rtmark.net/gid.js?userId=gggn2c30nfmopy74bnhvgcdvzwotpxq | 104.18.41.22 | 200 OK | 64 B |
URL GET my.rtmark.net/gid.js?userId=gggn2c30nfmopy74bnhvgcdvzwotpxq IP104.18.41.22:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectmy.rtmark.net Fingerprint03:52:6A:BD:35:83:43:81:AF:25:BB:A3:26:97:D1:78:25:73:A4:C9 ValidityTue, 04 Mar 2025 10:39:32 GMT - Mon, 02 Jun 2025 11:39:29 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash35d120166582cec09f4b2b61b1b63ec2 760531017010dbd10f2c1adb162598bfeff4e3da c976f33b5813b176500141113dd1ab31037f9f203c431acbb76c4c3fff331164
GET /gid.js?userId=gggn2c30nfmopy74bnhvgcdvzwotpxq HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://phaubsunsi.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://phaubsunsi.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=gggn2c30nfmopy74bnhvgcdvzwotpxq; expires=Fri, 06 Mar 2026 22:33:59 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 91c551640f0bb524-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/chunks/13c65fd13463b31b-1741265143266.d14fb864611e4790.js | 172.64.150.45 | 200 OK | 445 B |
URL GET phaubsunsi.com/_next/static/chunks/13c65fd13463b31b-1741265143266.d14fb864611e4790.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (451), with no line terminators Hash661d21f3a41e56a53cb44ddb62369251 0f70f2195b6db85f669894fce7c33740b7de1d0f 81fbf2c2174c4f07a9f0a6b4d53b3c6bc0d068e2a92017e52f6727d2ab932228
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/13c65fd13463b31b-1741265143266.d14fb864611e4790.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1bd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551642b73b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/146d76bf3d5fb8b9-1741265143266.10f1a530b815df9e.js | 172.64.150.45 | 200 OK | 473 B |
URL GET phaubsunsi.com/_next/static/chunks/146d76bf3d5fb8b9-1741265143266.10f1a530b815df9e.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (479), with no line terminators Hashf86fc3501f2234d05f9f68e2694f8134 2dbd1c47b12f68fe9ebbc0e40398a140f7eb00d5 085e37417994fa7412bb575dcad10375f44069b136aaa4f2c34ac279a1e46f68
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/146d76bf3d5fb8b9-1741265143266.10f1a530b815df9e.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1d9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4695
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c551642b78b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| cdntechone.com/stattag.js | 188.114.97.1 | 200 OK | 16 kB |
URL GET cdntechone.com/stattag.js IP188.114.97.1:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectcdntechone.com FingerprintDC:31:A0:CC:76:0E:5C:E3:45:17:43:52:62:B5:29:18:F1:70:D7:FE ValidityTue, 11 Feb 2025 05:59:25 GMT - Mon, 12 May 2025 06:58:07 GMT
File typeJavaScript source, ASCII text, with very long lines (15840) Hash80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6293
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=assm4GK7aM92PPc%2BXUNvlhE8ryZBcy4NmajYkqgG5DAkKoWxhHAFQrmSq5IXm9Os3iLaLHGYk0Fgu6B4RHCuXAqU2mxvRunp4JHHkQDYpAXNlo15j6rYvIvleQFphbObHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 91c551657dacb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2008&min_rtt=803&rtt_var=2129&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3210&recv_bytes=1118&delivery_rate=1934105&cwnd=254&unsent_bytes=0&cid=a7424d9d54989d7d&ts=62&x=0"
X-Firefox-Spdy: h2
|
|
| phaubsunsi.com/_next/static/chunks/e4edbed7db9cae2e-1741265143266.8120f47cfc0fa520.js | 172.64.150.45 | 200 OK | 6.9 kB |
URL GET phaubsunsi.com/_next/static/chunks/e4edbed7db9cae2e-1741265143266.8120f47cfc0fa520.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (6949), with no line terminators Hashdaa20628c01723a3d9c329640c0ee47b 0d65a5b6f6ecf9d08ca3b15711b8e97cb296123f bfab7aceba1141891807caf517ddb5ce61c2513411ca734f169294f826d6270c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/e4edbed7db9cae2e-1741265143266.8120f47cfc0fa520.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:56 GMT
vary: Accept-Encoding
etag: W/"67c99b5c-1ace"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160a83eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/8a7d810c6e1be66c-1741265143266.b4e3489aaa830908.js | 172.64.150.45 | 200 OK | 4.9 kB |
URL GET phaubsunsi.com/_next/static/chunks/8a7d810c6e1be66c-1741265143266.b4e3489aaa830908.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (5169), with no line terminators Hashe8ef03c1ba9d9af8f9a08aefbc566661 094eeea65bc66afa1f141e7c46edbf1641845d75 216dd62b6acc3ec38a3a97d6d008ac12463c1104f32a93d9aa3bfcdc9b65edf9
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8a7d810c6e1be66c-1741265143266.b4e3489aaa830908.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: W/"67c99a83-1353"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160b880b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/chunks/1d79aec50d048af8-1741265143266-f825c47a7b858621.js | 172.64.150.45 | 200 OK | 42 kB |
URL GET phaubsunsi.com/_next/static/chunks/1d79aec50d048af8-1741265143266-f825c47a7b858621.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeJavaScript source, ASCII text, with very long lines (42093), with no line terminators Hashabe7b7f63dc49d164192719a56b0f08b 9b92fe33a9f1c7481b27a145c8b744fe0771854d 5f3dd0ebe29ad6c48e8eaf3a6d8820e908d82dc1db79dc874106f9eaf3c6afc4
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1d79aec50d048af8-1741265143266-f825c47a7b858621.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:47 GMT
vary: Accept-Encoding
etag: W/"67c99b53-a46d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160c89fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/i3SvS8x8E4zyEJr051Ozh/_ssgManifest.js | 172.64.150.45 | 200 OK | 120 B |
URL GET phaubsunsi.com/_next/static/i3SvS8x8E4zyEJr051Ozh/_ssgManifest.js IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeASCII text, with no line terminators Hash7b10cb073fc3ca3fdaccfa110b5cc938 c4ee546a6f5be40a010c40cc5324024617e4a7a4 ce24007874bc6c23d831eb1c13fdf623e33f4a524a88ac6f3b67813942bc95b0
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/i3SvS8x8E4zyEJr051Ozh/_ssgManifest.js HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:33:59 GMT
content-type: application/javascript
last-modified: Thu, 06 Mar 2025 12:55:45 GMT
vary: Accept-Encoding
etag: W/"67c99b51-78"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
expires: Thu, 06 Mar 2025 23:33:59 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 91c55160d8b0b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/confetti-2.c36ea98d.webp | 172.64.150.45 | 200 OK | 4.3 kB |
URL GET phaubsunsi.com/_next/static/media/confetti-2.c36ea98d.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash483d298f3477d9b9a9ed85e2997eb888 52e1956082c558621f102ba813e7bdcee3fcb31d 24763cff62c7e5d6aa028e7bc528010333a062aef7c5682c2dfdc7bfbcece822
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/confetti-2.c36ea98d.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 4258
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-10a2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3905
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c55166dda4b4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| phaubsunsi.com/_next/static/media/confetti-3.22ce5e15.webp | 172.64.150.45 | 200 OK | 7.4 kB |
URL GET phaubsunsi.com/_next/static/media/confetti-3.22ce5e15.webp IP172.64.150.45:443
Requested byhttps://phaubsunsi.com/sweeps-survey/1383/?s=921643377980879207&z=3956710&var=8692407&campaignid=4105106&b=8160420&ymid=921643377980879207&city=oslo&svar=1741300438&ssk=54862b561b069fe74c3b67ffcd34e9ea CertificateIssuerGoogle Trust Services Subjectphaubsunsi.com FingerprintE0:EF:AD:D0:E9:7C:DC:FB:F4:9F:13:33:33:30:35:C7:5A:32:FD:35 ValidityWed, 26 Feb 2025 16:24:10 GMT - Tue, 27 May 2025 17:23:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash6ffe537f32b7be06a870808ee94dadc5 598b8776ac199d0d8737969255c81da7c2cf16f2 e0ddaa01c812e3cdc7963b53edf9a53867a1930a7a566edeb872a0f36da94f7b
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/confetti-3.22ce5e15.webp HTTP/1.1
Host: phaubsunsi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 06 Mar 2025 22:34:00 GMT
content-type: image/webp
content-length: 7428
last-modified: Thu, 06 Mar 2025 12:52:19 GMT
vary: Accept-Encoding
etag: "67c99a83-1d04"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3905
expires: Thu, 06 Mar 2025 23:34:00 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 91c551671ddcb4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
0.0.0.0