Report - uglootudsurvey.space/finance-survey.html

Report Overview

Submitted URL
uglootudsurvey.space/finance-survey.html
IP
104.21.14.156
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-09 21:55:47
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
74

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
my.rtmark.net	9054	2014-10-29	2015-02-04	2023-06-09	917 B	1.5 kB	139.45.195.8
uglootudsurvey.space	unknown	2023-05-12	2023-05-12	2023-06-07	16 kB	542 kB	104.21.14.156
dortmark.net	unknown	2023-04-06	2023-04-11	2023-06-09	1.9 kB	2.8 kB	139.45.197.248
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-06-09	452 B	167 kB	142.250.74.35
datatechonert.com	46154	2021-12-24	2021-12-24	2023-06-09	504 B	488 B	139.45.195.253
cdntechone.com	64371	2021-12-24	2021-12-24	2023-06-09	368 B	19 kB	188.114.96.1
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-09	999 B	2.1 kB	142.250.74.131
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-09	330 B	963 B	104.18.15.101
www.google.com	7	1997-09-15	2015-05-10	2023-06-06	396 B	1.4 kB	142.250.74.132

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space
2023-06-09	medium	uglootudsurvey.space

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	uglootudsurvey.space/js/v-react-dom.production.min.js.36d6f8aa.js	129 kB	2023-06-08	2023-06-20
Pretty URL uglootudsurvey.space/js/v-react-dom.production.min.js.36d6f8aa.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 15:05:56 Last Seen2023-06-20 23:37:46 Times Seen422 Hash 12a14e476144ad086e6c92f93a608771 bd935ddfd265040111dcec95a1df78c25a1b1440 3b3f96d223e89d327bda4caad2e3f83389b111fcfaaad537a6210e25222af74d Loading...

	www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__en.js	416 kB	2023-06-09	2024-02-22
Pretty URL www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 01:24:22 Last Seen2024-02-22 10:50:21 Times Seen9525 Hash 43735f6c22399555891e8abf82e7410b c877dbb7a2ab1492a796fd6339c035c5e823d0e5 07cf56e972b5898434ac9845ae9edf4cc697ef991f4be4e2232b926bc4d7ed98 Loading...

	uglootudsurvey.space/js/_global-config-sd.002b34e9.js	1.4 kB	2023-06-08	2023-06-20
Pretty URL uglootudsurvey.space/js/_global-config-sd.002b34e9.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-08 15:05:56 Last Seen2023-06-20 23:37:46 Times Seen322 Hash 05f0ff09ec7907a7124658cf1960dd45 46384e6ea7435f1f3c3e3971c3fe2d434e1fca28 c929612b21d069416384d2f8eb1246d30620bdb97816d934d5459a7b500dde56 Loading...

	uglootudsurvey.space/js/v-index.js.5a4fe8d3.js	40 kB	2023-06-09	2023-06-15
Pretty URL uglootudsurvey.space/js/v-index.js.5a4fe8d3.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 12:26:31 Last Seen2023-06-15 14:13:17 Times Seen229 Hash 5e1fb58e3e5e39df751767413e29df19 9c7eb4025d83b6f335552487f3362c8b4b39d9a9 5d0fe290d0def0cbe0255e9be7fa45c03d7bcd0c2088f29da47eb467a6c57203 Loading...

	uglootudsurvey.space/js/_each-land-config.dd500a50.js	72 kB	2023-06-09	2023-06-13
Pretty URL uglootudsurvey.space/js/_each-land-config.dd500a50.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 16:31:42 Last Seen2023-06-13 08:55:06 Times Seen129 Hash c98ee3b6c7bb751bed35f8b6ee04faa5 72010e94e1afe1d2a0ac1208dc22826acc6a3bf7 88cb1bc8f930978d9ddd833e6499f81c7652d6f6961706948c6a706ab78b10f5 Loading...

	cdntechone.com/stattag.js	18 kB	2023-05-22	2023-09-07
Pretty URL cdntechone.com/stattag.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 16:28:01 Last Seen2023-09-07 08:45:40 Times Seen4488 Hash 0fdff67feab23cc69ecfb6800fc54cb7 eb84c650e6d27e290795207b1f37dd7b67f2aa06 456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378 Loading...

	uglootudsurvey.space/js/_core-survey.77d4e932.js	218 kB	2023-06-09	2023-06-13
Pretty URL uglootudsurvey.space/js/_core-survey.77d4e932.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 17:45:42 Last Seen2023-06-13 08:55:06 Times Seen98 Hash 409558f16fef759beb18287cdcf9661b 800d365ae8a3cca134d6b4d0f2212874d01802ac 48a2b2a92b1d05f649b3894b8e62d1b79f856e9bc753eb623acf730d931d7129 Loading...

	uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2	1.4 kB	2023-06-07	2023-06-15
Pretty URL uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2 IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-07 16:32:48 Last Seen2023-06-15 14:13:17 Times Seen144 Hash 9e36a2cbcbd28b82ae7306e2f33fd419 f5b19fd6e33c8e4353b503536764bfbefa27f808 31fe2dd1f41526b0656f853c1dfc7726c7ac690d2b26936017dd2fb775d23262 Loading...

	www.google.com/recaptcha/api.js?render=explicit&hl=en	852 B	2023-06-09	2023-06-16
Pretty URL www.google.com/recaptcha/api.js?render=explicit&hl=en IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 06:09:18 Last Seen2023-06-16 07:34:47 Times Seen349 Hash 36a5ebb2703c648a8c8e8498ffc050bc dfff65a1fbaf687d2c279dc43882625190a2b155 fc626724d7a9b21841585f0d8957194d747a5bc4d9098e9e8704c3e3c919b002 Loading...

	uglootudsurvey.space/js/_rtc.ac975031.js	11 kB	2023-05-31	2023-06-20
Pretty URL uglootudsurvey.space/js/_rtc.ac975031.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-31 10:08:00 Last Seen2023-06-20 23:37:46 Times Seen451 Hash 947357b088fadcacce60a443b015f9be a1f1339ff23a581cc7ef37cf502cf71453aa3d2d 24ed11341d8fa8d4679665e6268020dd115667d8c27ccbe6eb54c015b6dadcd2 Loading...

	uglootudsurvey.space/js/v-immer.esm.mjs.cb4e4807.js	10 kB	2023-06-09	2023-06-28
Pretty URL uglootudsurvey.space/js/v-immer.esm.mjs.cb4e4807.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 12:26:31 Last Seen2023-06-28 14:09:14 Times Seen585 Hash a35cfb8514c1353e1e9d1eae47e09e82 2b0e6f58956649df6006870d448dae48dfeac579 80179fc9be755b90e97e2de0f19912d8aadd3236a26a862b6f44cfe697a95fb1 Loading...

	uglootudsurvey.space/js/s-storageService.js.2dc48dda.js	2.6 kB	2023-04-19	2023-06-20
Pretty URL uglootudsurvey.space/js/s-storageService.js.2dc48dda.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-19 14:33:19 Last Seen2023-06-20 08:31:53 Times Seen579 Hash 2e9de7b6778ce3f6199aebfb661f9523 891c3fed1af8c7713e55934831bacd3a3b595e3f 1fa9bb8f2331f7b0dadd0d87aa97c1077cb70f5b2149816f931a5dddc65a8ab8 Loading...

	uglootudsurvey.space/js/_is-browser-supported.d5013709.js	1.0 kB	2023-06-06	2023-06-19
Pretty URL uglootudsurvey.space/js/_is-browser-supported.d5013709.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-06 14:49:15 Last Seen2023-06-19 14:11:54 Times Seen510 Hash 15cb65abda0a7cc8f3df185931ad959c 895edee22ca4674863979bb0a76a024c29e68776 a8edede8f1e893e0fb76880f5e48b4233b17d49c14320050a592f1ac885bcd0b Loading...

	uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2	805 B	2023-06-09	2023-06-13
Pretty URL uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2 IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-09 17:45:42 Last Seen2023-06-13 08:55:06 Times Seen61 Hash 08423b6b750a081fd1a2c31ce117b871 32e6d1940e5fded4bf1406195b3563d594d21953 2052ee734033190315a9b555a35be5dabb1198e18ac4f8270889a3fd4d205e7b Loading...

	uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2	41 B	2023-03-07	2024-04-18
Pretty URL uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2 IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:03 Last Seen2024-04-18 15:45:55 Times Seen7134 Hash 2ec370ca0eaf3069dce13df24243d863 64c1919bbb18a6d851d1b7772f830320b8ab5cc1 6a31a3a39783d09cc53dd9e9baeb4a4fa49be602eef90f6bbb9f78af02688064 Loading...

	uglootudsurvey.space/js/survey.a8a53bd1.js	5.7 kB	2023-06-09	2023-06-15
Pretty URL uglootudsurvey.space/js/survey.a8a53bd1.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 12:26:31 Last Seen2023-06-15 14:13:17 Times Seen125 Hash c7497cd1c2907d7ba8d42ab2aa709b5e 3e6fa4aa4affd6e22d7abedb724a3ae2906efbf1 ad9ef9d9c3d6079723f51d4879c544283a940fe543ec594c9f9730f068e78d31 Loading...

	uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2	250 B	2023-04-11	2024-04-18
Pretty URL uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2 IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-11 14:49:40 Last Seen2024-04-18 19:01:00 Times Seen11154 Hash 9d9b48d49f88bc3e71b52a408295effa ca122790003cf5d50f71165ed81d120d8a91199e e7427cfeefd59822deeb50274e744da9ce4173ab34ba825aff2d79f1dbc7be76 Loading...

	uglootudsurvey.space/js/config/data/sd-1203056.js?v=10	8.0 kB	2023-06-05	2023-12-26
Pretty URL uglootudsurvey.space/js/config/data/sd-1203056.js?v=10 IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 17:02:31 Last Seen2023-12-26 03:08:30 Times Seen1853 Hash 2d3ed63cc5c82fe54bf23ebef5fcb13f bdd62d68c03e977a537513e2facf815f1be2bcc7 38d049bba653bd283e2efcf4615e3c7596c927e3a8e3555f0c6f139d4cf3b465 Loading...

	uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js	11 kB	2023-06-09	2023-06-20
Pretty URL uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 12:26:31 Last Seen2023-06-20 23:37:46 Times Seen411 Hash c55580f803b0e57b59579d1ee3800602 9d3dbb94e683d9a67584aa9b8c8c1791aba031cd fe70be35a5b43f970e31131c50d95c5f13a14dd38435844a2d051ca6460f9f45 Loading...

	uglootudsurvey.space/js/v-index.mjs.ee4bcd4e.js	35 kB	2023-06-09	2023-06-15
Pretty URL uglootudsurvey.space/js/v-index.mjs.ee4bcd4e.js IP 104.21.14.156 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-09 12:26:31 Last Seen2023-06-15 14:13:17 Times Seen224 Hash 581c20a8830d62654a35258d921ffaa9 a76b36628b3100e38df0da68b1a51f6552313027 90702e4fb3693a40b11178a9f7d6d09c718f0e028a45e5d36eb5bb191ef67dd7 Loading...

		Size	First Seen	Last Seen
	#1 Write - 5531a5834816222280f20d1ef9e95f69	4 B	2023-03-12	2024-01-28
Pretty Observations First Seen2023-03-12 12:17:15 Last Seen2024-01-28 13:22:54 Times Seen21116 Hash 5531a5834816222280f20d1ef9e95f69 445cd2fd3273962bdf09425109a2d09f7170e837 d398b29d3dbbb9bf201d4c7e1c19ff9d43c15fd45a0cec46fbe9885ec3f6e97f Loading...

HTTP Transactions (51)

URL IP Response Size

my.rtmark.net/gid.js?userId=eb23aec82149492008eb9d4fa8343651

139.45.195.8

65 B

URL
my.rtmark.net/gid.js?userId=eb23aec82149492008eb9d4fa8343651
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
74e57fb3c1831ffbc3ec78d78b7e28bf
49a0116e04ea06c8dc4887be1b62054f9c7b1ec2
427ca4a7755cea7f75040869fdb35676b47655e5084119f6efb2f0d404c8d63f

HTTP Headers

GET /gid.js?userId=eb23aec82149492008eb9d4fa8343651 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eb23aec82149492008eb9d4fa8343651; expires=Sat, 08 Jun 2024 21:55:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

uglootudsurvey.space/js/_each-land-config.dd500a50.js

104.21.14.156

200 OK

20 kB

URL GET HTTP/3
uglootudsurvey.space/js/_each-land-config.dd500a50.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (19808 bytes)
Hash
c98ee3b6c7bb751bed35f8b6ee04faa5
72010e94e1afe1d2a0ac1208dc22826acc6a3bf7
88cb1bc8f930978d9ddd833e6499f81c7652d6f6961706948c6a706ab78b10f5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/_each-land-config.dd500a50.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-11a2e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mrdsgXrjpwAYoMBtv0mzAlTrZyVJU5uUag2g6xIdU3%2B1RzGoPwNWgLoUmInC1b6Wd6zrGpyK8UWRxDAsJ4JFoCGSOcuHCobhARp0ASGakrulFnAtbkgnwXFl52gn0HSL%2B4XxwfK3NQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7c7c780b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/_each-land-config.dd500a50.js

104.21.14.156

200 OK

20 kB

URL GET HTTP/3
uglootudsurvey.space/js/_each-land-config.dd500a50.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (19717 bytes)
Hash
c98ee3b6c7bb751bed35f8b6ee04faa5
72010e94e1afe1d2a0ac1208dc22826acc6a3bf7
88cb1bc8f930978d9ddd833e6499f81c7652d6f6961706948c6a706ab78b10f5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/_each-land-config.dd500a50.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-11a2e"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KPfCYD7rOE%2FLrTerZ2x9x3nFE5hbujUl8qjoKcEKq1ajk9tilSasPDSARhqgvfywX9deA3H5NGbJM7GFdHawDyPSBbKE6xyTv4E4vh3PqDjXthIU7YKijaUrQkScBdKwSrnRJlJ8ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaee30b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js

104.21.14.156

200 OK

10 kB

URL GET HTTP/3
uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (11317), with no line terminators
Size
10 kB (10101 bytes)
Hash
c55580f803b0e57b59579d1ee3800602
9d3dbb94e683d9a67584aa9b8c8c1791aba031cd
fe70be35a5b43f970e31131c50d95c5f13a14dd38435844a2d051ca6460f9f45

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/v-redux-toolkit.esm.js.03efe34c.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-2c35"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2BRWRlx%2BgA%2Fm9%2BuN67hft3LrUr2scnXxBzC1cfO5TCpQuJ3aK%2FSnYwS2hF9rkpFBtgCDfGlgbxEfDrbavE3HODqa9Q8IvGZBj9MZVzawa%2FSYBHU%2FHugFW%2B7HXAWzC6hgnL1mhD%2BcYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7c7c740b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/s-storageService.js.2dc48dda.js

104.21.14.156

200 OK

3.6 kB

URL GET HTTP/3
uglootudsurvey.space/js/s-storageService.js.2dc48dda.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (2572), with no line terminators
Size
3.6 kB (3605 bytes)
Hash
2e9de7b6778ce3f6199aebfb661f9523
891c3fed1af8c7713e55934831bacd3a3b595e3f
1fa9bb8f2331f7b0dadd0d87aa97c1077cb70f5b2149816f931a5dddc65a8ab8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/s-storageService.js.2dc48dda.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-a0c"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfFfgIMUv0Iv8FbdWidFg2FccCmdfXylgNfVvifnB7t05mLqhpgo0gP%2BQVyrZeRKdAmXbIJDABv2B6U1WmZSVoNtQxl0Jzl36%2FqNoBcA2N2S3toAFe65yk7lTZF6Fu1DSbf%2B6%2F0a9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed40b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-6.jpg

104.21.14.156

200 OK

4.4 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-6.jpg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
4.4 kB (4392 bytes)
Hash
be9ff88491a5bc0745579a3813eb2cbe
870f88a7fae9fdd928af33f47c5ffdddc6a4082b
698d413ddf6b2ec37acf0e982237d239bd912cb097e243cb355855ac2b8548d3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-6.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 4392
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
etag: "64834723-1128"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdJvdfS%2FywzsLHrhftj0TTSnfIXFxoA7m77uCMLzYC0XkyDGRzPG4pET1CV5HLMfH94nNBJIB5yGSLCPUJ%2BC5PZbV1qnp1d4bqTaeJLtthYnvIHshEQhH00hMzrI7SMcnkF%2FURUdzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9460b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/_core-survey.77d4e932.js

104.21.14.156

200 OK

63 kB

URL GET HTTP/3
uglootudsurvey.space/js/_core-survey.77d4e932.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
63 kB (63023 bytes)
Hash
409558f16fef759beb18287cdcf9661b
800d365ae8a3cca134d6b4d0f2212874d01802ac
48a2b2a92b1d05f649b3894b8e62d1b79f856e9bc753eb623acf730d931d7129

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/_core-survey.77d4e932.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-35344"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A2Fz9WDTG18S377pg0QYxbPzb1oOrDwrgxbAbcLmD24ifo41zEf%2Fv%2FwADoNSMfr2LBMJpdNBBRhesl5LVFT02pp%2BFyCJ9FywJuPGyRfDfrg8TZZq460rF7%2FEv9PCUFICT8kS0M9tA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7ebee90b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/css/_core-survey.26c0898c.css

104.21.14.156

200 OK

7.5 kB

URL GET HTTP/3
uglootudsurvey.space/css/_core-survey.26c0898c.css
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (3187), with no line terminators
Size
7.5 kB (7507 bytes)
Hash
2e6143d07cb0a0273cd0fded0cd7b430
4853285adf3a468cc8a42b1c6f17d8353cfef896
f2690b871425a66071365ba5be475a5089e8074dbdab7df95a71bbee62e2f5fb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/_core-survey.26c0898c.css HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=3194
etag: W/"64834724-c7a"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tF%2B4%2FQ8dYr2aR8v0XATMXeBn0HFtR67wrYJdyDL1gXt3LUe92Vf5H0qjODzdw8u3r3fPb4N8OFx3ZbDW8VHAfb0%2F64Kzyk%2BgNBbpesqh5EvJbxVbVxH6GCtY3UbJtZDCXAZWeN1Z%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7ebef50b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js

104.21.14.156

200 OK

5.6 kB

URL GET HTTP/3
uglootudsurvey.space/js/v-redux-toolkit.esm.js.03efe34c.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (11317), with no line terminators
Size
5.6 kB (5623 bytes)
Hash
c55580f803b0e57b59579d1ee3800602
9d3dbb94e683d9a67584aa9b8c8c1791aba031cd
fe70be35a5b43f970e31131c50d95c5f13a14dd38435844a2d051ca6460f9f45

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/v-redux-toolkit.esm.js.03efe34c.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-2c35"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XV5hpR%2BnopHTpDphAPXpRdcIZZz14I8Jb4igfKo5o61yd26%2BXH08oWjNgRUXrFfKVKDUtD4qCl6Oemy9FdcYQ3TYBbC7vOI1x5nirLye%2B6UxP1Y9zOngxWCsEEQPl8316uhizHAR1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaedd0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-2.png

104.21.14.156

200 OK

6.4 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-2.png
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
6.4 kB (6428 bytes)
Hash
3e6eaea87b2891590972dd11373b09a3
f038c6e6306ca708defa2b601bf9477f0cf78a3d
15aadd2e7f4f83e79f35e760da382fb8b5045d2cf506f531bdc15b7b27f699a5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-2.png HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/png
content-length: 6428
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-191c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMXGfcxnUuGtnhex%2F6dGS8rMiKI0PbB3gZ6p1FGNgRCJof0qJMeNrOWTZEKmQJr27FSDYv7pY7ERSdvjvGIN5YCs9i9t0gEpVunGbC%2FXN3JiaNLxfiuZ%2BygrHKzY2ptj1JDTCSqfYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9380b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-9.jpg

104.21.14.156

200 OK

5.2 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-9.jpg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
5.2 kB (5190 bytes)
Hash
529370f9fd3b0f4da6c81ca91a931155
1a4c3e0e7af1ce30dc2ca18d48b5fc3f1b40aad3
cdf1b8dcdce4e9b76157ce90e086ebafb100063eaeb091e97087d97f5d0fb50b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-9.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 5190
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1446"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSK7aX6nbq9CbFETtIbB7GvAm3XWWhoX0VaFwkMlM34PJeWQ6uks%2BcwW9k1wdANeFfYrMBacgwM77pqRVzqFkDzfJ4mfDgtGC%2FAX7CklC%2FWBSsXADPUX2fmCG%2Bon2AwzRQ8ec%2B8AVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e96a0b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/finance-survey.html

104.21.14.156

6.4 kB

URL
uglootudsurvey.space/finance-survey.html
IP
104.21.14.156:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5197), with no line terminators
Size
6.4 kB (6423 bytes)
Hash
4572d942443569f667ec9d6023cd7146
43dcdc853af7e1dffa5db91f93f8b7fb3681cb31
fd24d5a9f8b8a70dfec0d1872ab77c86e1aeb6ce31965af7ba82eac0a8a86648

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /finance-survey.html HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: text/html
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BFivFGbWW%2FTo9aoheUbyGKM%2BaFoJLD6I15IG79t%2BKJWqSbMPXypgZlZOR%2Bqo0j%2BixYHB18d6zORkCBaoNfLKNqfkfUbOw9KhLibvYEttPdSLVNXCmuRwrRb0WRH%2FdwqiZC6bgp0lOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e79e89d0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

uglootudsurvey.space/js/v-index.js.5a4fe8d3.js

104.21.14.156

200 OK

21 kB

URL GET HTTP/3
uglootudsurvey.space/js/v-index.js.5a4fe8d3.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (40320), with no line terminators
Size
21 kB (20924 bytes)
Hash
5e1fb58e3e5e39df751767413e29df19
9c7eb4025d83b6f335552487f3362c8b4b39d9a9
5d0fe290d0def0cbe0255e9be7fa45c03d7bcd0c2088f29da47eb467a6c57203

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/v-index.js.5a4fe8d3.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-9d80"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMciwcmTqoVE4NbiVqCvbuVts4DZhWd3nBKo2TIxjDcqjeStvYPQeKGzYjICl4PK%2F48U9unvhhQ6VZfjVrpCbHiiBEgrKrmzURMxJ%2Bd2ttCsvNQmpmQnrk%2FM%2BNRejdZ%2FUw7URx%2B1nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed70b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-8.jpg

104.21.14.156

200 OK

5.7 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-8.jpg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data
Size
5.7 kB (5748 bytes)
Hash
6b10e71656e51e27520e854712b44f1c
f78b92dded977e9f275aba726453138155420bcf
64588485da7d470991fdba6c20a6d05c7ad39f92cca72769a95cbe3d873e8edc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-8.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 5748
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1674"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQunmlYJd9GFQrNRElGOWJ8frFXzBzd0eyzX5Mm9nvGEgDuzlrDptsyROtgbr7eot5z%2Bwyka%2ByvJY8DKx%2BkhzSIuscBCHZ8tcOvlyfPF7%2FcKtTcswW%2BqjeM035K064YY%2Fi%2FMo1Unzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9440b06-OSL
alt-svc: h3=":443"; ma=86400

dortmark.net/sync-do

139.45.197.248

200 OK

0 B

URL OPTIONS HTTP/2
dortmark.net/sync-do
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectdortmark.net
Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52
ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync-do HTTP/1.1
Host: dortmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:30 GMT
content-length: 0
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6c61fb42405abc811f67aabeace702b2
0d41286eb5a6f7f82734de50e0fdbc7e752e3d8e
bd7a264bf9a25dd4e67665c894ea85fd985546fb75f9e69da4bbfb5ba2fabab5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:55:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

uglootudsurvey.space/js/survey.a8a53bd1.js

104.21.14.156

200 OK

6.3 kB

URL GET HTTP/3
uglootudsurvey.space/js/survey.a8a53bd1.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (5733), with no line terminators
Size
6.3 kB (6329 bytes)
Hash
c7497cd1c2907d7ba8d42ab2aa709b5e
3e6fa4aa4affd6e22d7abedb724a3ae2906efbf1
ad9ef9d9c3d6079723f51d4879c544283a940fe543ec594c9f9730f068e78d31

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/survey.a8a53bd1.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-1665"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3wo%2F6VkbnHYiVr9dsQTCOgsrrI9azARNqPA1vSenm%2BvDSmt7%2FAd8Y6KbfuiyM7tXUjXp9jNZs11K%2B7Lp63u4sTbSSKtPj5ye05zTO%2Fv%2FDUqFfXD%2FapmqMbDADzwyolQIy%2FUDH8wWoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7ebef60b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-10.jpg

104.21.14.156

200 OK

6.2 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-10.jpg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, software=Google], baseline, precision 8, 100x100, components 3\012- data
Size
6.2 kB (6178 bytes)
Hash
044ab37551bfe632f53b8f15d991f36e
77fdc6210608e5e36e1d36ac7fd867104cb20d9e
36adcb32026c016feaff678063911fcc9e7985e9f0c56bb1daa776f98964ef91

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-10.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 6178
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1822"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2B3WS%2BPGWNre1ajtsI62Av5%2Bj8%2BRyH66LcABPJ57t3q992gDwWCBb9NzS%2BfZQQN95ef%2FGPrU0GqnX6%2BWC%2FE3htujTtnLA1xyKgDm00nVLbhUdwuz3FsePCcGom1M3I9ZEhzIELLmpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e96e0b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-13.jpg

104.21.14.156

200 OK

3.2 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-13.jpg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
3.2 kB (3172 bytes)
Hash
a3364ed9e772ae6f696b814072001bf8
b8f34c657c31bf1e4d42b5d864b2519493d80e92
88f30b8552d0ab928d895390b337a0049405f3b1e8446631e606ba787e1205e1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-13.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 3172
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-c64"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TToiUZMx%2BlCF957C73wKNQ3AEwlPm%2FIXQ4sGusP1Z1i5rivbcTF5mxpv%2BoHu7%2BcbusT98q%2BEvsacbXwDBsOnin9ggpymqxlnOhnzwCWU78eDGMVM9WLgcMf3ImmqHJyaQoi94k%2FvhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e9750b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-12.jpeg

104.21.14.156

200 OK

3.5 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-12.jpeg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
3.5 kB (3519 bytes)
Hash
c937339f4ba54ff7dc150b9865c29084
44206828ca23cbed303193bde1dfe47bdc532972
8e872daac17de58d352c9f4082e6e35af76a8b2138c142a8cf0fbacea195c73e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-12.jpeg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 3519
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-dbf"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lu02ypRCcKrYFEypbdNCJRzjeFmq1UlUcfb72fFYWxTHL%2BMmZpQic9uzx%2FY7POTAm5%2F6Mqo9SHpnJ%2F%2BoeXVChMkq%2B3tuUrA9NtUtdjU6BcheA6ZJwGfXctT0mlsnH1h2N7Sfnoo39g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e9770b06-OSL
alt-svc: h3=":443"; ma=86400

dortmark.net/sync-metrics

139.45.197.248

200 OK

0 B

URL OPTIONS HTTP/2
dortmark.net/sync-metrics
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectdortmark.net
Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52
ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync-metrics HTTP/1.1
Host: dortmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:30 GMT
content-length: 0
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

dortmark.net/sync-do

139.45.197.248

200 OK

179 B

URL OPTIONS HTTP/2
dortmark.net/sync-do
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectdortmark.net
Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52
ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
179 B (179 bytes)
Hash
081142aa1c9267422ee7fd25ac457579
cf8a223610da412aab4cc9aec68f6f304258b3ce
58084d495376ed2e41f026c352cabb187129c58109f2b15caeb1a539deb2cd19

HTTP Headers

POST /sync-do HTTP/1.1
Host: dortmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 163
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: c6e85f0dbc53e938a8ce35ecbe5f0601
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

dortmark.net/sync-metrics

139.45.197.248

200 OK

17 B

URL OPTIONS HTTP/2
dortmark.net/sync-metrics
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectdortmark.net
Fingerprint2D:58:01:B8:69:29:6C:35:45:78:06:E6:15:E1:E3:B9:8B:47:F6:52
ValidityTue, 11 Apr 2023 11:46:30 GMT - Mon, 10 Jul 2023 11:46:29 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
17 B (17 bytes)
Hash
5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

HTTP Headers

POST /sync-metrics HTTP/1.1
Host: dortmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 99
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 91700af6fcb833fb322384991233cca0
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:55:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__en.js

142.250.74.35

200 OK

166 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text, with very long lines (694)
Size
166 kB (166526 bytes)
Hash
43735f6c22399555891e8abf82e7410b
c877dbb7a2ab1492a796fd6339c035c5e823d0e5
07cf56e972b5898434ac9845ae9edf4cc697ef991f4be4e2232b926bc4d7ed98

HTTP Headers

GET /recaptcha/releases/Xh5Zjh8Od10-SgxpI_tcSnHR/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166526
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Jun 2023 14:01:27 GMT
expires: Sat, 08 Jun 2024 14:01:27 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 04 Jun 2023 14:00:37 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 28443
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cfa2f4faaa3c178ca36297b0c4264e37
7a77047e893a983873f15a67f94b2be4b114be43
faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 21:55:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
a786b64dcfe8ec30a5c3533c3e34e56c
86966bb07af72c834171b2b784a2a00322234f45
f716f873c7b6777ea6b2eff039d0810826e2ac0f889d0d3c26bf3c2aa4fee7b0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 21:55:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 08 Jun 2023 05:19:53 GMT
Expires: Thu, 15 Jun 2023 05:19:52 GMT
Etag: "86966bb07af72c834171b2b784a2a00322234f45"
Cache-Control: max-age=458276,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d4c9e82c99d0b59-OSL

datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a

139.45.195.253

200 OK

12 B

URL POST HTTP/1.1
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a
IP
139.45.195.253:443
ASN
#9002 RETN Limited

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerSectigo Limited
Subjectdatatechonert.com
Fingerprint6F:17:15:C2:7F:CC:16:6C:9D:C0:AD:C3:EE:DA:69:61:8C:77:0B:5B
ValiditySun, 18 Dec 2022 00:00:00 GMT - Sun, 24 Dec 2023 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1336
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 09 Jun 2023 21:55:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://uglootudsurvey.space
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

uglootudsurvey.space/img/comments/person-5.jpg

104.21.14.156

200 OK

4.3 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-5.jpg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
4.3 kB (4333 bytes)
Hash
21fd6ef6d69b527c02e92a8c23d28d52
5980b75edc23f7fa2f57fa257cb67c9efb86fa58
f37490dbef620959d7124e3de027c5b5c43a57dc90737163947a6725444051eb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-5.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 4333
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
etag: "64834723-10ed"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXxcajdXVJSNNLYS2yjmllQPsZbwct71UiidgnnkhAjkDroZLpS0focs%2BYDrchVNG10%2F72S8RvY5fifRrdYTTEXfoouycKo7p35jJ4CtO4cquUw2L00f0BY6X3D7GbdlrfLyuKSQ5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b93e0b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-1.png

104.21.14.156

200 OK

6.6 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-1.png
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
6.6 kB (6577 bytes)
Hash
8f9a954bf05965bb41cf97a7ddb7a375
de9db936bbea75043e08a55d1f371678fca2270c
a787bd40650924a7bbc61d6ea0bbcaddae4b3129fd8028b68c3629210e41e26d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-1.png HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/png
content-length: 6577
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-19b1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djukzTZNIVPjRF1rovTi1JFDC8sRnXZzaZaDIYyowqvJKs3NWj8V%2ByOPwES2kttnoSeG6n5RIme4wmbLbuEX4u8gXva%2BMlg3c5FMl7lfyu1RswxCGm4GBCtmSzQbet7rTTo39s0fiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b92d0b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-11.jpeg

104.21.14.156

200 OK

4.2 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-11.jpeg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
4.2 kB (4175 bytes)
Hash
3924bdc784dc4947f52b779aa4d5a0aa
1e3f3fdd99490addd60014aa7327fe27c6bd5589
b3f882f57f9a213d85eb1c5c6a8a1451bd16dfcd9e4bd00e0a74584422dbd950

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-11.jpeg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 4175
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-104f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XOrx%2BPn4AmAvS8SSoxr2P2w%2BptFduNLDqQNfZeSOy68JADRIqB4lt9v%2FZI433IeihLaKX7t6C9bBmkWtnvl%2BkR3fHeqvc%2FXFITDQKI1A%2B2ucQhQcFENVotv1DeYnjWAV8EjJZ%2F3RA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80e96f0b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/_is-browser-supported.d5013709.js

104.21.14.156

200 OK

1.0 kB

URL GET HTTP/3
uglootudsurvey.space/js/_is-browser-supported.d5013709.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (1102), with no line terminators
Size
1.0 kB (1015 bytes)
Hash
5eb35f09f0cb518908ce3d89cae032e6
bc4c0f92bbb3f014d5c1e1f1442facb4aa978204
e0278dc2a9171dc68dea59ab0e571efd5234974b783338cb82c3b4fe3076afda

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/_is-browser-supported.d5013709.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-3f7"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7rFWKB8%2FwUUJYxXSU0nAIchAkWzennSpgC%2FJomoPK%2BwGRMbIzO3JLiV1rVXE%2FJkCookYep1hpHkidYK9%2B2reFmjbTqra7Ahkm58n6HQagDopI%2BwtlA3yDdG7QzA5FwEO%2BMJraExPTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed10b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/icon-survey.svg

104.21.14.156

200 OK

3.1 kB

URL GET HTTP/3
uglootudsurvey.space/img/icon-survey.svg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3164), with no line terminators
Size
3.1 kB (3097 bytes)
Hash
be0098d1d8838c0172c3107086338256
924bedb900cfbbf46aee1acc68b09666d1cd08b0
cce75f9c57b1c4430adecff06f7575ac7316c3381477a841f557646d0ac6af8a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/icon-survey.svg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: image/svg+xml
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-c19"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vUm7j13WxqFLxOfGF79t10BtGpPgC0OCv5BdRhLrBAPWSYVJfmlWCW%2FZZZ9h9BvdYg75PZcoyrRPusdomOfNvyRzQ8wRyjgl6jpWUvRxgsSSTlFaHw2ubMD4Z8dOAR%2FDM3PODQW2Lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7f6fb00b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/config/dict/cookie-consent-1.json?v=10

104.21.14.156

200 OK

6.8 kB

URL GET HTTP/3
uglootudsurvey.space/js/config/dict/cookie-consent-1.json?v=10
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (6009), with no line terminators
Size
6.8 kB (6757 bytes)
Hash
4b2ff958e811a50d2f641818590b443d
6abae297812bb55fad869e953e7fdf7469cbe1ae
9c77a5f3d0028d9ba122ed15728ee7b144619431f8302503a19c5785ddaa06b8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/config/dict/cookie-consent-1.json?v=10 HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/json
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
etag: W/"64834723-1a65"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhUbDb6fNdEhHQeq12Mxt4UzrkIA5ewRioLA9moQGjDGoiS4BF4V3Z7%2FDM%2Bqun08ZLJdZc%2B0v158lZJWd9cY5vdGO1Bo6UpKHJNmF%2BsMKulJb8DC%2Buq2WopdTJ4g2j0CO%2B4Jm8wZCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7f8fee0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/v-immer.esm.mjs.cb4e4807.js

104.21.14.156

200 OK

10 kB

URL GET HTTP/3
uglootudsurvey.space/js/v-immer.esm.mjs.cb4e4807.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (10496), with no line terminators
Size
10 kB (10496 bytes)
Hash
a35cfb8514c1353e1e9d1eae47e09e82
2b0e6f58956649df6006870d448dae48dfeac579
80179fc9be755b90e97e2de0f19912d8aadd3236a26a862b6f44cfe697a95fb1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/v-immer.esm.mjs.cb4e4807.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834723-2900"
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb1E0r5dfUv18JoM7WavD9x0aK6XR1wbsO7K5Pqw9adv6OixJVcJGWIAq9X%2F4BQmB%2BAXpCl93JT%2Ff8dKq8ZRGKThrmeUBEVc%2BmqJPZ1cPV0tu2Owxad%2FalD%2FF1ADtbixa8FvomlMkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaee20b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

my.rtmark.net/gid.js?userId=e88b5bbc4b5a1aac227288c4bd960e5a

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=e88b5bbc4b5a1aac227288c4bd960e5a
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint84:56:36:C3:24:DE:FB:F0:E7:EB:EB:9D:C8:B6:28:31:B5:3C:8B:80
ValiditySat, 06 May 2023 08:48:01 GMT - Fri, 04 Aug 2023 08:48:00 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
db8165b1cc9c73241ad4923070fc4fc8
2f80c28838df610299a5a92bb96991ea9d31b914
5a0d27a79407260f1591f65fbecd662d07933577d4f64368fdddfed94b6ec239

HTTP Headers

GET /gid.js?userId=e88b5bbc4b5a1aac227288c4bd960e5a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uglootudsurvey.space
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://uglootudsurvey.space
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=eb23aec82149492008eb9d4fa8343651; expires=Sat, 08 Jun 2024 21:55:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

uglootudsurvey.space/js/config/data/sd-1203056.js?v=10

104.21.14.156

200 OK

8.0 kB

URL GET HTTP/3
uglootudsurvey.space/js/config/data/sd-1203056.js?v=10
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (8495), with no line terminators
Size
8.0 kB (7990 bytes)
Hash
12431367966944827c4c2ae11ca2109c
6d849c10d9d47ce67b7d51a5cd4fed0dc23136c2
f16757b712b32bc30731546035f271087fbec831338b54f6cac5c6f88b0425ac

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/config/data/sd-1203056.js?v=10 HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-1f36"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNeli%2BpYK0OkBf0bwJDX6ogMy5brC0xF4pFESVZ33V4Z6DlmImESxqjglG36Kgyda9OT7T4W68jHsYGElDVt4fQxlYkSbl42a4bbMjidgJR7IOMT7qszU7w5OB4OScuVsJdpPhaajQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7f6fbb0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-4.jpeg

104.21.14.156

200 OK

2.7 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-4.jpeg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
2.7 kB (2709 bytes)
Hash
6cf64555e2de0ff8b5391081b648b89a
a32008bacf7f8cd3859eb86c6c8d36eeb15dbdf0
d4f513bf3a5691b900739cf79285d18ef09ef4b81eca648261b15a693d21818d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-4.jpeg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 2709
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
etag: "64834723-a95"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=32bXdBIR7JY3%2FjyAQt7JiU2NM9vM1hdcK4jfWgzR01fXbTc9Fw%2FhYxcuZrIxboMHSdPtKpfqQC8CdchsnNqfFlZ6WsGjSXt8%2BrAn6z7yjrxNlE%2B0O1A0C0HZAVQJm8t95BNYGTadzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b93b0b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/_rtc.ac975031.js

104.21.14.156

200 OK

11 kB

URL GET HTTP/3
uglootudsurvey.space/js/_rtc.ac975031.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (11189), with no line terminators
Size
11 kB (11189 bytes)
Hash
947357b088fadcacce60a443b015f9be
a1f1339ff23a581cc7ef37cf502cf71453aa3d2d
24ed11341d8fa8d4679665e6268020dd115667d8c27ccbe6eb54c015b6dadcd2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/_rtc.ac975031.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-2bb5"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfJnm85ER3nh7RVgkXu30BJuyDgz9iKxc%2FP1bOWNyFMtj24oSRA5PMasCAfDVZaUlHDvTt7iEESeMARlrnHf%2FyA8GxG4VnseGgkA90vheyh7fnFFVCwRBC9aGPfYj83oYx604OlHFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed30b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/v-react-dom.production.min.js.36d6f8aa.js

104.21.14.156

200 OK

129 kB

URL GET HTTP/3
uglootudsurvey.space/js/v-react-dom.production.min.js.36d6f8aa.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
129 kB (129259 bytes)
Hash
12a14e476144ad086e6c92f93a608771
bd935ddfd265040111dcec95a1df78c25a1b1440
3b3f96d223e89d327bda4caad2e3f83389b111fcfaaad537a6210e25222af74d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/v-react-dom.production.min.js.36d6f8aa.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-1f8eb"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzr04vh6iZw0Lzre%2BxZEz3%2FVDwEABkmRD1gTHSjHoeX5%2BzC4pt5OJHiBSJDQ64SwLVBGqg4Kk6EbETOeJybMWZ9JmEN4Qysldy47ubSqvWnKOtXHEzdRkQks644m5R8pP4tklAp%2F9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaee70b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdntechone.com/stattag.js

188.114.96.1

200 OK

18 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint22:B1:48:87:A8:EF:B2:9B:65:EB:D6:C6:FD:8D:EF:A7:A7:DE:52:29
ValidityThu, 26 Jan 2023 00:00:00 GMT - Thu, 25 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (17871)
Size
18 kB (18521 bytes)
Hash
0fdff67feab23cc69ecfb6800fc54cb7
eb84c650e6d27e290795207b1f37dd7b67f2aa06
456e420aecd5ac679cc2bcb33daf7c063f54894fd076e99e05c06629234d3378

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
last-modified: Fri, 19 May 2023 08:43:53 GMT
etag: W/"646736c9-4859"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2971
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WlizIYsU5BQHiWn2irhma2izCI1hqnIs5H4qci6yy2mILvydq5Vsug%2FpUeH%2B3YaFi8a%2FXQ6OPMVMXnKiLbdqnGcC2QwGv%2FhSg9QwJE%2BqnCxrutOXnFmLkJgSReqI2kxjnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4c9e803f74b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

uglootudsurvey.space/js/config/comments/en.json

104.21.14.156

200 OK

4.5 kB

URL GET HTTP/3
uglootudsurvey.space/js/config/comments/en.json
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
Unicode text, UTF-8 text, with very long lines (5176), with no line terminators
Size
4.5 kB (4525 bytes)
Hash
0f8a677240ca082b8875f3c8d3bf5c42
19641ee3e340098b44d1d248e7c1a99dd0daafdf
2f5cff997105c8b995ec55f36e2656e14e1676f23244471f6115bc1d04c821c1

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/config/comments/en.json HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/json
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-11ad"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifipB8XRb087N1Z%2BwjiFfCb8PjMj9bMAiVtw8k%2Fn9GhAet6T3ASzp%2FqE2qSVVQiMWonFJJiIH7EfV8xMjJD6kfoKa4nfiyfe7ZVDC60ttsaRrjkqGI0Caf1upOuJZeo4feJPlJgV8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7fe85a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2

104.21.14.156

200 OK

5.2 kB

URL User Request GET HTTP/3
uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5423), with no line terminators
Size
5.2 kB (5197 bytes)
Hash
db4c608067d6b4c08cdf6957c2427362
f5fadeb991b3ecb6cd1b5f395eff149faac12015
85476dd413b3fe50098842bac62a7bcc39c8ab80ba87076ac88ac6ac86a2527e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /finance-survey.html?utm_content=zd_public_v2 HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: text/html
last-modified: Fri, 09 Jun 2023 15:37:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ot6pPYXX%2Fc8WajTYi9CWQkyVaP7Etg23WJ05yjmEC0Vii%2BU9LUA2czm7WdhcmekYO%2FoinLgkBYAb%2Fkd3OQ%2FLpUns5X%2BpKedYz4PtHe15lH01SEaM468UAHUV1AqtKmyrW8Jty6l%2BVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7dbdf40b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-14.jpg

104.21.14.156

200 OK

5.4 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-14.jpg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
5.4 kB (5392 bytes)
Hash
6012ff0d59aa6a34aaca1ea8f2fa88fc
ef59662c9b666106486039e9f1deb40fb4a8ff77
2c020310e91430067c7128425f14ac0ff1710aea5e67c144a8fceac46311182d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-14.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 5392
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1510"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKz7HEW2%2Fp1EQb17c6KMtJNtYv0WZXIR2Z7rqLG6rZXd6VwVw4SLUr42%2BDYQJXESHaRJAq64p%2FGxFRB3wwYMazyVf86GYlcauWNU3PQEtHuKq8NlOqj7yhNibBu0nhIm0w7zZX0JCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9370b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/favicon.ico

104.21.14.156

200 OK

1.2 kB

URL GET HTTP/3
uglootudsurvey.space/favicon.ico
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
668ba1a9fa1890ba16cb8adc28d3dad8
5e35223b2541265114eaf61b9da2556c812fea17
7746cf1b553433822522f2dc432f55fe64eee1f1cf823ef6adfde02e58e1d7e2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/x-icon
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: W/"64834724-47e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84V4KzcZCFdlu0eJM1KOyaFnDIYMMuw%2BpuK30RzpLTR1jEyakJcvC2t%2F7EOr0JgoqvoLqYN7HOhYY0ZhemABGZP7XNumjWWdMSH%2Bf2SWQHMw5QrcbyVuBCIV3bcIJsku7%2FWYDRecUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e82ec250b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/_global-config-sd.002b34e9.js

104.21.14.156

200 OK

1.4 kB

URL GET HTTP/3
uglootudsurvey.space/js/_global-config-sd.002b34e9.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (1450), with no line terminators
Size
1.4 kB (1428 bytes)
Hash
86ff3b66c53f099f3e0c062417f6aa18
18c8d7178caf8fae97722d1a985b1a2b3113a8b6
92852ebc30812881844a4a10716223cb0c19b7021d7c4d6af38692f4889b2724

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/_global-config-sd.002b34e9.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-594"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzT0NMMK3Fhjae%2FaeJdvQdVxGumEbhvKl9I2qxnOEsroWlqnGGKK0pViEuZi%2Fm%2ByxoOeVZb2sPMhk1N85kUO8jBUgFd8FhAvyXfXfVr2ixIY1ZvVDpQSv4oTkyAic4o0kooPsvRgUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaed20b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/js/v-index.mjs.ee4bcd4e.js

104.21.14.156

200 OK

35 kB

URL GET HTTP/3
uglootudsurvey.space/js/v-index.mjs.ee4bcd4e.js
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (35051), with no line terminators
Size
35 kB (35051 bytes)
Hash
581c20a8830d62654a35258d921ffaa9
a76b36628b3100e38df0da68b1a51f6552313027
90702e4fb3693a40b11178a9f7d6d09c718f0e028a45e5d36eb5bb191ef67dd7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /js/v-index.mjs.ee4bcd4e.js HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"64834724-88eb"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pVE2fPCI%2Fm3SgqcfKlUrlV%2FElGShryVb4cf%2Fgo95ZxxRjsZfD6MJ1TcTzhmfnhyF2vIy%2F1AwJfe06Rr%2BgX86TQMDlxYDLFlXV9COdN%2BMNpvsl9f9yGr2I6ZZZBmwcMP3BdDK2qprWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7eaee50b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/unnamed.jpg

104.21.14.156

200 OK

1.4 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/unnamed.jpg
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 100x100, components 3\012- data
Size
1.4 kB (1378 bytes)
Hash
449aaf5a54e3fe3aa4f0f5875bede090
b2b897362626700277b7f8baca8b1f292d08b7e5
4200f94af9e21196c339a50a85d3d50c769e8655857fdaf67df6e99678b9ad59

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/unnamed.jpg HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/jpeg
content-length: 1378
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-562"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76fX0wQ03ioHznPK9qI5DPOL50DKErX%2Bqmrgxo2LB7uy8L2w0cXpFlt2caN%2F52CNLpk8kO70ecUVbDIRsHqa87FcH90NHJKsYZwNZE3keoGR1W%2FcJNy%2Bqd20Xj4FM6YEJe0vXRjxXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b92b0b06-OSL
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/css/survey.d131f88b.css

104.21.14.156

200 OK

67 kB

URL GET HTTP/3
uglootudsurvey.space/css/survey.d131f88b.css
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
67 kB (67084 bytes)
Hash
3d4dda6899aa1cc59db8c60183e3e4e6
835df21f73371534534fb0490f0a5e2e4b83dec0
5210b11a0cae9f500faf428ef7a0114bff65bb797241d8a8e7ad712111364723

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/survey.d131f88b.css HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:29 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=67096
etag: W/"64834724-10618"
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teWkj1GytH3ZljYrf0buxhNmt5%2BsjcrSiTyYZT90%2BSWLJlE%2B7xvR6iAZ0EHPZoirs2NbASsS%2BJS0kiaRE9UiJ06MtYETbZJn7KCrekEBxv2F2HcJbhlJyHNxhMAKnsJtRKOhirSgVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e7ebef80b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

uglootudsurvey.space/img/comments/person-3.png

104.21.14.156

200 OK

7.4 kB

URL GET HTTP/3
uglootudsurvey.space/img/comments/person-3.png
IP
104.21.14.156:443
ASN
#13335 CLOUDFLARENET

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerLet's Encrypt
Subjectuglootudsurvey.space
Fingerprint6B:95:64:02:30:88:61:C4:26:09:E4:07:63:32:41:5B:28:7A:EA:26
ValidityFri, 12 May 2023 10:22:26 GMT - Thu, 10 Aug 2023 10:22:25 GMT

File type
PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Size
7.4 kB (7368 bytes)
Hash
2f62e53b6333bc904be22a37a1fd0ace
6e972fefcbe0193d9b28817c47c1ceab2a0235d1
9128194f1b1bf44435a3e80f994157b94a40a3365cd8f0794dcadb41a24c3b41

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/comments/person-3.png HTTP/1.1
Host: uglootudsurvey.space
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ID=eb23aec82149492008eb9d4fa8343651
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 21:55:30 GMT
content-type: image/png
content-length: 7368
last-modified: Fri, 09 Jun 2023 15:37:08 GMT
vary: Accept-Encoding
etag: "64834724-1cc8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EG4yVUacjHfgTvOCaVaPTYSPDnbBlymbXQDCvYzFNFizNjXbSvrn1qV%2BfkIb%2B3aVC2pREYQGdOu915ctQqqQChH99kAzP8JipyHHbSOk8lUi1Ir1r0MleWaZRJ%2B49wDNEBuVveeaug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4c9e80b9470b06-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/api.js?render=explicit&hl=en

142.250.74.132

200 OK

852 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=explicit&hl=en
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://uglootudsurvey.space/finance-survey.html?utm_content=zd_public_v2
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintA8:95:C3:CB:D6:3F:BC:0A:7D:FF:36:72:5E:2F:56:26:9F:EB:77:0E
ValidityFri, 19 May 2023 12:58:13 GMT - Fri, 11 Aug 2023 12:58:12 GMT

File type
ASCII text, with very long lines (852), with no line terminators
Size
852 B (852 bytes)
Hash
36a5ebb2703c648a8c8e8498ffc050bc
dfff65a1fbaf687d2c279dc43882625190a2b155
fc626724d7a9b21841585f0d8957194d747a5bc4d9098e9e8704c3e3c919b002

HTTP Headers

GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Fri, 09 Jun 2023 21:55:30 GMT
date: Fri, 09 Jun 2023 21:55:30 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML