Report - jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74

Report Overview

Submitted URL
jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
IP
104.21.87.225
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-02 03:58:29
Access
public
Website Title
Click to continue watching
Final URL
jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
my.rtmark.net	9054	2014-10-29	2015-02-04	2024-05-01	910 B	1.5 kB	139.45.195.8
jaupteeglo.com	unknown	unknown	No data	No data	6.5 kB	98 kB	104.21.87.225
jouteetu.net	260109	2021-07-08	2021-07-15	2024-04-30	1.3 kB	1.9 kB	139.45.197.251
amunfezanttor.com	unknown	2023-03-31	2023-03-31	2024-04-30	1.0 kB	1.1 kB	139.45.197.250
littlecdn.com	11785	2019-06-04	2019-06-04	2024-05-01	475 B	7.6 kB	104.22.25.116
static.jaupteeglo.com	unknown	unknown	No data	No data	544 B	7.8 kB	104.21.87.225

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-02	medium	jaupteeglo.com	Sinkholed
2024-05-02	medium	jaupteeglo.com	Sinkholed
2024-05-02	medium	jaupteeglo.com	Sinkholed
2024-05-01	medium	amunfezanttor.com	Sinkholed
2024-05-01	medium	amunfezanttor.com	Sinkholed
2024-05-02	medium	jaupteeglo.com	Sinkholed
2024-05-02	medium	jaupteeglo.com	Sinkholed
2024-05-02	medium	jaupteeglo.com	Sinkholed
2024-05-02	medium	jaupteeglo.com	Sinkholed
2024-05-02	medium	jaupteeglo.com	Sinkholed
2024-05-02	medium	jaupteeglo.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (20)

	URL	Size	First Seen	Last Seen
	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	86 B	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash a446617c41e98d03a3365965f4bd88c2 56857399388d53721e8cb7a70d6383adce6bb661 23d74f63c87eef01b656f839209b0e194f032eb92cf90d029cb73aabeb9bb9cf Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	390 B	2024-01-23	2024-05-16
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-23 11:20:02 Last Seen2024-05-16 19:19:34 Times Seen2264 Hash 5247fca34d34a05ed1f8838aeba83b47 564b1f3eacda75db2aa6b35b218bedb8a0388cd2 6c3667edbc99573fa96be6a762d2d1a3cbf7269e3f40031b03f3766a5f6cd8ba Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	548 B	2024-04-18	2024-05-16
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-18 22:14:33 Last Seen2024-05-16 19:19:34 Times Seen245 Hash 6c1a77038dcd135252bab3b9e3303813 a41463947ff0faeba9b74957b1e660d5c48bea1b bcdb63ed672335accac8933777b08db48dceae4645aeb9c4d4d81d429a27787f Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	1.0 kB	2023-09-15	2024-05-16
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-15 06:48:32 Last Seen2024-05-16 19:19:34 Times Seen5370 Hash 1e000d88343060c761e3d7ae644a8732 98f67005a3b038378596137e93681310c394d980 cea17ebf90b967d519365b4f2c3a89f73e6b70003e81841d6b8696df4304210e Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	2.9 kB	2024-02-12	2024-05-15
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-12 03:36:07 Last Seen2024-05-15 22:18:37 Times Seen35 Hash fa2fface3b7194bd7292ed48ab49d486 e3c90429161fbbd3f63af43178d8db179bde8396 7974f2a6cd4dce0727912f5b506db2319ea1c44a31128e71dd8e2e9000f53dfc Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	321 B	2024-03-16	2024-05-16
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-16 20:53:06 Last Seen2024-05-16 15:10:18 Times Seen202 Hash 7871eb351b7621935fa9c7235ea23fec dc9e9141d124263e37f8f36a2a9a3a04fe48e34a 35a2fe87f3d74d7791097c7670e83fbd42c90b97cc393527309235d358809683 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	97 B	2024-03-16	2024-05-16
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-03-16 20:53:06 Last Seen2024-05-16 15:10:18 Times Seen202 Hash 77b5a2581e051e76ee3c38a50a873548 029ab99e3748ace3d701b0d8e22f2eca860ff701 6cdef993f9cba362e089f1dc186ebd08a995de0fdb582440ba0d892f34325c48 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	2.1 kB	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash bb6fd7e66682334535fdf5134e30c665 ca8d1bea9b1fba7c719a453674a3f835b3653729 7c0084eb4e40aaa9e43acdc178e9c89b2ed5c5c66e8b124bf59ac9dfc18a163b Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	38 B	2023-03-13	2024-05-16
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 22:51:58 Last Seen2024-05-16 15:10:19 Times Seen5495 Hash 3ea1379d18e4ec6bccefeba76a1b33b4 90afb068cee6917494ddd820bcb2fe44de7e5e43 15c832dee58f1c08fb6bf51935a10f95cb0482d19441cefbb469a82278e54bae Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	11 kB	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash df27b44034e22ce557a472c878b23f84 2953d2c627878d6cfc711b116c25bd23882437ba a6e301e68f85603b3951dd8f83d7700e79735734621fcc6a8706c5a8e8aa8b4d Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	3.5 kB	2024-04-06	2024-05-16
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-06 22:19:16 Last Seen2024-05-16 07:59:35 Times Seen90 Hash e5380ae0a235fbdc5e33afdb4af4acd5 dba073f817c4f31269e29c04f4055306aadec631 696253f67e5035923d4e83bd3f49f34e3ccfdf4bdcb879b955f7707ae166520f Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	471 B	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash b68f8b94ba26f26e6b51f9dcb7143b0f 5d9d90ef271174031d05b92f0c74be6c308280eb ada8a07cdd9ae80ca144282ccb2d83e9f4300341cd3f6c389b03e92f9ae34463 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	432 B	2023-08-15	2024-05-16
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-15 17:07:57 Last Seen2024-05-16 19:19:35 Times Seen5389 Hash a68df917a9d58006028bbbc7b6f30aa0 8412b7650e9351c4826eee83dc944ab8e7a5a660 003c5bfe078f1901b11f14e32f824a1696e54b3a72cd7462395986063f0cd571 Loading...

	jaupteeglo.com/pfe/current/micro.tag.min.js?z=7015928&ymid=1320852&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3337&var_4=809747048456532519	37 kB	2024-04-25	2024-05-15
Pretty URL jaupteeglo.com/pfe/current/micro.tag.min.js?z=7015928&ymid=1320852&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3337&var_4=809747048456532519 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 13:01:48 Last Seen2024-05-15 20:42:51 Times Seen2522 Hash 32d6dbd00a639e2cd10d1704b9159bd5 0dab4c95675393f1d0e13d20f13d80ee12e41d95 9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	3.9 kB	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash 3752703eaa9cdf1e2358f22accb665bd f2d3fb81d0ce0d724304e4edb4aa24e824bbfae9 8721a8389c68ce3d3fe3b0dd7fe74cf16f5a53afb8a4c7d55ce8b892b9e8b6cb Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	5.1 kB	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash ed74476a404b19dde385d973851c64a2 bc018a22473c55adaa1978abaca9664b9a4a2eb9 f4766e8024d86f94d342f400df37849b517321d7182fa91181fcb2494be4e1d8 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	4.0 kB	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash 4a743da8bfd99dacbe673104fa2808a5 265d85ba6d8f4ea9d6589d9ffa65dee6673aa21e 40da4fa76ad38162d4afdb295985f313c45962f2a70aac6edaa5fc2bb7b93290 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	3.1 kB	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash 16829bcc18bd143631245a283a865b88 a21df63f6a5f34adf64ac9d6442670d9672f3c09 b2dfd38f2a5958407f34b7bf045a92c27bf89622bbcaf7106d641316cabb83e4 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	2.7 kB	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash 903551685f66fa39732be556b570acb3 2a9107b9a22ede15d49d3f237e94fe6e8afb9510 5566df62589f4e233475fcf0c95cd95c3aebd292a12abc8375d266def6c8a3d2 Loading...

	jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74	2.1 kB	2024-05-02	2024-05-02
Pretty URL jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 IP 104.21.87.225 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-02 05:58:35 Last Seen2024-05-02 05:58:35 Times Seen1 Hash 5311fe17da5fd327611c362b228dc1db e54b88e17e7d1da89d11dfe72e3fd04d366cd14b 088e15bcc3f31d6bf1beac84287faa32a42af89044c24ec9d71041d27083a645 Loading...

HTTP Transactions (17)

URL IP Response Size

static.jaupteeglo.com/templates/_assets/sounds/blip1/default.mp3

104.21.87.225

206 Partial Content

6.7 kB

URL GET HTTP/3
static.jaupteeglo.com/templates/_assets/sounds/blip1/default.mp3
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural
Size
6.7 kB (6712 bytes)
Hash
6422f23e1751d74410347e02c0210a60
0e3e65be6b5fbb76f6a52191e973bd37368be204
4fdb5a03ae3f26e801517144609db3589bd0835a686fe11dfe7afddcdb750ef8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /templates/_assets/sounds/blip1/default.mp3 HTTP/1.1
Host: static.jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Thu, 02 May 2024 03:58:04 GMT
content-type: audio/mpeg
content-length: 6712
last-modified: Sat, 27 Apr 2024 09:07:56 GMT
vary: Accept-Encoding
etag: "662cc06c-1a38"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=86400
cf-cache-status: HIT
age: 3674
content-range: bytes 0-6711/6712
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=auSgIYWCQEsCBtKITKd79ydVvggGsmo%2BAVwDjItYHZtKL%2FwAA1Jmsyptce0lOQMncSFV1HZ5GDysfvR6ktEgFgrFY2ipmaYzthEOmvaNBEZkKq56xILS2DWx8GzCgqlt9tfhMVuz8DY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d5173eae8db500-OSL
alt-svc: h3=":443"; ma=86400

my.rtmark.net/gid.js?userId=08a6e786fd32b76b26ad1a252aea96f0

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=08a6e786fd32b76b26ad1a252aea96f0
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
78d5234095361c97ede1fcd4946a3307
ef982c5486b4d584e9fcfb00deed910514f9aace
c00c11676e47d41076e90ec392ece4f1efa9ada8def7eb272b78527387d7267b

HTTP Headers

GET /gid.js?userId=08a6e786fd32b76b26ad1a252aea96f0 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 03:58:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08a6e786fd32b76b26ad1a252aea96f0; expires=Fri, 02 May 2025 03:58:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC
ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT

File type
JSON text data
Size
65 B (65 bytes)
Hash
004d466c3ceed66c887e6251d0af92ee
d1ef35797208f3fbdc9f0c465caa09c082cfda72
d43aba8c0d7056bd8949de53e845eae41fc26b8e07ca94081a62163f98be4482

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 03:58:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=08005055675d4766f0faa4be2515d7c6; expires=Fri, 02 May 2025 03:58:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

jaupteeglo.com/favicon.ico

104.21.87.225

204 No Content

0 B

URL GET HTTP/3
jaupteeglo.com/favicon.ico
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Cookie: reverse=hMeiJIXvzqQhT2WUBb3HJ-0-RsnDOIu8w_8ph4Z7Ic4; OAID=08005055675d4766f0faa4be2515d7c6; oaidts=1714622284; syncedCookie=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Thu, 02 May 2024 03:58:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=86400
cf-cache-status: HIT
age: 3653
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kDMkgToW2Y89SuhrlGLyeth2ndKHlxBsZsGAfJJTfiobdv8OAEgQJKpAXOhYvlEXFAB2qQDD4dq%2Bup99c3qif4O3jOD1%2B%2FU0n1C1yjUcaLsy0v1qPM8lE200W5KA6J73cw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87d51740ffa4b500-OSL
alt-svc: h3=":443"; ma=86400

jaupteeglo.com/zone?&pub=0&zone_id=7015928&is_mobile=false&domain=jaupteeglo.com&var=7078316&ymid=1320852&var_3=20323986_3337&var_4=809747048456532519&dsig=&tg=1&sw=3.1.504&trace_id=0b5822e6-5d9c-4b2e-ad88-678ad907c486&action=prerequest

104.21.87.225

200 OK

0 B

URL POST HTTP/3
jaupteeglo.com/zone?&pub=0&zone_id=7015928&is_mobile=false&domain=jaupteeglo.com&var=7078316&ymid=1320852&var_3=20323986_3337&var_4=809747048456532519&dsig=&tg=1&sw=3.1.504&trace_id=0b5822e6-5d9c-4b2e-ad88-678ad907c486&action=prerequest
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=7015928&is_mobile=false&domain=jaupteeglo.com&var=7078316&ymid=1320852&var_3=20323986_3337&var_4=809747048456532519&dsig=&tg=1&sw=3.1.504&trace_id=0b5822e6-5d9c-4b2e-ad88-678ad907c486&action=prerequest HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Cookie: reverse=hMeiJIXvzqQhT2WUBb3HJ-0-RsnDOIu8w_8ph4Z7Ic4; OAID=08005055675d4766f0faa4be2515d7c6; oaidts=1714622284; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:05 GMT
content-length: 0
x-trace-id: 7e0a2d7a58604a5e431abec3f496f685
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4NL%2FiJnbA2M8TrqFRELhsgzk%2Fn3swJnCk0MlbeyyuHgjnt%2Bh4%2FtMzAIhxbNmLqEMcs4fxtd9X8N90wib2ygRUDD%2F7UQEkPnPNhAyDQTrjuikk3Eq743Zh5BvTL5Cfm790Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d517415fd1b500-OSL
alt-svc: h3=":443"; ma=86400

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 416
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 03:58:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: caa698b6c6b0df31999dfbae11a273c6
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 418
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 03:58:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e6bf5bbeffd66a36a8bf830dd7b8b416
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jouteetu.net/custom

139.45.197.251

200 OK

39 B

URL POST HTTP/2
jouteetu.net/custom
IP
139.45.197.251:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjouteetu.net
FingerprintF5:94:3C:5E:6B:54:1A:97:82:F8:7E:1F:C2:51:04:8C:FB:F5:CF:65
ValidityWed, 13 Mar 2024 19:38:02 GMT - Tue, 11 Jun 2024 19:38:01 GMT

File type
JSON text data
Size
39 B (39 bytes)
Hash
058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

HTTP Headers

POST /custom HTTP/1.1
Host: jouteetu.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 419
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 03:58:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9e6f1cac785815945947a9f2f469efd9
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

0 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

OPTIONS /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://jaupteeglo.com/
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 03:58:05 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
X-Firefox-Spdy: h2

amunfezanttor.com/event

139.45.197.250

200 OK

94 B

URL OPTIONS HTTP/2
amunfezanttor.com/event
IP
139.45.197.250:443
ASN
#9002 RETN Limited

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectamunfezanttor.com
FingerprintAB:2C:60:54:FF:D7:D6:23:0E:87:1A:98:EC:94:B3:9B:29:1A:F3:AA
ValidityWed, 10 Apr 2024 19:04:12 GMT - Tue, 09 Jul 2024 19:04:11 GMT

File type
JSON text data
Size
94 B (94 bytes)
Hash
bbeea466c2edf0a139928acc6b296523
f9b64bb3412cb99ec3441e2108e7d88b15fffba0
0b466324b9f662414c5614a4a59c8e2bd64e2792431470f8d39ad5f748981ff5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: amunfezanttor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/
Content-Type: application/json
Content-Length: 1450
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 02 May 2024 03:58:05 GMT
content-type: application/json; charset=utf-8
content-length: 94
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://jaupteeglo.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74

104.21.87.225

200 OK

50 kB

URL User Request GET HTTP/2
jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
HTML document, ASCII text, with very long lines (3300), with CRLF, LF line terminators
Size
50 kB (49874 bytes)
Hash
2327d6528b8c0876a6a5fca0026c2250
8219c0aabf8e977ead2cfa1b3cdb46e22a2c3911
e5ef5496aa9387ce5d62a4a846830ff97af75609e163adc13b0385c3174b42b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
set-cookie: reverse=hMeiJIXvzqQhT2WUBb3HJ-0-RsnDOIu8w_8ph4Z7Ic4; expires=Thu, 02-May-2024 04:58:04 GMT; Max-Age=3600; path=/
OAID=08a6e786fd32b76b26ad1a252aea96f0; expires=Fri, 01-Sep-2079 07:56:08 GMT; Max-Age=1746158284; path=/
oaidts=1714622284; expires=Fri, 01-Sep-2079 07:56:08 GMT; Max-Age=1746158284; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hoLSlq5ytlZVseh6HEvz550%2BHt0r4%2FzAgCG88rUbLbY2KJElDEMaFDF2M%2BEP8avzPj6XJYlrxyPss8bOI8kaO9CRWyxTOiB9Vb9Z4ke56yrKXG%2FE59Bdm28JyKE6AMV8nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d5173b0b3b1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74&mprtr=1&os_version=x86.64

104.21.87.225

200 OK

2 B

URL POST HTTP/3
jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74&mprtr=1&os_version=x86.64
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74&mprtr=1&os_version=x86.64 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://jaupteeglo.com
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Cookie: reverse=hMeiJIXvzqQhT2WUBb3HJ-0-RsnDOIu8w_8ph4Z7Ic4; OAID=08a6e786fd32b76b26ad1a252aea96f0; oaidts=1714622284; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:04 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LokGocwoH7c6naJTlM22DF7vyj6V9Oqbib5reSoSeq4dQMODA%2BKMBp3bXLP8m5zkUkQCUc9z5z2E5TSKTBIfwyNhP5FFzCpSDkrCpnhET12KW2w%2FIlya0IXnuj%2FGsam2dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d5173f8ef3b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jaupteeglo.com/track-impression-applab?z=7078316&b=20323986&ymid=7ad10rng68w1m6od74&var=1320852&var_3=20323986_3337&redirect=false&redirectUrl=https%3A%2F%2Fprized.pro%2Fyz992c%3Fexternal_id%3D%24%7BSUBID%7D%26source%3D7078316_1320852%26ad_campaign_id%3Dcryptocpszd%26land_state%3Dbefore_render%26land_id%3DJ1mCFxLYUjKrC3y%26land_generation_time%3D2024-05-01_22%3A58%3A04%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D08a6e786fd32b76b26ad1a252aea96f0%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64

104.21.87.225

200 OK

773 B

URL GET HTTP/3
jaupteeglo.com/track-impression-applab?z=7078316&b=20323986&ymid=7ad10rng68w1m6od74&var=1320852&var_3=20323986_3337&redirect=false&redirectUrl=https%3A%2F%2Fprized.pro%2Fyz992c%3Fexternal_id%3D%24%7BSUBID%7D%26source%3D7078316_1320852%26ad_campaign_id%3Dcryptocpszd%26land_state%3Dbefore_render%26land_id%3DJ1mCFxLYUjKrC3y%26land_generation_time%3D2024-05-01_22%3A58%3A04%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D08a6e786fd32b76b26ad1a252aea96f0%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (831), with no line terminators
Size
773 B (773 bytes)
Hash
392b566475d99bd0a62fdbd7fedc7d42
e2efc9dc2b3b0a7ded117641c17d1b4ee19beeb1
fffb650dafc8f47080a8b098e493f7707fa5f7231f5401c4523647c48e8eddb9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /track-impression-applab?z=7078316&b=20323986&ymid=7ad10rng68w1m6od74&var=1320852&var_3=20323986_3337&redirect=false&redirectUrl=https%3A%2F%2Fprized.pro%2Fyz992c%3Fexternal_id%3D%24%7BSUBID%7D%26source%3D7078316_1320852%26ad_campaign_id%3Dcryptocpszd%26land_state%3Dbefore_render%26land_id%3DJ1mCFxLYUjKrC3y%26land_generation_time%3D2024-05-01_22%3A58%3A04%26land_error_code%3D%26ruid%3D%7Bruid%7D%26mgeo%3D%7Bmgeo%7D%26oaid%3D08a6e786fd32b76b26ad1a252aea96f0%26land_type%3Drtr%26isPushSubscribed%3Dfalse%26isPushAlreadySubscribed%3Dfalse%26land_tracker%3Dmarker%26land_purchase_method%3Dapk&os_version=x86.64 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
DNT: 1
Connection: keep-alive
Cookie: reverse=hMeiJIXvzqQhT2WUBb3HJ-0-RsnDOIu8w_8ph4Z7Ic4; OAID=08a6e786fd32b76b26ad1a252aea96f0; oaidts=1714622284; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:04 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-trace-id: fa6e7e064a55f8b80820ce77908d1b7d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XalZl6EsP%2BOKY221oIXi3%2FVBFxIx8jVT8c2rTRdIFsIpplJi6egz5bxxl4s2FKW2x3O5L4dlA3wZPQFzvOXSK0tQvUMGHRGtjFz2uLARPtTGoQH3KO%2BGb7qzTA08EkkCtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d5173f8efbb500-OSL
alt-svc: h3=":443"; ma=86400

jaupteeglo.com/rotate?zz=6355835&var=7078316&ymid=1320852&uid=08005055675d4766f0faa4be2515d7c6&var_4=7ad10rng68w1m6od74&os_version=x86.64

104.21.87.225

200 OK

660 B

URL GET HTTP/3
jaupteeglo.com/rotate?zz=6355835&var=7078316&ymid=1320852&uid=08005055675d4766f0faa4be2515d7c6&var_4=7ad10rng68w1m6od74&os_version=x86.64
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (670), with no line terminators
Size
660 B (660 bytes)
Hash
fe5665e92352dd1726eea369865d7fa3
04b655f9ff31bfb06717c29d452269ee52b14e17
2da1da8257bfc795fa5ed8ffe5697dcf3b5d4fea610e0cfd71b7490bc8e3a927

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rotate?zz=6355835&var=7078316&ymid=1320852&uid=08005055675d4766f0faa4be2515d7c6&var_4=7ad10rng68w1m6od74&os_version=x86.64 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
DNT: 1
Connection: keep-alive
Cookie: reverse=hMeiJIXvzqQhT2WUBb3HJ-0-RsnDOIu8w_8ph4Z7Ic4; OAID=08a6e786fd32b76b26ad1a252aea96f0; oaidts=1714622284; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:04 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: a92a578e9396c1f8dd9d1dd51b943261
pragma: no-cache
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-origin: https://jaupteeglo.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=08005055675d4766f0faa4be2515d7c6; expires=Fri, 02 May 2025 03:58:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VTz4G0IVU%2F8KvFGMDVQ%2B9h9YEoHBuyNuyPHsziUgMsJ7vW4VZRerOQxxLslE5JpDdnwIOh0x2yLygO5GsOBpGCfOpkegxpcEdkuA5BiJsfLsvKCCBk0yFTUgEpKsQsllbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d5173f8efdb500-OSL
alt-svc: h3=":443"; ma=86400

littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.6

104.22.25.116

200 OK

6.9 kB

URL GET HTTP/2
littlecdn.com/apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.6
IP
104.22.25.116:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectlittlecdn.com
Fingerprint42:A1:9F:5B:B7:1B:88:CB:90:58:FC:E9:D1:96:3C:48:38:66:3A:9A
ValidityMon, 11 Mar 2024 02:10:57 GMT - Sun, 09 Jun 2024 02:10:56 GMT

File type
ASCII text, with very long lines (7345), with no line terminators
Size
6.9 kB (6899 bytes)
Hash
57f883f33e55218cea794ad4f6971357
d39f9e65da05862b37169425ccd72764da82dce0
be65cf329f062009996883e7d2ac5db7d2348e7121a45a775046e2f0e7822220

HTTP Headers

GET /apps/templates/android-instructions/ios-sys-msg-icon/css/style.css?v=1.6 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 02 May 2024 03:58:04 GMT
content-type: text/css
last-modified: Sat, 27 Apr 2024 09:07:56 GMT
vary: Accept-Encoding
etag: W/"662cc06c-1af3"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: HIT
age: 3616
server: cloudflare
cf-ray: 87d5173e5903712d-OSL
content-encoding: br
X-Firefox-Spdy: h2

jaupteeglo.com/sw-check-permissions/7015928?var=7078316&var_3=20323986_3337&var_4=809747048456532519&ymid=1320852&uhd=1&zoneId=7015928

104.21.87.225

200 OK

1.3 kB

URL GET HTTP/3
jaupteeglo.com/sw-check-permissions/7015928?var=7078316&var_3=20323986_3337&var_4=809747048456532519&ymid=1320852&uhd=1&zoneId=7015928
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
ASCII text, with very long lines (1418), with no line terminators
Size
1.3 kB (1334 bytes)
Hash
23730b93b5988e91fbef3d696a3fd3e3
b8ec5ac0226c950b0a4a0f6937b13f4bd48921d5
20293c4fddf7d483db0e1f9c5b25ba5e4bb13c40d0504eb38c0c516b43bc294d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw-check-permissions/7015928?var=7078316&var_3=20323986_3337&var_4=809747048456532519&ymid=1320852&uhd=1&zoneId=7015928 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Cookie: reverse=hMeiJIXvzqQhT2WUBb3HJ-0-RsnDOIu8w_8ph4Z7Ic4; OAID=08005055675d4766f0faa4be2515d7c6; oaidts=1714622284; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:05 GMT
content-type: application/javascript
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u58SIqycrCrB1RWWxUhlAI8rQIZ%2BUEFI3%2B4l6xHDrbGhH55Gdo9n2H1vtpmcYoXQFnZYVIUh02nBZJfCVZX0zNyPEUlDRfn0ZBA%2B42YfvUzCZKPKtd93IqjKDA%2FhuyagyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d517413fc2b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jaupteeglo.com/pfe/current/micro.tag.min.js?z=7015928&ymid=1320852&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3337&var_4=809747048456532519

104.21.87.225

200 OK

37 kB

URL GET HTTP/3
jaupteeglo.com/pfe/current/micro.tag.min.js?z=7015928&ymid=1320852&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3337&var_4=809747048456532519
IP
104.21.87.225:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Certificate
IssuerLet's Encrypt
Subjectjaupteeglo.com
FingerprintC2:44:23:5F:6A:44:ED:61:3D:EE:6C:67:EA:AB:8B:E0:FD:8A:09:EC
ValidityWed, 17 Apr 2024 07:24:17 GMT - Tue, 16 Jul 2024 07:24:16 GMT

File type
JavaScript source, ASCII text, with very long lines (37142), with no line terminators
Size
37 kB (37142 bytes)
Hash
32d6dbd00a639e2cd10d1704b9159bd5
0dab4c95675393f1d0e13d20f13d80ee12e41d95
9f339e5efd7c959419a4e86bb4c5e9f07eae2ed839484846157be981917743de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?z=7015928&ymid=1320852&var=7078316&sw=/sw-check-permissions/7015928&uhd=1&os_version=x86.64&var_3=20323986_3337&var_4=809747048456532519 HTTP/1.1
Host: jaupteeglo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jaupteeglo.com/?l=J1mCFxLYUjKrC3y&b=20323986&z=7078316&s=7ad10rng68w1m6od74&campid=3337&var=1320852&ymid=7ad10rng68w1m6od74
Cookie: reverse=hMeiJIXvzqQhT2WUBb3HJ-0-RsnDOIu8w_8ph4Z7Ic4; OAID=08005055675d4766f0faa4be2515d7c6; oaidts=1714622284; syncedCookie=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 02 May 2024 03:58:04 GMT
content-type: application/javascript
last-modified: Thu, 25 Apr 2024 10:49:22 GMT
vary: Accept-Encoding
etag: W/"662a3532-9116"
access-control-allow-credentials: true
cache-control: max-age=86400
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P2EfJJpjSLIoYbWbin9JsvB%2BUIyuSd6gdlFBmGRoK2kVfujqC1jNKkdl9odAgLM0%2Bx9w0GnTrpLcW%2Bq%2FXVujTpv%2Fha9I6rT3%2B1hnDB38t85%2BHB7MW7ErkmSGTyddeXXGLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87d517407f71b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML