Report - gouloavaugelaiy.com/single-page/516/

Report Overview

Visited public
2025-01-15 15:45:54
Tags
Submit Tags
URL
gouloavaugelaiy.com/single-page/516/
Finishing URL
gouloavaugelaiy.com/single-page/516/
IP / ASN
104.21.80.1
#13335 CLOUDFLARENET
Title
Welcome to a World of Imagination

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
gouloavaugelaiy.com	unknown	2024-10-14	2024-10-17	2025-01-04	9.6 kB	416 kB	104.21.80.1
datatechonert.com	46154	2021-12-24	2021-12-24	2025-01-11	543 B	486 B	185.49.145.45
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-01-15	432 B	6.9 kB	104.18.18.184
cdntechone.com	64371	2021-12-24	2021-12-24	2025-01-11	1.1 kB	53 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed
2025-01-15	medium	gouloavaugelaiy.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	From	Size	First Seen	Last Seen
	gouloavaugelaiy.com/single-page/516/	ScriptElement	57 B	2024-11-08	2025-02-06
Pretty URL gouloavaugelaiy.com/single-page/516/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-08 15:40 Last Seen2025-02-06 06:35 Times Seen4039 Hash 5f20dadfa6c65e87a6f3ba9a64111a9f ce907e2c96765332a6f202c630d8f0579fd5b79e 8a55ffd3a9013ed6bbb3354b1c20e08c378782a734e0ec8d94db9991888a9043 Loading...

	gouloavaugelaiy.com/_next/static/M4K6cXaaHL1FUwFbuP_81/_ssgManifest.js	ScriptElement	160 B	2024-10-31	2025-06-29
Pretty URL gouloavaugelaiy.com/_next/static/M4K6cXaaHL1FUwFbuP_81/_ssgManifest.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-31 10:31 Last Seen2025-06-29 23:35 Times Seen4243 Hash d7c1624b8c3c5724789430e3ee0f99cd f537b81dfb15b4b4c8c48edb112ca607563ae8e0 3064462069623e8ee6a6f553b03b85af446f6a83797c5b7df5ab4745b3e7dac1 Loading...

	gouloavaugelaiy.com/_next/static/chunks/ac5595402e335eea-1736501100074.3cfdc57f0372e5e9.js	ScriptElement	7.0 kB	2024-12-12	2025-02-12
Pretty URL gouloavaugelaiy.com/_next/static/chunks/ac5595402e335eea-1736501100074.3cfdc57f0372e5e9.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-02-12 10:16 Times Seen1187 Hash 0423e9f04482fb5515f7847ead11974c 0c68534f158d022aa558877a2822591ccad45a05 5aee159618a68108c36f251495310ddd1380c4c9055c727b8b723c297a113f67 Loading...

	gouloavaugelaiy.com/_next/static/chunks/832a8a11a9514785-1736501100074.c3e83ce2386e9710.js	ScriptElement	8.6 kB	2024-12-15	2025-03-26
Pretty URL gouloavaugelaiy.com/_next/static/chunks/832a8a11a9514785-1736501100074.c3e83ce2386e9710.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-15 05:28 Last Seen2025-03-26 01:32 Times Seen330 Hash acba0eb6b38e4967036749f8344e51b1 b073a44b650914cf6ef2cbda692c3a981698f103 2f027dfdee1852db5bf3aab2ef8859e1e1145edb2041dc0a558c7d237f7f4430 Loading...

	gouloavaugelaiy.com/_next/static/M4K6cXaaHL1FUwFbuP_81/_buildManifest.js	ScriptElement	1.3 kB	2025-01-12	2025-01-16
Pretty URL gouloavaugelaiy.com/_next/static/M4K6cXaaHL1FUwFbuP_81/_buildManifest.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 23:46 Last Seen2025-01-16 01:47 Times Seen10 Hash 466c76985f0a19bcdeefd18d62e97a5e 58c239272c945d2769f2083eb43d0de3bc8825c1 9f92022765a7ba42a09b0eec6802d3bdb02d9459373b29be52183fad2be20ff7 Loading...

	gouloavaugelaiy.com/single-page/516/	ScriptElement	1.6 kB	2024-12-24	2025-01-15
Pretty URL gouloavaugelaiy.com/single-page/516/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-24 00:09 Last Seen2025-01-15 15:45 Times Seen2 Hash 363be04ea8cbad31ef9c9a5cba421a97 c00dd8912105c0495d0e29e0f6bd08e5d467b731 7bde5dc66728c48674626ee4b202acefeb9417d38f4ce6e28f08424476bbc237 Loading...

	gouloavaugelaiy.com/single-page/516/	ScriptElement	1.9 kB	2024-11-08	2025-06-29
Pretty URL gouloavaugelaiy.com/single-page/516/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-08 15:12 Last Seen2025-06-29 23:35 Times Seen4260 Hash 09851c9ecbfed34957566907c59d1855 988103bc346a45ef275aa2df5f8b0bb252996239 a4d230332f15781164cd54ef61717b7b237c054644c222e4913e89ed6823f025 Loading...

	gouloavaugelaiy.com/single-page/516/	ScriptElement	20 kB	2024-12-14	2025-01-21
Pretty URL gouloavaugelaiy.com/single-page/516/ IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-14 07:36 Last Seen2025-01-21 10:25 Times Seen426 Hash c6f08da2486f52670b916356f4d1bcc5 c889fda527682123489766d1fb43fb6f237cc694 a46b8123be415c9c01c6e6c92e36b54649230c64b1ea13d19862cf345ac002cd Loading...

	cdntechone.com/stattag.js	ScriptElement	16 kB	2024-07-11	2025-07-02
Pretty URL cdntechone.com/stattag.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 14:08 Last Seen2025-07-02 09:35 Times Seen5802 Hash 80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251 Loading...

	gouloavaugelaiy.com/_next/static/chunks/4d859cac5ba89327-1736501100074-7c9f685438bac6d8.js	ScriptElement	110 kB	2024-12-12	2025-06-29
Pretty URL gouloavaugelaiy.com/_next/static/chunks/4d859cac5ba89327-1736501100074-7c9f685438bac6d8.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-06-29 23:35 Times Seen3755 Hash fa92e582b2c89be329fbc8ac7170c6ac bf03008752166780239d14094615f3d6f01d52ac fadd974a6921e24c69b0f37ad3cdc0f67424923522f2102b988fe11ec99a763f Loading...

	gouloavaugelaiy.com/_next/static/chunks/71e9981c1e59037f-1736501100074-4e11b8f38f477500.js	ScriptElement	44 kB	2025-01-12	2025-01-16
Pretty URL gouloavaugelaiy.com/_next/static/chunks/71e9981c1e59037f-1736501100074-4e11b8f38f477500.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 23:46 Last Seen2025-01-16 01:47 Times Seen10 Hash 38949583e2756c94d047515e5bc5ec68 0de8a2a6d36eea865533e10df987359f21aa4441 1812357c0e3dd784aced9411e5faff52eba75b298199890d815425c5beb41942 Loading...

	gouloavaugelaiy.com/_next/static/chunks/6bb04592a3076195-1736501100074.09497dd61c381dac.js	ScriptElement	6.5 kB	2025-01-15	2025-03-07
Pretty URL gouloavaugelaiy.com/_next/static/chunks/6bb04592a3076195-1736501100074.09497dd61c381dac.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-15 15:45 Last Seen2025-03-07 11:10 Times Seen5 Hash c200895cc6f36a84a28410e85a0907b2 4c258fbcb19da423a7f60058d3b13fde05037b54 f0fdcc076a0d9a43f74b70cb6121768157606ce47f4baa658178392a4c35e153 Loading...

	gouloavaugelaiy.com/_next/static/chunks/f53af6e80101a3e5-1736501100074-38e77496fba72d7c.js	ScriptElement	29 kB	2025-01-12	2025-01-16
Pretty URL gouloavaugelaiy.com/_next/static/chunks/f53af6e80101a3e5-1736501100074-38e77496fba72d7c.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 23:46 Last Seen2025-01-16 01:47 Times Seen10 Hash 849cc0ce99fcda6aa7a042c668414860 32cbeb7e43a3ffae373e07b87ed7fa1fe7c2e3f2 e92ee1979a8f0fee4d9d4cc721559909c1417cb1af8b696856581b1e60f4ebfc Loading...

	gouloavaugelaiy.com/_next/static/chunks/f47a9967b65997b4-1736501100074.6968f27ea0bcf339.js	ScriptElement	3.8 kB	2025-01-10	2025-02-12
Pretty URL gouloavaugelaiy.com/_next/static/chunks/f47a9967b65997b4-1736501100074.6968f27ea0bcf339.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-10 01:37 Last Seen2025-02-12 10:16 Times Seen145 Hash 6e518976417a87182a300beac7746a3d 989e5009751084e74ae3f50c3000e0bed985700e f75aa4c6ebd64028a8e89fb39528269d1217cf8b486d30b39d4261ac30d42758 Loading...

	gouloavaugelaiy.com/_next/static/chunks/3cacc58ea516fe6f-1736501100074.4d666b3ce7dcd66f.js	ScriptElement	30 kB	2024-12-12	2025-06-29
Pretty URL gouloavaugelaiy.com/_next/static/chunks/3cacc58ea516fe6f-1736501100074.4d666b3ce7dcd66f.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-06-29 23:35 Times Seen3892 Hash 0e650c6fbdbaea01c64c59f71ecbe089 75d3aef97713ed867eb35e87cb91d4a6ad74ac3b 08800a958ef86e09d5001801f2f8645ae0a14002a8610f38a883b747e73cb544 Loading...

	gouloavaugelaiy.com/_next/static/chunks/27da6a71c55717fa-1736501100074.1f230f14e978af7b.js	ScriptElement	14 kB	2024-12-26	2025-01-20
Pretty URL gouloavaugelaiy.com/_next/static/chunks/27da6a71c55717fa-1736501100074.1f230f14e978af7b.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-26 11:23 Last Seen2025-01-20 04:08 Times Seen639 Hash f45de52b71ffbaab0af7b835959fe830 7044c236f92eb3e1732adfeb4ba7e9607204edf3 025e230cdbe76d6d9bdac4b557c17599f9eb0a519bc7f7ffc216e44afcd37dc2 Loading...

	gouloavaugelaiy.com/_next/static/chunks/8f5cbba4cc10fdf5-1736501100074-526eef58c46893a1.js	ScriptElement	59 kB	2025-01-10	2025-01-20
Pretty URL gouloavaugelaiy.com/_next/static/chunks/8f5cbba4cc10fdf5-1736501100074-526eef58c46893a1.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-10 10:43 Last Seen2025-01-20 04:08 Times Seen46 Hash f501ac4660b709f0c7042382325b9cfd 93f141b32dcbce00248639f6959aa7bb43dfeaa6 4af1fe62be90a3079238be1f5c12b12146518f008627c60f305feeb3ce857b61 Loading...

	gouloavaugelaiy.com/_next/static/chunks/dbb80ba394719d25-1736501100074.0157f5525bb5ad80.js	ScriptElement	16 kB	2024-12-12	2025-02-20
Pretty URL gouloavaugelaiy.com/_next/static/chunks/dbb80ba394719d25-1736501100074.0157f5525bb5ad80.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-02-20 14:49 Times Seen1172 Hash 246c62a01ca76c5e64b7879c01635219 faa25c8618c4adc07d9e2619aa386782d21e2c7a e0e4a9f620af9b0283ad84377bfedc59ec8091dbed06d8f32f37a59d0cb30721 Loading...

	gouloavaugelaiy.com/_next/static/chunks/d039d117b6eecb33-1736501100074.31b0051255cfbe36.js	ScriptElement	46 kB	2025-01-12	2025-01-20
Pretty URL gouloavaugelaiy.com/_next/static/chunks/d039d117b6eecb33-1736501100074.31b0051255cfbe36.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 23:51 Last Seen2025-01-20 04:08 Times Seen13 Hash 5b1b17553b6e9ddb6fd2fc3c501917c8 f9c57a155b2b08e5106436fdacb93914c88ad156 66cfe2cf801352e48479dfe06eacfea6e0be61c6e1f32a2d2a0de75df745ba9c Loading...

	gouloavaugelaiy.com/_next/static/chunks/1c02c3e681ea9f6d-1736501100074-ebf163de3da5e125.js	ScriptElement	27 kB	2024-12-12	2025-06-29
Pretty URL gouloavaugelaiy.com/_next/static/chunks/1c02c3e681ea9f6d-1736501100074-ebf163de3da5e125.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-06-29 23:35 Times Seen3910 Hash 46319da25b781d320119bb919f754f17 f469c209ac6ece789afc95873888de04b0268eea 99199d4c9b8e1653af1ea901b3f856fe9537a6ff869abad68ca5c5f8d253eda5 Loading...

	gouloavaugelaiy.com/_next/static/chunks/e349ffdbb65d6c93-1736501100074-660e5b7e2e3b7996.js	ScriptElement	11 kB	2024-12-12	2025-03-18
Pretty URL gouloavaugelaiy.com/_next/static/chunks/e349ffdbb65d6c93-1736501100074-660e5b7e2e3b7996.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 15:49 Last Seen2025-03-18 12:35 Times Seen1261 Hash 35fee35b460cf851bdf3beecb8b35f5a f6af853cbdfb476165846933aada6cc3b1419022 8670480720bc1d26b090cc475660907e07d42ea2dd14cbb860ca04add28ce9cc Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6c2875f1a9aa4e7aea000433b300f345	17 B	2024-12-03 18:23	2025-07-03 06:10
Pretty Observations First Seen2024-12-03 18:23 Last Seen2025-07-03 06:10 Times Seen2731 Hash 6c2875f1a9aa4e7aea000433b300f345 19ada7d0dfde6c8f5e91f79429fedb4c7c2c07e8 faff5a60a2c4aa315bd6d15ef5da1b81098a7b034d3a76acb8fcfffdce74153f Loading...

HTTP Transactions (27)

URL IP Response Size

GET gouloavaugelaiy.com/_next/static/media/coins.dc6a921e.webp

104.21.80.1

200 OK

3.5 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/media/coins.dc6a921e.webp
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 221x135, Scaling: [none]x[none], YUV color, decoders should clamp
Size
3.5 kB (3456 bytes)
Hash
279727358e3d3b9f70e0ba964e6aaec5
1145654b2d9550209b1e1afe1f4fb8cb2f916fa8
dbd12cc0f5556a5049bccb29f3f3dc048a44543fa2e066cdab26b8c2f79c9733

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/coins.dc6a921e.webp HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: image/webp
content-length: 3456
last-modified: Fri, 10 Jan 2025 09:34:23 GMT
vary: Accept-Encoding
etag: "6780e99f-d80"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IHVzoIXk8p4Gt4xKyZA1ANUwBeDJwiUYdwSmmWUfW4chbqTCHcUi4jKd0sIxi9Hq6q1STgsMp5d4l7eanx2RSYYJMfX9MY%2FgRWy3sq63c5VRG4gb9OU8Y5zj6Ir9KtOje4f3sVs0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c6e5cb4f7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2459&min_rtt=426&rtt_var=29&sent=111&recv=87&lost=0&retrans=0&sent_bytes=113766&recv_bytes=2997&delivery_rate=16837209&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=453&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/chunks/4d859cac5ba89327-1736501100074-7c9f685438bac6d8.js

104.21.80.1

200 OK

33 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/4d859cac5ba89327-1736501100074-7c9f685438bac6d8.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
33 kB (32576 bytes)
Hash
fa92e582b2c89be329fbc8ac7170c6ac
bf03008752166780239d14094615f3d6f01d52ac
fadd974a6921e24c69b0f37ad3cdc0f67424923522f2102b988fe11ec99a763f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4d859cac5ba89327-1736501100074-7c9f685438bac6d8.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-1ac86"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dEiTwZq3guEWhrZhICMa5tPCEMEiK%2Brja%2BDlxACkMmDS3QaUEhtmfvq5GY2SzrquTsTk5rSE5MMZi4t1iDU7gODNLjkXpprNWCxYNSQEaJnRNkRUDLZ31uQHjB2B5%2Fw2On9ySWWG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c5e4ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2474&min_rtt=426&rtt_var=244&sent=87&recv=59&lost=0&retrans=0&sent_bytes=80487&recv_bytes=2997&delivery_rate=16837209&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=451&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/chunks/3cacc58ea516fe6f-1736501100074.4d666b3ce7dcd66f.js

104.21.80.1

200 OK

26 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/3cacc58ea516fe6f-1736501100074.4d666b3ce7dcd66f.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (30035), with no line terminators
Size
26 kB (26354 bytes)
Hash
0e650c6fbdbaea01c64c59f71ecbe089
75d3aef97713ed867eb35e87cb91d4a6ad74ac3b
08800a958ef86e09d5001801f2f8645ae0a14002a8610f38a883b747e73cb544

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3cacc58ea516fe6f-1736501100074.4d666b3ce7dcd66f.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-7553"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rtepAVNVVEwC9YNAibMDHcWLx6OGw4ptellVhLcOfVfNcck5xy9Xssb07sNW3e%2F%2Fw038QKnO%2Bk4qQmMDupza85sDFapDLTPmQjPlrnGc7c8csJXYFh%2FfuMjurjIGS%2FrDtQSKaaS5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c4e3bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1844&min_rtt=426&rtt_var=1130&sent=53&recv=42&lost=0&retrans=0&sent_bytes=45468&recv_bytes=2997&delivery_rate=15714728&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=446&x=0"
X-Firefox-Spdy: h2

POST datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=ebb16cf3-f62b-421a-b503-e5b62506caac

185.49.145.45

200 OK

12 B

URL POST HTTP/1.1
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=ebb16cf3-f62b-421a-b503-e5b62506caac
IP
185.49.145.45:443
ASN
#35415 Webzilla B.V.

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerSectigo Limited
Subjectdatatechonert.com
FingerprintED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72
ValidityWed, 11 Dec 2024 00:00:00 GMT - Tue, 23 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=ebb16cf3-f62b-421a-b503-e5b62506caac HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1367
Origin: https://gouloavaugelaiy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.5
Date: Wed, 15 Jan 2025 15:45:29 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://gouloavaugelaiy.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET my.rtmark.net/gid.js?userId=w76hxwnzpbw9fowd4w1gjtunsef4mfmj

104.18.18.184

200 OK

6.1 kB

URL GET HTTP/2
my.rtmark.net/gid.js?userId=w76hxwnzpbw9fowd4w1gjtunsef4mfmj
IP
104.18.18.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint56:7F:53:10:57:2F:C3:F4:06:8B:DB:2F:C1:F7:6A:1D:68:59:14:3F
ValiditySat, 04 Jan 2025 10:02:11 GMT - Fri, 04 Apr 2025 11:00:33 GMT

File type
gzip compressed data, from Unix
Size
6.1 kB (6102 bytes)
Hash
6184fbb493cd547ee3890c52b5f14887
7d22022affcce22742329268a24d67574a512450
9903cb2d70b3fb78eee5e1bc3bf25273e6e0fe56b283b4b8bf1fc88b4060b54c

HTTP Headers

GET /gid.js?userId=w76hxwnzpbw9fowd4w1gjtunsef4mfmj HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gouloavaugelaiy.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gouloavaugelaiy.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=w76hxwnzpbw9fowd4w1gjtunsef4mfmj; expires=Thu, 15 Jan 2026 15:45:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9026fe3e3eb4b515-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/rotate?rhd=1&btz=UTC&bto=0&zz=7844247%3B7844247%3B7844247&var_3=

104.21.80.1

200 OK

15 kB

URL GET HTTP/3
gouloavaugelaiy.com/rotate?rhd=1&btz=UTC&bto=0&zz=7844247%3B7844247%3B7844247&var_3=
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JSON text data
Size
15 kB (15088 bytes)
Hash
3e634cd90c6b7cb56b37f83e01319c41
8367eef77d766ab41e9512126584261362c1b762
d13b4e64c90bd0cd557f52cdea5e8a01e2f7ce867f221ddf85f8a0140ab931f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rotate?rhd=1&btz=UTC&bto=0&zz=7844247%3B7844247%3B7844247&var_3= HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: text/plain; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FK1DqFzSvROSY4Sq0qwYq5c0I9rfdcM0ZOPR9ezxnKwEDkJJVYfk97eWb0TYaGxSUSauwabm8abXFoAOEboK0lsdJsMqEMOclBHDtSJRqyedD7NQb9sR0Ldno1py%2FszD0Xpv1KCf"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-trace-id: 021b5cefd727bb16b198aba5136fd2e1
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gouloavaugelaiy.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 9026fe3cae61568d-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

GET gouloavaugelaiy.com/_next/static/chunks/832a8a11a9514785-1736501100074.c3e83ce2386e9710.js

104.21.80.1

200 OK

10 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/832a8a11a9514785-1736501100074.c3e83ce2386e9710.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (8572), with no line terminators
Size
10 kB (10375 bytes)
Hash
acba0eb6b38e4967036749f8344e51b1
b073a44b650914cf6ef2cbda692c3a981698f103
2f027dfdee1852db5bf3aab2ef8859e1e1145edb2041dc0a558c7d237f7f4430

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/832a8a11a9514785-1736501100074.c3e83ce2386e9710.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-217c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMdjJoG99c2zTpX8uk0jKx7c2N5mYz8g8m%2BNkQcjcSqN6mpsKQESJhS1M6OA3WbUE65esGYx1ogC8o1KTEvHeUkHeMqGh7dOFfW5feLYF3ExuDCHTTTRePWY0c7lnB%2BGMwi8irfl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c5e3eb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1639&min_rtt=426&rtt_var=1967&sent=31&recv=39&lost=0&retrans=0&sent_bytes=19844&recv_bytes=2997&delivery_rate=15714728&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=443&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/chunks/e349ffdbb65d6c93-1736501100074-660e5b7e2e3b7996.js

104.21.80.1

200 OK

11 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/e349ffdbb65d6c93-1736501100074-660e5b7e2e3b7996.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (10752), with no line terminators
Size
11 kB (10752 bytes)
Hash
35fee35b460cf851bdf3beecb8b35f5a
f6af853cbdfb476165846933aada6cc3b1419022
8670480720bc1d26b090cc475660907e07d42ea2dd14cbb860ca04add28ce9cc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/e349ffdbb65d6c93-1736501100074-660e5b7e2e3b7996.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-2a00"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQ%2FoD8asUBv6%2BZDVu8YYwBH7tIfxNMeqTEL3h9C36kHpoVdqTCIJ0d7SqkUNOAC3V%2FkOdz1CzM%2BtPjxdweP2Hk51QcT77blouag4dcFFVgxUKdBkEn%2BbZHTz%2FzOmnM2QHciyOImL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c5e50b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2474&min_rtt=426&rtt_var=244&sent=82&recv=59&lost=0&retrans=0&sent_bytes=75886&recv_bytes=2997&delivery_rate=16837209&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=450&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/favicon.ico

104.21.80.1

204 No Content

0 B

URL GET HTTP/3
gouloavaugelaiy.com/favicon.ico
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=w76hxwnzpbw9fowd4w1gjtunsef4mfmj; syncedCookie=true; oaidts=1736955929
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Wed, 15 Jan 2025 15:45:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9G3Z99AS6ubkM2R4115nRp1xtoJyB2WGEw1GZ4SgERfKG6GMbHhQcmDiNwuuqetBpOTh%2BuiqNK6HlELxvM4lcA453YGrXoXtHHM4cBNesosrfpwjERh5O3JW39H04NIGiBJ83mL"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
cf-ray: 9026fe3fae69568d-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

GET gouloavaugelaiy.com/_next/static/chunks/71e9981c1e59037f-1736501100074-4e11b8f38f477500.js

104.21.80.1

200 OK

44 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/71e9981c1e59037f-1736501100074-4e11b8f38f477500.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (43600), with no line terminators
Size
44 kB (43600 bytes)
Hash
38949583e2756c94d047515e5bc5ec68
0de8a2a6d36eea865533e10df987359f21aa4441
1812357c0e3dd784aced9411e5faff52eba75b298199890d815425c5beb41942

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/71e9981c1e59037f-1736501100074-4e11b8f38f477500.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-aa50"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FaWP%2FZXoXeN9OJxsTF1jc9ystPHYixLNHt2ggeUa02rSkWk5WVci8Q54L1WuzCFuFx3HJRxUdPCusWwnUo8giYzB9W%2FQyIeuI7IB7ttm3njm7vBswGeGwK7c8%2FveJ3ziomeM1ad"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c5e4fb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2459&min_rtt=426&rtt_var=29&sent=121&recv=87&lost=0&retrans=0&sent_bytes=123479&recv_bytes=2997&delivery_rate=16837209&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=454&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/chunks/27da6a71c55717fa-1736501100074.1f230f14e978af7b.js

104.21.80.1

200 OK

14 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/27da6a71c55717fa-1736501100074.1f230f14e978af7b.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (14065), with no line terminators
Size
14 kB (14065 bytes)
Hash
f45de52b71ffbaab0af7b835959fe830
7044c236f92eb3e1732adfeb4ba7e9607204edf3
025e230cdbe76d6d9bdac4b557c17599f9eb0a519bc7f7ffc216e44afcd37dc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/27da6a71c55717fa-1736501100074.1f230f14e978af7b.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-36f1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXGzlx1RZkWj9NSZXY4eoplYLQ80isMG%2F8z4jS3LZf9Jivz25kRx1QC0HAmk7y%2Fd38hk1d0kkVYDZjVcid58F%2BhBX2S1Aj0wGXoWPIxV0ni4dujtzNmvHpb8e8XMaMkJGhIqyQxn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c5e3db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2459&min_rtt=426&rtt_var=29&sent=116&recv=87&lost=0&retrans=0&sent_bytes=117747&recv_bytes=2997&delivery_rate=16837209&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=453&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/chunks/f53af6e80101a3e5-1736501100074-38e77496fba72d7c.js

104.21.80.1

200 OK

29 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/f53af6e80101a3e5-1736501100074-38e77496fba72d7c.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (28572), with no line terminators
Size
29 kB (28572 bytes)
Hash
849cc0ce99fcda6aa7a042c668414860
32cbeb7e43a3ffae373e07b87ed7fa1fe7c2e3f2
e92ee1979a8f0fee4d9d4cc721559909c1417cb1af8b696856581b1e60f4ebfc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/f53af6e80101a3e5-1736501100074-38e77496fba72d7c.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-6f9c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gKjZMVOmBONNKLesHFET1UW2XKSyMmuKvsA6E033fadbmorIJp9mg6BaLdfyI8XivKgXs9mVu7KeAm7gKSp1CB8%2B4qoHqUV347vQBEnfMXzIChba0GHor4ZQosJLhV0adFuS1hca"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c5e47b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2388&min_rtt=426&rtt_var=247&sent=68&recv=56&lost=0&retrans=0&sent_bytes=60426&recv_bytes=2997&delivery_rate=15714728&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=449&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/M4K6cXaaHL1FUwFbuP_81/_buildManifest.js

104.21.80.1

200 OK

1.3 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/M4K6cXaaHL1FUwFbuP_81/_buildManifest.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
ASCII text, with very long lines (1319), with no line terminators
Size
1.3 kB (1253 bytes)
Hash
85d9ea4dfd33e73337b58af47f838e1d
62c5ce619e1173b04a4911f584610b46411c02e6
1afb466ea245ec12df220824a9fe841ea49bb5b17819c96062ae8414c6924cff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/M4K6cXaaHL1FUwFbuP_81/_buildManifest.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-4e5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Csaq%2Bkd8vhpEe2%2BRW%2FQmDO1kPzUK%2BzLrtVP6EPOzEoxJI6PRUvyFF4%2B6t48fPlDNThM6BORzVoWc%2FLpn0bYwCJ3QLNrcO2SV8Fe2rm1%2FCzzBk37C3UunhFyrGuNQdpniOnUSQoIP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c6e56b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2449&min_rtt=426&rtt_var=198&sent=133&recv=111&lost=0&retrans=0&sent_bytes=138080&recv_bytes=2997&delivery_rate=16837209&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=456&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/M4K6cXaaHL1FUwFbuP_81/_ssgManifest.js

104.21.80.1

200 OK

160 B

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/M4K6cXaaHL1FUwFbuP_81/_ssgManifest.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
ASCII text, with no line terminators
Size
160 B (160 bytes)
Hash
ec987e535717d417e4c20c3f19741a95
36c65d6370d55851e91e9f1ff1a76751a1140fed
409d2de41a27a5c819fc065c000aa9bdcbb56a5f69595a04fb0db8da10802d2c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/M4K6cXaaHL1FUwFbuP_81/_ssgManifest.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-a0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CAOdOn%2BSU7LKrhN2Q023NEH7AJJlhT5JibMEQKQvKM1Pj3zr%2FkDCEojw7ux3zLRFAtt8NHm6MxgBk0XV7wNmfXD4ghYaobXSnMZneWUglYicvoK28XEOYivJb50y%2FHaZi9kzhXi5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c6e58b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3026&min_rtt=426&rtt_var=268&sent=136&recv=125&lost=0&retrans=0&sent_bytes=139185&recv_bytes=2997&delivery_rate=16837209&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=470&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/css/0bc0cde260d08b97.css

104.21.80.1

200 OK

1.8 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/css/0bc0cde260d08b97.css
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
ASCII text, with very long lines (1843), with no line terminators
Size
1.8 kB (1843 bytes)
Hash
64b2b4fa42c7d558d735e2cd28ecf88a
03d6da6e55b1201b51689590520da495a9233d67
2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: text/css
last-modified: Fri, 10 Jan 2025 09:34:23 GMT
vary: Accept-Encoding
etag: W/"6780e99f-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol%2Fw%2FDF1kkJnjDPZK%2FzjD5cLnkyeP3Lvg9Ni7FJiwMrpf%2BWa%2FVwTL3gO9QO22deINO1TKpT9OTl7%2BobI89isROh91qe3PNUbCLaKWYU%2F2pIqwZdn%2B9Ppw1EVLyq2w0%2FoSdoN4rkZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c4e3ab4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2474&min_rtt=426&rtt_var=244&sent=79&recv=59&lost=0&retrans=0&sent_bytes=74594&recv_bytes=2997&delivery_rate=16837209&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=450&x=0"
X-Firefox-Spdy: h2

POST gouloavaugelaiy.com/sync-metrics

104.21.80.1

200 OK

17 B

URL POST HTTP/3
gouloavaugelaiy.com/sync-metrics
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
17 B (17 bytes)
Hash
225f751e75610b98f8b287e79370be3a
9e29d2c966fb36f3d233dfb232be6eeeee8f1341
0b19f26f50f17771f6562e4cf8c7bead37ba5aeeeec7cbfaf2576a6647401569

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /sync-metrics HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 258
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/3 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/json; charset=utf-8
content-length: 17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xWpQTBgP0mjOU1n96%2FskuJA9zqVTqHS0PLc0BwTDqW010h1g%2FdKiQ7aRBHi%2Frejuv9b4fD3qnhZHfQFpq1mCJbl6vjAFVwlC8NRbXJOAQuOXTbGWvw6RbAECS4PRy5fGWuPYceYS"}],"group":"cf-nel","max_age":604800}
x-trace-id: 0674d6e9b966bca57d4ee5367f047fc2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-ray: 9026fe3e2e65568d-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

GET gouloavaugelaiy.com/_next/static/chunks/d039d117b6eecb33-1736501100074.31b0051255cfbe36.js

104.21.80.1

200 OK

46 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/d039d117b6eecb33-1736501100074.31b0051255cfbe36.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (46134), with no line terminators
Size
46 kB (46134 bytes)
Hash
5b1b17553b6e9ddb6fd2fc3c501917c8
f9c57a155b2b08e5106436fdacb93914c88ad156
66cfe2cf801352e48479dfe06eacfea6e0be61c6e1f32a2d2a0de75df745ba9c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/d039d117b6eecb33-1736501100074.31b0051255cfbe36.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-b436"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OV5aIMSxCwnm%2BconfyP9i1vdjwMcKdupNQvIxEtWAvD09rBQc29izFtUe307PWU9twvEA6A3I38y5VnzC7W0C3sSZSWZ%2BcUNXosXBpdUqtNZC3cd3BgdsH0ZfMJ6jb5naEjLzgDM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c5e42b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1639&min_rtt=426&rtt_var=1967&sent=34&recv=39&lost=0&retrans=0&sent_bytes=21953&recv_bytes=2997&delivery_rate=15714728&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=445&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/chunks/6bb04592a3076195-1736501100074.09497dd61c381dac.js

104.21.80.1

200 OK

6.5 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/6bb04592a3076195-1736501100074.09497dd61c381dac.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (6712), with no line terminators
Size
6.5 kB (6537 bytes)
Hash
d7062ca975c02ad381f595c88c461f2a
7c8eb954824911513263f9cc252d306794385326
9188e615f65d0fa83dbb15e6e0903a0fb967718883bc3692addef2640b79bfbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/6bb04592a3076195-1736501100074.09497dd61c381dac.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-1989"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5OF9pfuLRRK8603zNFF6HAMqZa2cdJjuL3Q%2BKW%2BwJJyHsbooPkqnaPlvOT5%2Fwm4PFz3JCdAtN4YXl7FQRcZJFzqaiGQ4qeufCPMwRHyUEcfvvD7fQiYVYalQhC3PvRhkMuwPpYEe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c5e45b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1844&min_rtt=426&rtt_var=1130&sent=64&recv=42&lost=0&retrans=0&sent_bytes=57553&recv_bytes=2997&delivery_rate=15714728&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=446&x=0"
X-Firefox-Spdy: h2

GET cdntechone.com/stattag.js

188.114.97.1

200 OK

16 kB

URL GET HTTP/2
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintC4:4A:E2:16:14:70:A8:3C:39:84:67:A6:B3:07:BF:A2:33:7A:6C:EA
ValiditySat, 14 Dec 2024 05:16:32 GMT - Fri, 14 Mar 2025 06:15:04 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
16 kB (16490 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 31
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tOGS1%2BEaMrR94ahNvByKhjMAr9v9TBDmIirNK%2FEoK1xjBhvD10fZlWmqPoX5Yy82ait49WTgw9EJXrre5Y0XELDuZZ8gGp%2FoQPJ2XRmlfoMss%2BtBsQu6Q6GOPy1yNuhwTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9026fe3e6ab656b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=479&min_rtt=414&rtt_var=158&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3282&recv_bytes=1164&delivery_rate=7674911&cwnd=253&unsent_bytes=0&cid=bbf4ba922637e2cf&ts=30&x=0"
X-Firefox-Spdy: h2

GET cdntechone.com/stattag.js

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintC4:4A:E2:16:14:70:A8:3C:39:84:67:A6:B3:07:BF:A2:33:7A:6C:EA
ValiditySat, 14 Dec 2024 05:16:32 GMT - Fri, 14 Mar 2025 06:15:04 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
16 kB (16490 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 31
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EN%2F9dtJjyCgyTMJ6PoYsKf%2FWWToW2tjEBMY4k1MzjxXB4cE69rXeyrLCYI%2Fo8noDAC8%2FwDcr%2Fqd3xVPxtkGGE8s%2FgYoLADlPRyYOKDXQGRCM8uwxHnfDgf89pXzmc90Cvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9026fe3f1b2a56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4352&min_rtt=4349&rtt_var=1637&sent=13&recv=8&lost=0&retrans=0&sent_bytes=4160&recv_bytes=1140&delivery_rate=135256&cwnd=12000&unsent_bytes=0&cid=8c424907111360e2&ts=50&x=1", cfExtPri, cfHdrFlush;dur=0

GET gouloavaugelaiy.com/_next/static/chunks/1c02c3e681ea9f6d-1736501100074-ebf163de3da5e125.js

104.21.80.1

200 OK

27 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/1c02c3e681ea9f6d-1736501100074-ebf163de3da5e125.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (26671), with no line terminators
Size
27 kB (26671 bytes)
Hash
46319da25b781d320119bb919f754f17
f469c209ac6ece789afc95873888de04b0268eea
99199d4c9b8e1653af1ea901b3f856fe9537a6ff869abad68ca5c5f8d253eda5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1c02c3e681ea9f6d-1736501100074-ebf163de3da5e125.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-682f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlzkweriPLySQZuvudwoVaCXVuUmbd3xd%2FmiM8DpJK%2Bd66ueB1O%2B7m9lCc6ZPpEPVmaGnDo83OMJ4ZttgRUPhZcLVL3tnWOMWxe6fV%2BEokRBVsI6%2B08CPxZbRRai2UOa%2FH5FhZFj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c5e48b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1844&min_rtt=426&rtt_var=1130&sent=44&recv=42&lost=0&retrans=0&sent_bytes=34732&recv_bytes=2997&delivery_rate=15714728&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=446&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/chunks/f47a9967b65997b4-1736501100074.6968f27ea0bcf339.js

104.21.80.1

200 OK

3.8 kB

URL GET HTTP/3
gouloavaugelaiy.com/_next/static/chunks/f47a9967b65997b4-1736501100074.6968f27ea0bcf339.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (3871), with no line terminators
Size
3.8 kB (3793 bytes)
Hash
32aa90afa32a5c20ee932e4097b914e8
6b6e5cfaa4efae7dd776aee725e60ba0f3e5e202
68e5f1f5f2f836d46118bb83ca7e3f8737f08b0d9a3bb3257cb270eb5eeef9c6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/f47a9967b65997b4-1736501100074.6968f27ea0bcf339.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HQj1uFjhjiSZsNbjK8NkCPhDKuSmh1I%2BGTtDWrjckoxy%2B0VZHjvZFi8jpOfgytsUGhvldlB11ch4b44G2EetrpVJn36MZvy7wufpJKWyumacSAPEcbULlZoGxeHq5WxnlqrbVNn4"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-ed1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 9026fe3dfe64568d-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

GET gouloavaugelaiy.com/single-page/516/

104.21.80.1

200 OK

43 kB

URL User Request GET HTTP/2
gouloavaugelaiy.com/single-page/516/
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type

Size
43 kB (43139 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /single-page/516/ HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:28 GMT
content-type: text/html
last-modified: Fri, 10 Jan 2025 09:34:08 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vOE%2FyDF1Rt1uWkuh7PNyH9T6NgPjY%2Fybtgy%2BgNsbqnHRUnKLBdLChKzM1IkISqq%2FUMJrLbDromkmi3JqAEby4UOEg1Ni3ZoPvpLIdW%2B07C7gXa5%2FjifFZY3M3tHupM3LbvJY07jp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3a1bcbb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6453&min_rtt=448&rtt_var=12021&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3301&recv_bytes=1263&delivery_rate=7855334&cwnd=254&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=96&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/chunks/8f5cbba4cc10fdf5-1736501100074-526eef58c46893a1.js

104.21.80.1

200 OK

59 kB

URL GET HTTP/2
gouloavaugelaiy.com/_next/static/chunks/8f5cbba4cc10fdf5-1736501100074-526eef58c46893a1.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (58600), with no line terminators
Size
59 kB (58600 bytes)
Hash
f501ac4660b709f0c7042382325b9cfd
93f141b32dcbce00248639f6959aa7bb43dfeaa6
4af1fe62be90a3079238be1f5c12b12146518f008627c60f305feeb3ce857b61

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8f5cbba4cc10fdf5-1736501100074-526eef58c46893a1.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-e4e8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aARwfNCjIa2wgvMyVQvN%2BUIBbkM1aqkzxnJr9ObaTuYX4sLGOYqk%2FQ375WTnUdZJYyOXINLHq6g0updMnr768cPTgO1zRGj9zs6NRHDvyGNHtTg6IUyefix0U6qU48n0Ia6jT8ag"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9026fe3c6e52b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2892&min_rtt=426&rtt_var=275&sent=139&recv=128&lost=0&retrans=0&sent_bytes=139812&recv_bytes=2997&delivery_rate=16837209&cwnd=257&unsent_bytes=0&cid=2f54ad66e4bf4f82&ts=511&x=0"
X-Firefox-Spdy: h2

GET gouloavaugelaiy.com/_next/static/chunks/ac5595402e335eea-1736501100074.3cfdc57f0372e5e9.js

104.21.80.1

200 OK

7.0 kB

URL GET HTTP/3
gouloavaugelaiy.com/_next/static/chunks/ac5595402e335eea-1736501100074.3cfdc57f0372e5e9.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (7133), with no line terminators
Size
7.0 kB (7033 bytes)
Hash
309061ab74ca638f460078aad0676d38
469e0bfe32600b6b32af0def65a0c2c0d7ec7fc3
95b40ce23cb442d3ed6f0ec23e0a460e294e130a98be2dc84a20a8220dbd97be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/ac5595402e335eea-1736501100074.3cfdc57f0372e5e9.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJl4BR9dvejzOh9tmHUEFSxwo8e5YyW%2FPKyxf6HTbVJFuARhe2o7ROov%2FaiPqO42B7vqeFlj7kMVeY8eo8YYl5TDFNsaJAfSpxyjVqZvsI8g3IAOKGV7GxlTc0%2Bv3D1Ic6bBg646"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-1b79"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 9026fe3dee62568d-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

GET gouloavaugelaiy.com/_next/static/chunks/dbb80ba394719d25-1736501100074.0157f5525bb5ad80.js

104.21.80.1

200 OK

16 kB

URL GET HTTP/3
gouloavaugelaiy.com/_next/static/chunks/dbb80ba394719d25-1736501100074.0157f5525bb5ad80.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectgouloavaugelaiy.com
FingerprintF5:51:FA:03:A1:74:E4:A7:15:CF:F2:E3:2F:06:72:FD:DA:A0:82:EE
ValidityThu, 12 Dec 2024 22:10:52 GMT - Wed, 12 Mar 2025 23:09:38 GMT

File type
JavaScript source, ASCII text, with very long lines (15494), with no line terminators
Size
16 kB (15494 bytes)
Hash
246c62a01ca76c5e64b7879c01635219
faa25c8618c4adc07d9e2619aa386782d21e2c7a
e0e4a9f620af9b0283ad84377bfedc59ec8091dbed06d8f32f37a59d0cb30721

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/dbb80ba394719d25-1736501100074.0157f5525bb5ad80.js HTTP/1.1
Host: gouloavaugelaiy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ZCi4hYS5YXcumXSZZ9WSLQldOdcgpLDCkGkHYGbyOFFFw%2FEOKnUfgyjnarR5NEbsla%2Fx3crpFIxH6N5r7UmqjkH35VW48zDIJg68cNXYKk1xVM10EAfJIjHQCoKj7VzZhqGa4om"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 10 Jan 2025 09:34:03 GMT
vary: Accept-Encoding
etag: W/"6780e98b-3c86"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
content-encoding: br
cf-ray: 9026fe3dee63568d-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

GET cdntechone.com/stattag.js

188.114.97.1

200 OK

16 kB

URL GET HTTP/3
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gouloavaugelaiy.com/single-page/516/
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintC4:4A:E2:16:14:70:A8:3C:39:84:67:A6:B3:07:BF:A2:33:7A:6C:EA
ValiditySat, 14 Dec 2024 05:16:32 GMT - Fri, 14 Mar 2025 06:15:04 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
16 kB (16490 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Jan 2025 15:45:29 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 31
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sAp2iWRzeRjYk3o2GcSISrNtmW4E4Tx7Y690sCNzzhfwK6YI%2B7BUuH%2FaG07imD%2BpvHQyBlKAWty6L4NUx6HnpUHheEYeMS29K2NLeowNjIjyCUERcKv%2BIOfYMI64QPauiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9026fe3f8b8456a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4077&min_rtt=2147&rtt_var=1779&sent=22&recv=10&lost=0&retrans=0&sent_bytes=12615&recv_bytes=1401&delivery_rate=255831&cwnd=12000&unsent_bytes=0&cid=8c424907111360e2&ts=116&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML