| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash94a2d5e693f71770bd013db51ee0fbbe 2f5b5bd658d11088f0599e5f244740d0d8667bea a4b45c1833f63c69b1847216d9dd0bbfc4f95f33501d88e7dc5555648f019595
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "A4B45C1833F63C69B1847216D9DD0BBFC4F95F33501D88E7DC5555648F019595"
Last-Modified: Tue, 08 Oct 2024 12:10:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20256
Expires: Wed, 09 Oct 2024 08:32:42 GMT
Date: Wed, 09 Oct 2024 02:55:06 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb5fba3de48fd6c409033029700670f78 0e348372969c771ca1d5f0ae6a944eb21c7ede05 86d583a273489c4b3d93bc10e3fa9718746ba439c1d88533f0177dec4c7183ce
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "86D583A273489C4B3D93BC10E3FA9718746BA439C1D88533F0177DEC4C7183CE"
Last-Modified: Tue, 08 Oct 2024 22:04:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4658
Expires: Wed, 09 Oct 2024 04:12:44 GMT
Date: Wed, 09 Oct 2024 02:55:06 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash33985775df7b619cb33f4050d88c5fb9 cf0b2ff92cd2f7e12ce788a164a73d75dea5da83 b6db380f5eeb73aa56abf90afa43b52cc9f51b01f33ad1eefeccc473a41ffb86
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B6DB380F5EEB73AA56ABF90AFA43B52CC9F51B01F33AD1EEFECCC473A41FFB86"
Last-Modified: Tue, 08 Oct 2024 11:18:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4603
Expires: Wed, 09 Oct 2024 04:11:49 GMT
Date: Wed, 09 Oct 2024 02:55:06 GMT
Connection: keep-alive
|
|
| r10.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashee8a3075e7c2e453a0e7ecb6d0ffb710 8207b3beb4c30142e41563a15cc410ecab5f61a8 af0c2421d7af6507eb62dfa55b8dd2c1f969ca02692e89d3bf841cb42430ebe1
POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "AF0C2421D7AF6507EB62DFA55B8DD2C1F969CA02692E89D3BF841CB42430EBE1"
Last-Modified: Tue, 08 Oct 2024 12:40:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3085
Expires: Wed, 09 Oct 2024 03:46:32 GMT
Date: Wed, 09 Oct 2024 02:55:07 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashb06a775d0b6e7312a5569de9f9c7e2eb c291dec49a39f87ef86197aaa2b888dcad61282d c71938c9feb6487c2fcd5293e36a2ebe342e2ce0252891c7c7b3a92d734797a7
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C71938C9FEB6487C2FCD5293E36A2EBE342E2CE0252891C7C7B3A92D734797A7"
Last-Modified: Tue, 08 Oct 2024 04:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9478
Expires: Wed, 09 Oct 2024 05:33:05 GMT
Date: Wed, 09 Oct 2024 02:55:07 GMT
Connection: keep-alive
|
|
| www.medianews1.site/go/1a91fa25-3a95-4f09-8799-c3290cfc9efa | 35.158.71.179 | 302 Found | 330 B |
URL User Request GET HTTP/2www.medianews1.site/go/1a91fa25-3a95-4f09-8799-c3290cfc9efa IP35.158.71.179:443
CertificateIssuerLet's Encrypt Subjectwww.medianews1.site Fingerprint35:2B:E7:4A:C9:A4:19:33:B2:4E:67:76:10:6E:17:7A:37:DB:31:F1 ValiditySat, 31 Aug 2024 05:23:43 GMT - Fri, 29 Nov 2024 05:23:42 GMT
File typeHTML document, ASCII text, with very long lines (330), with no line terminators Hash272f5c00f94817b12f059d80360b17a7 f9dca70fd18e3bde89772ba38b94699853b2203a c8e3eb965606115f1116a0cdaeb5a88f5b55ba73f3d89fe58aa552da89e3768e
GET /go/1a91fa25-3a95-4f09-8799-c3290cfc9efa HTTP/1.1
Host: www.medianews1.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: openresty
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: text/html; charset=utf-8
content-length: 330
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Full-Version,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Reduced
access-control-allow-origin: *
location: https://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz
set-cookie: bemob-viewer-id=afd31460-5743-4950-9bc3-23102c854ed4; Domain=www.medianews1.site; Path=/; Expires=Thu, 09 Oct 2025 02:55:07 GMT; HttpOnly; Secure; SameSite=None
bemob-uniq-visit:1a91fa25-3a95-4f09-8799-c3290cfc9efa=1; Domain=www.medianews1.site; Path=/; Expires=Thu, 10 Oct 2024 02:55:07 GMT; HttpOnly; Secure; SameSite=None
bemob-rotation:1a91fa25-3a95-4f09-8799-c3290cfc9efa:random:5374a22d95ddbdb1b0946b1ac6bb582c=0-0-0; Domain=www.medianews1.site; Path=/; Expires=Thu, 10 Oct 2024 02:55:07 GMT; HttpOnly; Secure; SameSite=None
bemob-click-id=VA9jHCcGsixobdj8maZsUz; Domain=www.medianews1.site; Path=/; Expires=Fri, 08 Nov 2024 02:55:07 GMT; HttpOnly; Secure; SameSite=None
vary: Accept
x-response-time: 8.808ms
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/9008.655d5227f9951fee.js | 104.21.30.254 | 200 OK | 2.8 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/9008.655d5227f9951fee.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (6990), with no line terminators Hashf91eb99f11ddae84acef169332920772 976b2cf6ded72b0e516c4dbc002b8c70bd0b327c bce7182e7e7074f1851100cb64a949378c55b1b838d71a71a7b7d7e636982621
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9008.655d5227f9951fee.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-1b4e"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bq4xWvsCk7zyI%2BhQ3No%2BwQsFfSi0VT5eS3dy2w%2BH1QnYTLeF4WoDuSC5%2F4i0KsO4TjMX9KWh294J9Io%2FtYKC1hHWtg6lh7RlwhU%2BaV0BvRpqrV2ckSXACOd4RCIuQ6yU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708e8af712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/framework-f3a5861786cc8e61.js | 104.21.30.254 | 200 OK | 12 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/framework-f3a5861786cc8e61.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (26670), with no line terminators Hash405295ad54872f95616ad4a6c5825af1 08c7947a0f01af2c9d2bbe966003667ef3ac1dfa b3f17c2e245d66acc87ac6add2462d56afd8a26c410a180381a37884a02aae00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-f3a5861786cc8e61.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-682e"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jp9OpR4eFpFjXsI68asIXPhf%2FJ9CeqLm48yaFvhgNoRz0QlvXHjJQfjOqFelvs%2FT1jr%2FIIkb5mtv3638F0kmSEyE%2F0BlEZv2%2FhIZZiiLS8KpK5nyN52EN6MjcHE6V3dD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708e8b5712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/689.ab6dfe3d58f556be.js | 104.21.30.254 | 200 OK | 2.9 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/689.ab6dfe3d58f556be.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (11142), with no line terminators Hash21fbce44a24a8e2d4f7e325da0d0bd40 cbc0246d2e67a11082c1db5648a1d1274e9a79b4 3aec21b2b4c4b06de7a6877d0bea8471292cfd5849ea91df51a35e700f4f2366
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/689.ab6dfe3d58f556be.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-2b86"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Apr%2BRu9%2B6FV1ARk4IzSs8yyWxuda6x9f1IlBUyvQXdbP1qF89lvwTYvhhRVLj2%2BKUaC%2BbumtSxcNH%2BpwLUySEeaO6u8ih106V96fBKq1cHhFBuTVh5zBE6D9lcCy8q3A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708d8ab712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/3043.b99538ea8962f746.js | 104.21.30.254 | 200 OK | 14 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/3043.b99538ea8962f746.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (48463), with no line terminators Hashb324de17eca822fb2da60e21f2334632 3dbd5c305bfc9aef3296fad988d9fb429e30e6f1 2b0565dee333cb87e34a05d43d7aba0d8d3b301c19f17b7a3379cf51289160b0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3043.b99538ea8962f746.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-bd4f"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rEX%2FU0kLuV%2Fkcyt34g%2F0JBcazHzMvN1flXez4oD5FqWB9K8gwgoef3eFyhABIuaefIwD3DZKl4ADKNal7Rw2V4zs%2B5N%2BtVNlelmy7u1gYP6V7Wqf4ObUoI5hWVzL05qB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708e8b3712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/8059.a461a29689512667.js | 104.21.30.254 | 200 OK | 15 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/8059.a461a29689512667.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (21787), with no line terminators Hash709b0072b0a6a7ebf0a74e6101e1e9ab 9fd6f6e076e4f367474e1494383c574b4da42a86 5b21c1ecb0b6329ea0772a9ac8a407fcb2305ca76e25cc15b87e8133a54344e1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8059.a461a29689512667.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-551b"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sqm228GgSLUi9uGDzLiX8THgxqq1nOESY%2F%2F0d%2Fjoqm8PDtBqSGFFkwlwylBJEh0b0EN4gc9oscsplfFG4MKgcyWhSKtIw2AaI77eTsV62pkiYuoF0rTfLqg5GIBApRH%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708d8aa712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/media/person-2.f83cc68b.webp | 104.21.30.254 | 200 OK | 2.2 kB |
URL GET HTTP/3nadrigrir.com/_next/static/media/person-2.f83cc68b.webp IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash8f8ffbb278de1342e5cf44cd0c677c23 1b4b4428e409479cc8a8acfce6f537c2aeea7556 ac4284ed6941963c4fa0db306537f42f3a0b1fa18710bc7b9e1e62188961d83a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-2.f83cc68b.webp HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: image/webp
content-length: 2220
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
vary: Accept-Encoding
etag: "670516f2-8ac"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=odly8WsneZ0pU5ycMq4uKk9sbT1BbKpR%2BO9Rhv0AB7ScoJ3knHYPfGHzmTJwkDAnQqkkM7mAzQpGAGmZF4VcBQbxX1edemZ8kw7UnN3jEoAk0Jg2D%2BAhAhiFffuknMS%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c2fbc569f-OSL
|
|
| nadrigrir.com/_next/static/chunks/1658-4a1fa007dc959763.js | 104.21.30.254 | 200 OK | 22 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/1658-4a1fa007dc959763.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (30034), with no line terminators Hash45e374b70a5904938f24b23640e31888 7c38c10b8b6040cc4c0ce25d2aed503f81b9513e 7ed197e99e747ce5e97ae07fc1e728713132a18bbea23f10a7b5530ab0c53a3d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1658-4a1fa007dc959763.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-7552"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kgr%2FQqnK5XOBte8UOtReHIJLoiIDhS7%2BHvTJvPn1lY%2FxRRdBFfBKuxMaGw%2FJt5UVly657D6LfZTT9W7PnGHKzsW2zLu32vOnKkCRmxKCmkCYbjGw4uGuywRId%2Bm5dTky"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708f8bd712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/media/person-5.7317ee2f.webp | 104.21.30.254 | 200 OK | 2.4 kB |
URL GET HTTP/3nadrigrir.com/_next/static/media/person-5.7317ee2f.webp IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash188dfcdf19da1d86ed162d54ed03536d 98b1baefbb803548b2894547091b4c7773406524 4f8251665e3cc796f127ea6cbdc00a9ec450adff16acb4ec74463c446b6f4ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-5.7317ee2f.webp HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: image/webp
content-length: 2384
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
vary: Accept-Encoding
etag: "670516f2-950"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooFpMKzEqlIVrPJtt5vIB4LmrfGTHcG4Ow4whYrUuBheHlR1664BVs8mSDzopNAoxqEUc0qVBoJMSI7lqFbEp7ZEfxSTM5IKFuSVSqb7Bm4JHBjNmgVfMG80bwLASWAh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c2fbd569f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nadrigrir.com/_next/static/media/person-1.90304dab.webp | 104.21.30.254 | 200 OK | 1.4 kB |
URL GET HTTP/3nadrigrir.com/_next/static/media/person-1.90304dab.webp IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5da2ea294623650bae71fc84401cf60 f1f62ea011cf81953cefe28254c134e992453b91 09a846c5b1af2c6100ff3193789be1e0e21ba9fc45c268f76f2007c78f1e4ac1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-1.90304dab.webp HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: image/webp
content-length: 1402
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
vary: Accept-Encoding
etag: "670516f2-57a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=He64oA9Jz7gAoKokNmOmGdSj0BzXUv5uvVA01VLkqw0HWPWkIcIrlFWtWeGvmZ0iyVKvaJWEfNLQN4WaBLdvhLm0yRfLqsTME3G99biA%2BnaA18z1fqBTLrhP%2B%2B3WDofm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c2fbf569f-OSL
|
|
| nadrigrir.com/sync-metrics | 104.21.30.254 | 200 OK | 17 B |
URL POST HTTP/3nadrigrir.com/sync-metrics IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 394
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: fa19fbdb6902d42874c379a0fd8b7f42
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2B9WyMQaxphmBRq%2B0igJm1nFHfq1NdyOrdvl8qBVa53Cc5rGbIUBeM72mF%2FmLyKdg4WJuBWxHX%2Bf862QAtzSAhKJvRexsmRO3HapZcLspUCFwnR%2FQ0E6ymIdBAuT0QZh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c5fdf569f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| nadrigrir.com/_next/static/media/person-6.e7cd6065.webp | 104.21.30.254 | 200 OK | 2.4 kB |
URL GET HTTP/3nadrigrir.com/_next/static/media/person-6.e7cd6065.webp IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash7be25941ac032fcec25b1bb4ede296d2 cfc4fb3733844326076b6d7632087204c0bea34d 0ff9d28c4ab7516d2790e8df4d325cf602bc8f9eb787a7cd9b6554edd9530e4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-6.e7cd6065.webp HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: image/webp
content-length: 2440
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
vary: Accept-Encoding
etag: "670516f2-988"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F5Py92%2FEBhfo2PPgUemDLP1khaoLSxZKIiaF0AuNoYWpx3wA5gPkCiUDoOd4ZCBBD2Vyc9mGAvUzDnw9%2B8NxtHKpSpqYCBLoFaGWF8kpUyLhixiwDhvz%2FnBzwpaSUYj9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c3fc7569f-OSL
|
|
| nadrigrir.com/sync-metrics | 104.21.30.254 | 200 OK | 17 B |
URL POST HTTP/3nadrigrir.com/sync-metrics IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 394
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 5aef148f6a90503c1c989b2b1117beab
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ly0wX2rt5zdptv34NhW44%2FPE2EeamnccfIwAQa6I6VE5RuMYmx1sVDyeRGXGbe8L26AMyGm972JgUVWqomIwtrtsJLTzJ%2Foj8KNXn8DI3FviuGp5zK04bLm17m%2B6xdMT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c8856569f-OSL
|
|
| e6.o.lencr.org/ | 23.36.76.226 | | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash187396a6d1607315627515c47d871f25 0ff06006381656529e35e89bcda4d42e58cf2077 0879455e6d286ec7d4d728e99d37b34ba2c47ffbc5f058d93db1d157f0360ef2
POST / HTTP/1.1
Host: e6.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0879455E6D286EC7D4D728E99D37B34BA2C47FFBC5F058D93DB1D157F0360EF2"
Last-Modified: Tue, 08 Oct 2024 04:42:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6187
Expires: Wed, 09 Oct 2024 04:38:15 GMT
Date: Wed, 09 Oct 2024 02:55:08 GMT
Connection: keep-alive
|
|
| auchoahy.net/zone?pub=0&zone_id=6679100&is_mobile=false&domain=nadrigrir.com&var=7339789&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.560&trace_id=89d232d0-2741-4111-85a9-d3a410ef75d8&action=prerequest&drf= | 139.45.197.226 | 200 OK | 0 B |
URL POST HTTP/2auchoahy.net/zone?pub=0&zone_id=6679100&is_mobile=false&domain=nadrigrir.com&var=7339789&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.560&trace_id=89d232d0-2741-4111-85a9-d3a410ef75d8&action=prerequest&drf= IP139.45.197.226:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerLet's Encrypt Subjectauchoahy.net Fingerprint3A:DE:56:77:2E:4A:67:9D:EB:BA:DD:AD:1D:1D:00:38:3D:CC:CE:3B ValidityWed, 24 Jul 2024 08:39:43 GMT - Tue, 22 Oct 2024 08:39:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?pub=0&zone_id=6679100&is_mobile=false&domain=nadrigrir.com&var=7339789&ymid=&var_3=&var_4=&dsig=&tg=1&sw=3.1.560&trace_id=89d232d0-2741-4111-85a9-d3a410ef75d8&action=prerequest&drf= HTTP/1.1
Host: auchoahy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 09 Oct 2024 02:55:08 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=40362e15-6e51-4233-91ed-570f9e457328 | 185.49.145.45 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=40362e15-6e51-4233-91ed-570f9e457328 IP185.49.145.45:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=40362e15-6e51-4233-91ed-570f9e457328 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1425
Origin: https://nadrigrir.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Wed, 09 Oct 2024 02:55:08 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://nadrigrir.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| nadrigrir.com/event | 104.21.30.254 | 200 OK | 441 B |
IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
Hash2157381bad5ddf76137bf90aa5fd837d effaad2fcab84b46f72e305f541362dfb98e2495 f2a4601208928e32d79874990a8f631bb306818ecb79dd9af1dfeaf2f6d05af4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /event HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 553
Origin: https://nadrigrir.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://nadrigrir.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXoo2uPiDKs8X8kKrDelAc9KOXhNaecVO%2BCov5DVji%2FIoFxuNjo78v4GUMH%2B9Eg4qXO%2BoZ2PNSkssZ%2F4RmjVslooZU04lBBle%2Byrg5MXqlck8wjxR%2FyCAqw%2FDRI28R5I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c7817569f-OSL
content-encoding: br
|
|
| nadrigrir.com/sync-metrics | 104.21.30.254 | 200 OK | 17 B |
URL POST HTTP/3nadrigrir.com/sync-metrics IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 460
Origin: null
DNT: 1
Connection: keep-alive
Cookie: OAID=gvgyoldziwvsq8orbcc92ugwejqqnl8l; syncedCookie=true; oaidts=1728442508
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: e682d56ea116435cc756e55cb274f6ae
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nx3TjmFrNi7qPdEFrI5p9xsdMvq7gXt7LLAubD%2BKhYWNeUi6cP4ru1441NvRP0Nnm9BtsqoLTT1mly3SymdZEfkDNCvbNffKXBTd0E9cOgVnHPc89Tst90RbHgzCsOhF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170e1c04569f-OSL
|
|
| nadrigrir.com/favicon.ico | 104.21.30.254 | 204 No Content | 0 B |
URL GET HTTP/3nadrigrir.com/favicon.ico IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=gvgyoldziwvsq8orbcc92ugwejqqnl8l; syncedCookie=true; oaidts=1728442508
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 09 Oct 2024 02:55:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bOFkwfzNcuGONyu%2BIPuAjUn%2BFb7O9y2oy%2BpIhb6Pw29Ja8MW32%2FO4M%2FZLxh3QozXSax6OJXO%2BDJH3eBs%2BH7alN27jgfRPFngtSJMwHacs0Ud%2FMgSq1dSP8Sb358bpd1H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cfb170f6dd1569f-OSL
|
|
| glooxing.com/sync-do | 104.21.8.248 | 200 OK | 607 B |
IP104.21.8.248:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectglooxing.com Fingerprint0D:A0:FC:FE:0B:2B:17:84:A9:1A:09:C7:26:DF:C9:5F:B7:0F:9C:28 ValidityMon, 02 Sep 2024 10:47:29 GMT - Sun, 01 Dec 2024 10:47:28 GMT
Hash8ec71594b418cf1f05e7b9bbbc1426f0 4b5a6b9424224e7e58d1f95de69ae00ee12fcd94 1449a2fb5693def4f77e101b4050c688fb4f75bd2fd9f4bf1ae3abc28bb2ffa9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: glooxing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 452
Origin: https://nadrigrir.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: 1edfd83db6870ca57d822517cb073335
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://nadrigrir.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gBquP4FGlA9a85Wj1TompTTWysff4g4WFSweuxoHwaBZO0mWjEdYWNNvEXZfGAx4t%2FZ1eT7u6wWP57%2BRy8R%2B1HmDsSfTEjqavX1OymLK58cz9dy5WwvMWzn9jOdarfw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170e6da4b512-OSL
X-Firefox-Spdy: h2
|
|
| r11.o.lencr.org/ | 23.36.77.32 | | 504 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashaa746f2452828a39148ef2ed129c14f6 aab2904047696ac367e2bfc0ffb1ba44c9c84256 5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9256
Expires: Wed, 09 Oct 2024 05:29:25 GMT
Date: Wed, 09 Oct 2024 02:55:09 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashaa746f2452828a39148ef2ed129c14f6 aab2904047696ac367e2bfc0ffb1ba44c9c84256 5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9243
Expires: Wed, 09 Oct 2024 05:29:12 GMT
Date: Wed, 09 Oct 2024 02:55:09 GMT
Connection: keep-alive
|
|
| r11.o.lencr.org/ | 23.36.76.226 | | 504 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashaa746f2452828a39148ef2ed129c14f6 aab2904047696ac367e2bfc0ffb1ba44c9c84256 5c76fd0fb994332de5317dc7d533ae3edb60d9f0ce253f839e609d83a3bf0fa7
POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "5C76FD0FB994332DE5317DC7D533AE3EDB60D9F0CE253F839E609D83A3BF0FA7"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9243
Expires: Wed, 09 Oct 2024 05:29:12 GMT
Date: Wed, 09 Oct 2024 02:55:09 GMT
Connection: keep-alive
|
|
| nadrigrir.com/rotate?zz=6543018%3B7000963%3B4326647%3B4949467%3B5381239%3B5381316%3B5381307%3B5381339&var=7339789&ymid=&ab2r=&var_3=&var_4=&os_version=&uid=gvgyoldziwvsq8orbcc92ugwejqqnl8l | 104.21.30.254 | 200 OK | 3.9 kB |
URL GET HTTP/3nadrigrir.com/rotate?zz=6543018%3B7000963%3B4326647%3B4949467%3B5381239%3B5381316%3B5381307%3B5381339&var=7339789&ymid=&ab2r=&var_3=&var_4=&os_version=&uid=gvgyoldziwvsq8orbcc92ugwejqqnl8l IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (3967), with no line terminators Hashe312442fd72974c7ddfe41423abb8f96 2e21cdb5063e84f062eb98f8d75680cdd9eb7570 2055f4e216ea4f3eebfe9b7147c6a339461cc21e668246643e06ff1bd5a71d9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=6543018%3B7000963%3B4326647%3B4949467%3B5381239%3B5381316%3B5381307%3B5381339&var=7339789&ymid=&ab2r=&var_3=&var_4=&os_version=&uid=gvgyoldziwvsq8orbcc92ugwejqqnl8l HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=gvgyoldziwvsq8orbcc92ugwejqqnl8l; syncedCookie=true; oaidts=1728442508
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 518a147d575672df29253b0cdad6e0ad
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://nadrigrir.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=gvgyoldziwvsq8orbcc92ugwejqqnl8l; expires=Thu, 09 Oct 2025 02:55:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0yCxvda0INCoCCKQ%2Brxf4pMlAsMeswjuqnWyzsCx7lo8EKhM02pk%2B8N3%2FrTXwhboEbtzKKDQ6czT%2BXMD3yXxUTCuHZ7RhQeWPbkQTFrTiFdQ6GIrlA3qrAEXEDAInRBC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170d9a95569f-OSL
|
|
| nadrigrir.com/_next/static/chunks/8904.3882d7a96ea63334.js | 104.21.30.254 | 200 OK | 3.6 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/8904.3882d7a96ea63334.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (3674), with no line terminators Hash0c7ca6a3766203d4ef089055b3d7a42e ec2f576cf54d6fb937bb564c58cd46d1cf0a01b3 114d172dc04101f41de0ade1f3b3b57f41d4c29c1f856ecee97f8bb1b62597d3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8904.3882d7a96ea63334.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-e16"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Td359MVA8ECnQjfUTyGsUb9iqwdxDFUUo3oc41HLsHfnVFCxidBfT6oaO7WjVQiRmBgOLSpBEgKBQ5cM%2BOf%2FWgh3LW5M7Klpg8WaazkuvdUQ7VwdkfkB%2BBDv64NEkfOh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170a4b2f712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-d2b32c4459c24af7.js | 104.21.30.254 | 200 OK | 26 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-d2b32c4459c24af7.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (26117), with no line terminators Hash562ed7c640e4b74972c279e090aef65f 54a2aa826505cebc6ea183fcb94adb73dc4e0174 8fa8a949648f071236cba81746ea1e3c45f07a8c62f522fa8ad73882fb11577b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-d2b32c4459c24af7.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-6605"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9m%2BOJerHPri%2FOPn6U9QLFO4S3RzWnsuYhWeE5crTVE08iNr982l7dVAzlJpVJW2q24271Kc9uhnbWCZgKd4bPOGbbU3R8aKfjEo8D5fEVcXKR%2FS41TFa5TubCSN7f%2Bnb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708f8c9712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/media/person-3.22d8dbb6.webp | 104.21.30.254 | 200 OK | 1.5 kB |
URL GET HTTP/3nadrigrir.com/_next/static/media/person-3.22d8dbb6.webp IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hasha747d227c2e10b5178fd942484301d7a b3c5cf90dd5fd2c26c7b17dcb2d35b6dd47065be 9f4fb1281b7141b9dd48925953f7b039b6c411ea0e6e5b158d3e000d75316e9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-3.22d8dbb6.webp HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: image/webp
content-length: 1454
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
vary: Accept-Encoding
etag: "670516f2-5ae"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGH0tW5jP4%2FqwrWGlhIxPl26uT%2FAH%2Fs8n1Tr8GJ9eMZbcJ1%2Fr1CIA8LzuSX35qLYMvwz6Nvd05hgtzx9%2BRveVR8WMfcDtBvka2K%2BbCzbE4D%2BrjwGrKwYYCu9iIIsCQW2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c2fbb569f-OSL
|
|
| nadrigrir.com/_next/static/chunks/4764.de5faeb046dca883.js | 104.21.30.254 | 200 OK | 26 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/4764.de5faeb046dca883.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (26511), with no line terminators Hashccec6cb0ad7490b4963e687f0eb31a5b da9d701d938a711106549ff2182806cfaa6ebb22 8183c0fe331b14212e417e023527b0e0edcd172ad068f749de2def38c5105588
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4764.de5faeb046dca883.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-678f"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sWCcZRVC%2FRpKCo39%2FaKJpZxs3WFHunHN1Ijlk1L9dJOjd8H3whQiPcBjFFmLjnhJkrVgZXKr5RixXx1irHXgo5dS3qyGADBdTbcWo1svtR5P2Fvb3iV3qfjCgAnneRz3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170a5b3a712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=7339789&ymid=&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=&os_version=&btz=UTC&bto=0&z=6679100&cdn=1&ab2=&ab2_ttl=5184000&domain=&var_2=VA9jHCcGsixobdj8maZsUz | 104.21.30.254 | 200 OK | 45 kB |
URL GET HTTP/2nadrigrir.com/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=7339789&ymid=&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=&os_version=&btz=UTC&bto=0&z=6679100&cdn=1&ab2=&ab2_ttl=5184000&domain=&var_2=VA9jHCcGsixobdj8maZsUz IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (45412), with no line terminators Hash628cec81962ee09b413ce7668f872c5e 182057b5601dbdf99ed18957c50fea02981f2642 6c5d5ff8b412b9eb1647d60a917b61bee0cbb59687b6c9c40718c808155c9820
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=7339789&ymid=&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=&os_version=&btz=UTC&bto=0&z=6679100&cdn=1&ab2=&ab2_ttl=5184000&domain=&var_2=VA9jHCcGsixobdj8maZsUz HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
last-modified: Mon, 30 Sep 2024 15:58:01 GMT
vary: Accept-Encoding
etag: W/"66faca89-b164"
access-control-allow-credentials: true
cache-control: max-age=1800
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmeS8HERyrvmMCGbGEC%2FDMYGwrRPoXtJsaHu%2Bqa40cIZGVDec%2FDmASqNZvmDc3WuZrfiQKJ6Aki%2BF%2B%2BJHPcV1ACj4NENb7YYmedN6bCACsXLFxz4wR30VipADHkU9eQB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1709ca2c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/9909.55cde413e7ec3deb.js | 104.21.30.254 | 200 OK | 4.7 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/9909.55cde413e7ec3deb.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (4772), with no line terminators Hashbdbb722ddc08aae92b1a1e331d2da91b f5b2fe074d060d645b7b2f87b101ac226e6b7b1f 943e802d539bf4ff02a3729d3bbbecbfebcdf04b092899b3e41f740e2f681d6c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9909.55cde413e7ec3deb.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-1262"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zbRUtupa9JVl22ibrFyPU9OWfHWFH5FyP8TsQQDLAQJ3V4Qj%2B4NzMWnMq3TIOc%2FJHpiq%2FjZf67Myyn7Bz0t4u5p4p9zxzXbDU%2F%2BAr5uts1YZfHhx2HR6tnoIG7Nx%2B9Iw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170a4b2d712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/5994.770802cc57bd04ea.js | 104.21.30.254 | 200 OK | 20 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/5994.770802cc57bd04ea.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (19986), with no line terminators Hashd1e24e877e0b71bb6dbab722df48aeb9 f7c65138171360538aa15e95007cac451bd4ec3b 4cf0cb5b91ad77fc326ca885426c80e5623199eb036bc51741be29db84287522
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5994.770802cc57bd04ea.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-4e12"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VoOULbAy4Yl1zZOsIlqLL2Jmy%2FLrfcftB69xEBVg1oq5xIOmZJcFnbR4Alzl7mm%2FdbeYSTp74Pyv4OK%2FnQwIbse8fTEgcTssVIuDXzZc1xHVL%2B4SQo25lrQa0kVPDILX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708d8a5712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/810.15620196fdaa9770.js | 104.21.30.254 | 200 OK | 11 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/810.15620196fdaa9770.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (10939), with no line terminators Hash0170af634214cf1d06310ce191e460a4 27889c09bee7f61161d7b0689878b93b9ab9b8a0 e9200213f671af039bedbb59aba5892d6020aef72e1ec7c220013a2b2c3eaf99
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/810.15620196fdaa9770.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-2abb"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alFmTX9c3cjWYYgvCkxmakxFywqKbz9ZUyAbJHW8vJPO3a6wobx7XcQJcWR3QL%2FogEOfA6CLu8OuNIDqBLLac5MWZUugO8udYdIayrrOyuLuUWa2EqhFIyTrlQ43ZFuO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170a4b2c712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdntechone.com/stattag.js | 188.114.96.1 | 200 OK | 16 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP188.114.96.1:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectcdntechone.com Fingerprint9D:11:8F:D6:A1:C0:F3:FA:BA:81:EE:FA:9C:54:AF:9E:A5:7E:F2:61 ValiditySun, 18 Aug 2024 05:54:26 GMT - Sat, 16 Nov 2024 05:54:25 GMT
File typeJavaScript source, ASCII text, with very long lines (15840) Hash80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuUNtIXdur7D9x2iQy9nQ2po2fm54av9HPXHipzjN2tOGzviJchTlr9KP6gP%2FvGO8jjpBBck6h3qMOvPxxT8YYyptVFBhHLCeDKlovFViuljFTAjFPnk8Evo54dceMdnSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cfb170b3c3456b9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/5313-301aaffc9ebabfe2.js | 104.21.30.254 | 200 OK | 8.2 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/5313-301aaffc9ebabfe2.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (8338), with no line terminators Hashfa6da18beaa992ec3833f0d36df87cf6 898af50aff71789b66d8c49af8fc029c58a14232 7816bc7d7435dbb3b3ff35234940bf6fbcd64aae54bfe646d600dc03af4c7da2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5313-301aaffc9ebabfe2.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-1ff1"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkkAsqs6tNPpg2KYiUduiUQyrcwKNtIo03rvhp1yb7vkY27QaB6DjtqjkU7VEFCr7pEYOtWIwA0joKdSXltM8y5BVzipmkPuZhaG9AaFI6GTHc2YmJTQPQZOQI0Af2jn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708f8c5712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/main-7a75ff3b0e9a5ceb.js | 104.21.30.254 | 200 OK | 110 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/main-7a75ff3b0e9a5ceb.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size110 kB (109698 bytes) Hasheeef108ca819f6315447cf06865dc84b b1650d7d5eb5c4209dd7cb8ed51feaf3c925a5aa 928babe6b0db9d959278d6d8532161434c207bc3f933c923f1b4d3b63126a605
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-7a75ff3b0e9a5ceb.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=109699
etag: W/"670516f2-1ac83"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Bctm35sF3SNPnAU3muV%2BK4krl00GzoXVjJVCKfTYkclCK9er2ZpmoaR03vKLKnrWDAA8jn6wo2LYEnQYOkBdg0LgUo2PZMM9GkotpuXxToDtUjaN8Mf7Xo8I5YG0c%2Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708e8b7712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/8759.207a47fedeee6500.js | 104.21.30.254 | 200 OK | 6.4 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/8759.207a47fedeee6500.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (6503), with no line terminators Hash2979752ee6db205ac4cd144e9b00917f 60e41467ec825f94ea4eaa4d94d41f1484467a20 64dab3424b9539f3c0fa6c811e59c75b1934e089094918fb38b367adc775bfd9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8759.207a47fedeee6500.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-18fd"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwkLrk2vxpzGCZyHATh5BQCknhxrWkXKIYo6eMXJAKGSmiwJfOqOOmsFDcMdNLcugZ5J6RxuFEL96XoO2QmhbF5yV4IgkrPtZfRHmT0pTa0%2BoMSONnyoZwrKKjnrpc1E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170a4b32712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz | 104.21.30.254 | 200 OK | 112 kB |
URL User Request GET HTTP/2nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz IP104.21.30.254:443
CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
Size112 kB (111685 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: text/html
last-modified: Tue, 08 Oct 2024 11:26:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wukVGFG0alDnEoe%2FR3WfRCWz%2BYhKWWxAiHA%2Fudx7jfFB30z5MxArDWKpIwnPOHWp%2BFPH40fP52q65ASc8Ph%2BdPK9YRmVn0Z%2FEK6j4%2B8DEw8Xv6kPKtp4N%2BeO46tK%2B2b3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 8cfb170649ed712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/8601.db0cc04a43991af0.js | 104.21.30.254 | 200 OK | 23 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/8601.db0cc04a43991af0.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (22878), with no line terminators Hash05d1c6fc3a785c60ccb4869a6d8a8914 8169685bd9bc5d9ce27a5af97303811041450487 d80a452b8e9f06faf7852cfa89d5120b39a5eead788a41335e171d737141f8a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8601.db0cc04a43991af0.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-595e"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZicHWBMbv%2BZVXSX2tiQEEqGMz7aJu6AY2JybMCT52qqeAGrAbLlY422AAHMXyEA%2FsW8sXYoSGzJ7Dz1ZFkHgCfSm4YCKEk5JCrOkA%2FHtQU7gTm4BccbCrsVg47bqJEni"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708e8ad712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/4880.789f870cd21de157.js | 104.21.30.254 | 200 OK | 5.8 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/4880.789f870cd21de157.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (5893), with no line terminators Hash795ca127502a3c39bade23b7c0d3e6fd 7fc5dd02d7fd8776de808a54a212966341e815bb 113f8ca1103bf07ce4b42ad8e9167efa0c6b80d60794ef03bcd6cb809da46b1c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4880.789f870cd21de157.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-16ab"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D387KuivHJV2ExwqZw3JjN9PiMEFdBYA9pbYGBgzi3ehQvF9SbTvrcy5ICFQOvTL2VYdkxz4pdQkR5LY9%2B8UAKGC%2FHrSeF0YQKerKgt%2F9wfb67S3WKwvY4Bbu39yhISC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170a4b27712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/webpack-ba5c26f7636b00f7.js | 104.21.30.254 | 200 OK | 8.6 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/webpack-ba5c26f7636b00f7.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (8998), with no line terminators Hash1cc238294ee4d449820c2ce65aee19e1 b07c4b7e014bbeecc7018046f871019a07a79cc7 fe2d5e4ccd7d16fd1113cc1ba093eea756deeb2ff6311914155528fc31e34817
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-ba5c26f7636b00f7.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-2170"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2FXOLL7f%2BwmWr9sIG4z%2Bu7CqgOIKnrzmGZ7AqAt9mreNaeDlZ%2F1mYSUpspFuD1SCa3owZbTgP5VzWKrWf8R2PW8bX94Iv1nay4LryK9i%2BXK2e8kXNFWGNFQDJA4rhWbk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708e8b4712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| my.rtmark.net/gid.js?userId=gvgyoldziwvsq8orbcc92ugwejqqnl8l | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=gvgyoldziwvsq8orbcc92ugwejqqnl8l IP139.45.195.8:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerLet's Encrypt Subjectrtmark.net Fingerprint59:49:A1:C9:C3:99:98:FC:2D:E7:4A:9E:86:83:A6:DE:2E:C3:8A:B6 ValidityFri, 30 Aug 2024 01:00:45 GMT - Thu, 28 Nov 2024 01:00:44 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash482c6e0ca5c51790b078f620d30f6a72 bafcbab8719fdcc12c4142b8c70a6381c34ac5f8 fdf03689b33cced624af4fbf0223edae940cc4961c2ae647eb0b87f4aa6b23fb
GET /gid.js?userId=gvgyoldziwvsq8orbcc92ugwejqqnl8l HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nadrigrir.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://nadrigrir.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=gvgyoldziwvsq8orbcc92ugwejqqnl8l; expires=Thu, 09 Oct 2025 02:55:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/O16NddbN4ifv-hUemlqj_/_ssgManifest.js | 104.21.30.254 | 200 OK | 134 B |
URL GET HTTP/2nadrigrir.com/_next/static/O16NddbN4ifv-hUemlqj_/_ssgManifest.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeASCII text, with no line terminators Hash8ffe0d99020b7535af6db34ba54a25cf c9e0b6379bdae795228998c3050d295d14e65669 1f5fd7652f124b236dc9ef40458fe6fbbd3b09ef521cd3e4f22602450525773c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/O16NddbN4ifv-hUemlqj_/_ssgManifest.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-86"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGPs1hrjDxrekBLAw12yfo2zH9rcO1b4li78ilpcPt%2B5Rsn4jxInhAcFulaF8XBsGRSD%2Fx9jKYdrna2sivUqWVTbRys51sq4gw6bEhMNqbTwVxur81kVi9QFF9ZDvuoC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708f8d5712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/media/icon-survey.0bfa8c9d.svg | 104.21.30.254 | 200 OK | 2.7 kB |
URL GET HTTP/3nadrigrir.com/_next/static/media/icon-survey.0bfa8c9d.svg IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeSVG Scalable Vector Graphics image Hasha000ba4d0e7570d810feafb22bc50bef af8fce44a683d3dfebe69cbe856e747739c9a666 9ae848c180201d8ae5c59ce118b0b7ef395a01295fb04d57e81cfe0566100679
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/icon-survey.0bfa8c9d.svg HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: image/svg+xml
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
vary: Accept-Encoding
etag: W/"670516f2-a72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2660
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8g7BT1DNZAFVbQK4Mwg2VKZF6b0Q9l5ocXRfwbLzmcIZIZ2Ki28cWrWeanyhRGoB0sz%2BkE0xfp3UYS4dPF9o3nDrfBePh7riCn87NoJ5ocvxMOWmbvO6oH99D7%2BWZQzM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c2fbe569f-OSL
content-encoding: br
|
|
| nadrigrir.com/track?dry=false&request_var=&oaid=gvgyoldziwvsq8orbcc92ugwejqqnl8l&os_version=&var=7339789&var_3=&var_4=&ymid=VA9jHCcGsixobdj8maZsUz&z=7339789&offer_id=14162 | 104.21.30.254 | 200 OK | 183 B |
URL GET HTTP/3nadrigrir.com/track?dry=false&request_var=&oaid=gvgyoldziwvsq8orbcc92ugwejqqnl8l&os_version=&var=7339789&var_3=&var_4=&ymid=VA9jHCcGsixobdj8maZsUz&z=7339789&offer_id=14162 IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash3689e059149c930f0df2a98218e5652d 86830fb09e7632f7a8e10c8afdb5c83027dd326a a49d89e22c2317ac6d6e62f39fdf6f4b7900a63c7b65f845e73b879cc680388a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=false&request_var=&oaid=gvgyoldziwvsq8orbcc92ugwejqqnl8l&os_version=&var=7339789&var_3=&var_4=&ymid=VA9jHCcGsixobdj8maZsUz&z=7339789&offer_id=14162 HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=gvgyoldziwvsq8orbcc92ugwejqqnl8l; syncedCookie=true; oaidts=1728442508
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: d42197446046f1aaeb3dd26f120f0277
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://nadrigrir.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1eZ%2FBGzZo9%2BSTjcDnDOB7RZAHzGOZOzg5qWwu4HkPsMbKcp1um3%2BkuiXYkjiGYoxq6iIENXvamK65blqXqTLAagS5RkELtok%2BWnmOo9Gw%2BGY%2FDeWQYPMvgrJvWbD0Xrp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170d9a94569f-OSL
|
|
| nadrigrir.com/_next/static/css/0bc0cde260d08b97.css | 104.21.30.254 | 200 OK | 1.8 kB |
URL GET HTTP/2nadrigrir.com/_next/static/css/0bc0cde260d08b97.css IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeASCII text, with very long lines (1841), with no line terminators Hashff1d3d5d24ca0172d59b02e7505ddaa1 41e83ee08e21f369886b0fdad0ba01d8b20897b6 939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"670516f2-733"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQ5COaF82PSAiqjkoqJEC7O1O5Stxc12g4FUwX5lI6TCj4xhjPZ5ISgKvbM0o9quLCZps8X9rhVaZBFfXBk9SU%2Bqj0cpj5Pft8FLIbl1xYDCxaIillNZaEBkStOmM%2Fhq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708d8a3712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/9801.df1a0704b381f036.js | 104.21.30.254 | 200 OK | 22 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/9801.df1a0704b381f036.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (21662), with no line terminators Hash748726130a1df425a0ffc70b426980bd 665d64ce81db17ac48554a2981114293b90d86d7 411199d0d3ccb037fe894a46ac8b1ecea5ed1d33c24e30e5a5a50070c9bb1cff
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9801.df1a0704b381f036.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-549e"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXwCRyI7nUinOFICIhLe4HtHQCg8cfeK7NIfnAf6K2KlGVDNg1%2FXhsPu66Au8xIQtvsOvY1265TOtqYzVBPABV4OnXSVdw7fpTdSg%2FVtTXKgcMNXaQW07TMKJXZxL329"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708e8b1712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| cdntechone.com/stattag.js | 188.114.96.1 | 200 OK | 16 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP188.114.96.1:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectcdntechone.com Fingerprint9D:11:8F:D6:A1:C0:F3:FA:BA:81:EE:FA:9C:54:AF:9E:A5:7E:F2:61 ValiditySun, 18 Aug 2024 05:54:26 GMT - Sat, 16 Nov 2024 05:54:25 GMT
File typeJavaScript source, ASCII text, with very long lines (15840) Hash80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ba0jiQZikN1Ze2YqdhBu6iwi%2BqTWCkhEjzDEV%2FlgoeAXFTyjK5ihUq%2BzoSczd0aaBYwv%2FaT%2FnblJv6na%2FmJMkp8P8g3wtHutws1lvt2khXdOV35prq%2Flg2mMiixs4n5AFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cfb170b3c3556b9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/pages/_app-99c37a6eccbc88fb.js | 104.21.30.254 | 200 OK | 55 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/pages/_app-99c37a6eccbc88fb.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (55173), with no line terminators Hash1ccd6c0ed98343d140893babc28b2b0e 69fd9728cf12e35b401d375d0c76717149ee195e e1c3b8336f66bcb5553a0c417c0696974c33389acce5d91d5221294e8264b7d7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-99c37a6eccbc88fb.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-d785"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKjMYNapCOERnuLWp6Of4DV2Up6ozOeZoX%2FSnfBz6qLzaTfHbn4fNPw10%2Bu6v8D8RmvxFYH92dQsenesGp3K4aJ4Yy6hIOJcs4dXFHQzkxplSxnhUSUF5b6L9UKZn%2BZD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708e8b9712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/86.b4cb0eaab191b83a.js | 104.21.30.254 | 200 OK | 3.2 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/86.b4cb0eaab191b83a.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (3297), with no line terminators Hash8f8c9e9f04457a84d5174a39658770b8 3095f57c5718318f4c621899a1a780ce1db0fb73 6ed92693b2e0caa67e7efe51e648d978e50f9d500eb92e06e83e637ccb1a37ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/86.b4cb0eaab191b83a.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-c95"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EFp8tEcPXea1ICwNV4zG%2BTo7Jtgv8Rd%2B7sCdMd7TQ0yNEN8rsJ4lD2HX4b7WzXIQWpii4sxvhEdIhdFcm4R3cX5vJT%2FcAxqZpRdcBbkafHiblGUS2hfUPOEfXGbpzQJh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170a4b29712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/media/person-4.3034c298.webp | 104.21.30.254 | 200 OK | 1.8 kB |
URL GET HTTP/3nadrigrir.com/_next/static/media/person-4.3034c298.webp IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash5dc160f6b521dc8f6c670b140b354fed 22e15cda82b532067b99932ec28f86ea2cc1ecbc 09c6c6de57458ec0c4e7a3d2375e0c7b9c037de9366b63e3685cc0ca94d838b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/media/person-4.3034c298.webp HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: image/webp
content-length: 1798
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
vary: Accept-Encoding
etag: "670516f2-706"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2660
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zfU6rGB28kXRHqyzET%2FWQ6gA%2FSGfZkrY0KD%2F5Sw9pD0CrPQyas%2FQpWgTvdyaoOXggLVA61DYWRBPhrHuBt4NyC6ekhl2F70k%2BLi7pFOA8lFQOnbgHpb7nkLFDYhqrjG0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170c2fb7569f-OSL
|
|
| nadrigrir.com/sw-check-permissions/universal.js?var=7339789&ab2_ttl=5184000&zoneId=6679100 | 104.21.30.254 | 200 OK | 1.4 kB |
URL GET HTTP/3nadrigrir.com/sw-check-permissions/universal.js?var=7339789&ab2_ttl=5184000&zoneId=6679100 IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeASCII text, with very long lines (1515), with no line terminators Hash422ad993943fb23429b7684bf9f27db3 90226fc9e56b9ec8c02d42e4caf820aa7bba5945 770d4d3ce80bafb24f2aee344031670ff0031b4ab24bde75b79384cbef0230fb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw-check-permissions/universal.js?var=7339789&ab2_ttl=5184000&zoneId=6679100 HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/javascript
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
vary: Accept-Encoding
etag: W/"670516f2-599"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L214OGq%2B6w1RyzK0ti9bz0Q3FSbb62961O0C%2FigtvB9fXjOmE7P90i1HlipoEfUX0BkjZI2LE4sZEjd%2FDQp7%2B1hc8U7vsYVIH2gHHXeMXUWmX9LgUnH5Ezyw618nb6tE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170d0988569f-OSL
content-encoding: br
|
|
| cdntechone.com/stattag.js | 188.114.96.1 | 200 OK | 16 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP188.114.96.1:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectcdntechone.com Fingerprint9D:11:8F:D6:A1:C0:F3:FA:BA:81:EE:FA:9C:54:AF:9E:A5:7E:F2:61 ValiditySun, 18 Aug 2024 05:54:26 GMT - Sat, 16 Nov 2024 05:54:25 GMT
File typeJavaScript source, ASCII text, with very long lines (15840) Hash80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:08 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2890
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dK51VVJ2Z%2BGgUB7hDGPuhb1LtqNuXOqDwzlNr3LM%2F2YepfEOUGQ1eOoKssW7044WCpYkPwOdatv7gBsUpIXPGwHWNb4BMJAcG%2Bed9IaTevyhzsJv9o0DkxLN7gnjhXxUMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8cfb170da80256b9-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/6634.24d9cbfbad84fcdd.js | 104.21.30.254 | 200 OK | 9.3 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/6634.24d9cbfbad84fcdd.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (9444), with no line terminators Hash2ecd2ec88c79a221a09ec2b489dbe4e1 565055ffed8462df1c4afd080377c493bfd3f90b cb3c817b7a2ff0aa8063add83468ec39e3fa4fe996f87ff9e622eaeae0fce5d6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6634.24d9cbfbad84fcdd.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-2423"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ICPDdSvssMMiMM9tsP8dG8F5eO7w7N2iMaWZcv479iOcgtF4HGrpc7VNTScfPsSbFXxQ1rch6JzE9N9bQyxAEsM%2FOApwghibAupIOOIhWZ4V5LHKgXm5LSp1K9Vtsq04"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708d8a8712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/O16NddbN4ifv-hUemlqj_/_buildManifest.js | 104.21.30.254 | 200 OK | 1.3 kB |
URL GET HTTP/2nadrigrir.com/_next/static/O16NddbN4ifv-hUemlqj_/_buildManifest.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeASCII text, with very long lines (1394), with no line terminators Hash6475f08b2ba01c6651f91dbafea137e0 ea3f8550bac3bfc3efb0b48f730a2747680f4151 054a1c59772a3555a0a04437e30d06583750301336190547375ebd29d197a8c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/O16NddbN4ifv-hUemlqj_/_buildManifest.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-524"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BEdQ1iuykeePfOEH7D9np%2BRNKtyh%2BdQQBus08QifGyc4A%2F1dv8L1aInrfsDZjQrnv0J2EsLTI1CBPXLg8AwyGK9FMM6JasQC6WQSM3lNIgav0vi9bIVgacgPZsFlqCI%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708f8cd712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/4683.098c066925fd7aaa.js | 104.21.30.254 | 200 OK | 6.2 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/4683.098c066925fd7aaa.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (6278), with no line terminators Hash405f16c8ae3dc62e0dc4ba80968ab99f fd87eb23153c878d42bafd43dfb4e7afc9879702 fa6cde1b81f2a8fb3fa39a4eed60b76df3ffb7971ae043731c39588c5b86b173
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4683.098c066925fd7aaa.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-1814"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gs0jTXj6XrBV%2BSBtX1uVAUI88JT2apYamnea1lZctszCnoDkaisOJ2zVURNMISvdLKzNcCUoiy8RjIKij3D%2B41qM2pKqvaJhE7wwtA%2FICuEdUVAoboOqSYOwG%2FL7pcUT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb170a4b28712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| nadrigrir.com/_next/static/chunks/6825.7474e3129a003d69.js | 104.21.30.254 | 200 OK | 17 kB |
URL GET HTTP/2nadrigrir.com/_next/static/chunks/6825.7474e3129a003d69.js IP104.21.30.254:443
Requested byhttps://nadrigrir.com/finance-survey.html?z=7339789&offer_id=14162&var=&ymid=VA9jHCcGsixobdj8maZsUz&ymid=VA9jHCcGsixobdj8maZsUz CertificateIssuerGoogle Trust Services Subjectnadrigrir.com Fingerprint06:9E:C6:BC:A9:66:C4:87:FB:E7:81:E4:2E:BE:AD:69:A4:96:56:C0 ValidityMon, 02 Sep 2024 15:05:41 GMT - Sun, 01 Dec 2024 15:05:40 GMT
File typeJavaScript source, ASCII text, with very long lines (16846), with no line terminators Hashcf93b44816f05ccfdda22b497df158c1 e687a983b354871a6b8dcef6be2aa3852bbbce54 547f3765a0f4ce283af15acc7a7ccd4558ab4b5b2b07d8d4a985e1df64365919
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6825.7474e3129a003d69.js HTTP/1.1
Host: nadrigrir.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 09 Oct 2024 02:55:07 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"670516f2-41ce"
last-modified: Tue, 08 Oct 2024 11:26:42 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2659
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mBl%2Ff35%2BJgr4BISascHDrKlrQV85%2FthYX2H18a2KcdbSGCRb5M2AlmriY6VgB3xdpO6tS4pk1CQs6ZCV4U8oYTSl%2F9daYakO8sydzMwzIOhz0JVAGwD8q4%2FewhzKpTWd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8cfb1708e8b2712e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|