Report - nrbodn.special4dates.net/c/0dbeb794881a1ffa?click_id=kmpwc67c389bb000afb11&j1=1&j2=&j3=&j4=&j5=&j6=&j8=1&j9=1&lp=MJ&s1=205177&s2=1999586&s3=zdsl

Report Overview

Visited public
2025-03-01 22:31:26
Tags
URL
nrbodn.special4dates.net/c/0dbeb794881a1ffa?click_id=kmpwc67c389bb000afb11&j1=1&j2=&j3=&j4=&j5=&j6=&j8=1&j9=1&lp=MJ&s1=205177&s2=1999586&s3=zdsl
Finishing URL
woastehiwour.net/sweeps-survey/1383?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
IP / ASN
52.19.138.177
#16509 AMAZON-02
Title
(1) Notification participate to win the prize $$$

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

130

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
looraunuptuph.com	unknown	2025-02-14	2025-03-01	2025-03-01	536 B	1.1 kB	104.18.41.59
saigopooramee.net	unknown	2024-11-15	2024-12-12	2025-02-23	510 B	1.3 kB	172.64.146.197
woastehiwour.net	unknown	2024-12-28	2025-01-05	2025-02-26	28 kB	756 kB	104.18.39.72
cdntechone.com	64371	2021-12-24	2021-12-24	2025-02-24	766 B	23 kB	188.114.97.1
lepaughamaudie.com	unknown	2025-02-26	2025-03-01	2025-03-01	3.0 kB	7.5 kB	104.18.43.142
datatechonert.com	46154	2021-12-24	2021-12-24	2025-02-23	552 B	484 B	37.48.68.71
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-02-26	441 B	838 B	172.64.146.234
nrbodn.special4dates.net	unknown	2024-10-11	2025-03-01	2025-03-01	610 B	914 B	52.19.138.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-01	medium	looraunuptuph.com	Sinkholed
2025-03-01	medium	saigopooramee.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed
2025-03-01	medium	woastehiwour.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (51)

	URL	From	Size	First Seen	Last Seen
	woastehiwour.net/_next/static/chunks/0cbfdb560d57ea2e-1740743412391-cd91c5f93afede6a.js	ScriptElement	29 kB	2025-02-28	2025-03-03
Pretty URL woastehiwour.net/_next/static/chunks/0cbfdb560d57ea2e-1740743412391-cd91c5f93afede6a.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-28 22:13 Last Seen2025-03-03 04:06 Times Seen25 Hash e61d0a5b6fcce5f1f0573008bc4dd7e8 1b64f5470a3d73b6f6f99ed6221eded6cafaeae8 7240cc795fac4412b9a5300e124328f564a8ca839bf4958c08e3c2c542e5b91b Loading...

	woastehiwour.net/_next/static/chunks/e349ffdbb65d6c93-1740743412391-660e5b7e2e3b7996.js	ScriptElement	11 kB	2025-02-20	2025-03-17
Pretty URL woastehiwour.net/_next/static/chunks/e349ffdbb65d6c93-1740743412391-660e5b7e2e3b7996.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-17 04:22 Times Seen317 Hash a74e00413e639345f10d6d747a26073c 2ccea9e922104c2196ab706f445065fc5ad80dc1 4a0379bb0dad363ff14fff27cb471060748fe29f7f4986c5cfa64de51926f23b Loading...

	woastehiwour.net/_next/static/chunks/4a836005f8bcf7a4-1740743412391.fff493d2a43c55d5.js	ScriptElement	453 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/4a836005f8bcf7a4-1740743412391.fff493d2a43c55d5.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash 140cca520b84598c4b8495afe5449102 94733926abf3bfa26b2c5561da92ea6174566306 23ad8be29c2844c74cf763e3bd62e935f00e7600852cd67b9080a57c0747f8bd Loading...

	cdntechone.com/stattag.js	ScriptElement	16 kB	2024-07-11	2025-05-01
Pretty URL cdntechone.com/stattag.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 14:08 Last Seen2025-05-01 09:46 Times Seen5723 Hash 80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251 Loading...

	woastehiwour.net/_next/static/chunks/5f80e97b59861eae-1740743412391.d796ee7b26b320ae.js	ScriptElement	485 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/5f80e97b59861eae-1740743412391.d796ee7b26b320ae.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash 68fe64db311a0a2beeefcdd09f3dce95 027bcbc866c3dc78a908b16e680e07eb6840d149 4bde2967006ce1569e2c0c22c98290808a6ccc906c2b45d5838e65d6fb58761b Loading...

	woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a	ScriptElement	131 B	2025-02-04	2025-04-16
Pretty URL woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-04 20:32 Last Seen2025-04-16 11:01 Times Seen786 Hash 8eaf07abe3c21226f02d290822487fba ab41eb342544b53981d2ebac29075e7b672496d3 4c6cd23ba644b93505865a7e136b13f104a512551eacd2b354447955bc17d423 Loading...

	woastehiwour.net/_next/static/chunks/2317b809a320dff8-1740743412391.d045a2102aa0b159.js	ScriptElement	15 kB	2025-02-20	2025-03-21
Pretty URL woastehiwour.net/_next/static/chunks/2317b809a320dff8-1740743412391.d045a2102aa0b159.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-21 10:38 Times Seen311 Hash 14e0b9e1d48cb10fd74d9e33f84c356b bfbc7d86ab058c1494cbb887c2bb04ba6c419b41 b148f7adaa2bea0f0839cb77119ea059165d9519728c6fb4f13884478b26ffa9 Loading...

	woastehiwour.net/_next/static/chunks/8f2581ca04431b22-1740743412391.fe378dc874d64db4.js	ScriptElement	89 kB	2025-02-28	2025-03-10
Pretty URL woastehiwour.net/_next/static/chunks/8f2581ca04431b22-1740743412391.fe378dc874d64db4.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-28 22:13 Last Seen2025-03-10 12:43 Times Seen145 Hash 2b1036f3f7e993b27ea343f4444d8057 5d61b8721d09170a57fbd61f12e9a40407af637a cb292d22c13d5e549822898597c873e23096130d3d7985cf44f690052aa85fd0 Loading...

	woastehiwour.net/_next/static/chunks/c0f3edd3515d9c5f-1740743412391.188d10dcf199966c.js	ScriptElement	2.2 kB	2025-01-29	2025-04-01
Pretty URL woastehiwour.net/_next/static/chunks/c0f3edd3515d9c5f-1740743412391.188d10dcf199966c.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-29 03:00 Last Seen2025-04-01 07:56 Times Seen445 Hash 7e9da6ea12c7e9971cdf6fe33d28ff22 b6acb2e7854e105bd35061e542745bb21a37d303 0dd253c7a28b36abe67ef7d9665ee76aa3113aae09c668e5f6859c58732a4ac9 Loading...

	woastehiwour.net/_next/static/chunks/f141f7458f59f103-1740743412391.7b1724452fb2a85f.js	ScriptElement	3.4 kB	2025-02-20	2025-03-21
Pretty URL woastehiwour.net/_next/static/chunks/f141f7458f59f103-1740743412391.7b1724452fb2a85f.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-21 10:38 Times Seen369 Hash 4f5091b2bda4c8d2ac84097380cef564 11b08cb0b763e2878abb97994b7ee9e484643a0d 8f5d1c3f5990e6900998a6c0225b14b7d9e17686eed2f39574e749a39626bd72 Loading...

	woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a	ScriptElement	1.7 kB	2025-02-28	2025-03-03
Pretty URL woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-28 22:13 Last Seen2025-03-03 04:06 Times Seen22 Hash 6286bbe0f1351d960503af7933ea21d2 3d80b7549af2e00d553e5faaa32c45953b3e7218 050c0b9ff944659c9068d60322523c8e41a73ecaaab057c81e3da31d0e8a20d7 Loading...

	woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a	ScriptElement	1.8 kB	2025-02-20	2025-04-10
Pretty URL woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-20 15:41 Last Seen2025-04-10 10:22 Times Seen637 Hash 3ed7f79f81f02b855ac2dfe8fab8a13b ef44cfd07d4a762a165c5df2d5678d820d3109cc 70e868dca9dafa6943ff0bfc36cc7169bec6d604bb33117097a1592fba333495 Loading...

	woastehiwour.net/_next/static/chunks/bf7348b0f0f41677-1740743412391.c33e54f82eec272e.js	ScriptElement	30 kB	2025-02-20	2025-03-17
Pretty URL woastehiwour.net/_next/static/chunks/bf7348b0f0f41677-1740743412391.c33e54f82eec272e.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-17 04:22 Times Seen282 Hash e355310f27c8059ff791634ff21732be 52686ba1870e0eae23aadc029bdb631b6262662f ecef836065811aca160b94c51f6fbe46e7a49944e7a3f919ed44dfdbecadcc29 Loading...

	woastehiwour.net/_next/static/chunks/c360d44ead919d7f-1740743412391.8e64f8e332b18007.js	ScriptElement	5.7 kB	2025-02-20	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/c360d44ead919d7f-1740743412391.8e64f8e332b18007.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-04-16 11:01 Times Seen356 Hash d3123ce2e6881b02603b74f995e8560b b02f549cfd3d7ca06f905277c3662269410a9e83 cac0ed5de1edeed9d1184086165887121f663e8104f8cc1e5c870df1ec5c2859 Loading...

	woastehiwour.net/_next/static/3jAktM-Fp3fME09m1qG0U/_ssgManifest.js	ScriptElement	120 B	2025-02-20	2025-03-21
Pretty URL woastehiwour.net/_next/static/3jAktM-Fp3fME09m1qG0U/_ssgManifest.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-21 10:38 Times Seen373 Hash 21fac1d81e3fdf589c173a5f8adf9d0b a2346a3c90e2ded4beb39348c0d1b3de91a7cc11 0c943a0528c041e4def40a008af8a6866bd0cb79b320df736b066ba9e6d737ae Loading...

	woastehiwour.net/_next/static/chunks/624f56eeee3114bf-1740743412391.26e21342eb44f646.js	ScriptElement	654 B	2024-12-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/624f56eeee3114bf-1740743412391.26e21342eb44f646.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-12 20:20 Last Seen2025-04-16 11:01 Times Seen674 Hash 7cc88e10f9a3e8ff0f031e9a4ba31cd0 977ab696d285c13ea27d8f8d0ced6c87a25f76d4 7f60ca6df35b3e84356955f08b2180b419b79a479cd167a248846b6b9c5b6642 Loading...

	woastehiwour.net/_next/static/chunks/6d79ccd3b608095e-1740743412391.becb6280ad7b6c58.js	ScriptElement	6.1 kB	2025-02-20	2025-03-21
Pretty URL woastehiwour.net/_next/static/chunks/6d79ccd3b608095e-1740743412391.becb6280ad7b6c58.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-21 10:38 Times Seen316 Hash 839843a44c52eda832e63e3991ce78b2 99f1d01b5b8a8f132efeb4e769f07b29c7993be2 7b917f56526338c029699b201875db2bd82de6bf2b60088921c7b8d76bc8d9db Loading...

	woastehiwour.net/_next/static/chunks/81e2e5c30e8af1ae-1740743412391.1347f88c113f97c5.js	ScriptElement	25 kB	2025-02-20	2025-03-17
Pretty URL woastehiwour.net/_next/static/chunks/81e2e5c30e8af1ae-1740743412391.1347f88c113f97c5.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-17 04:22 Times Seen266 Hash befb2ebf9592e73b50709dfb5e20aa71 9c717b2e747356eb4b3f22271d677d945cacc2d8 0ea63d48e3f05ae62cc2d466087a198cda5adbf0f8709cc07dbe4f23aed42820 Loading...

	woastehiwour.net/_next/static/chunks/8a7d810c6e1be66c-1740743412391.b4e3489aaa830908.js	ScriptElement	4.9 kB	2025-02-26	2025-03-17
Pretty URL woastehiwour.net/_next/static/chunks/8a7d810c6e1be66c-1740743412391.b4e3489aaa830908.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 16:01 Last Seen2025-03-17 04:22 Times Seen216 Hash 3feae3c0a2d14184f3c63a15af53e8d3 4d1d29b4a966b37b3b412b91b91ca343ae1462fe 6764c9abc44810729dc6486413e9250a8bb680dc4fe1311fb5d7adfc22c225b7 Loading...

	woastehiwour.net/_next/static/chunks/16642289520928c9-1740743412391.cce7c766f8de695c.js	ScriptElement	385 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/16642289520928c9-1740743412391.cce7c766f8de695c.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash ab30ba5e2b86d58d7151706f22312165 cf54176bb6927380e5885a7677d642a4d5b65568 0d3699392ff93d34f13e3d7cc2e7cee2147c3e644a10c4e83e23e6c17b9eff5b Loading...

	woastehiwour.net/_next/static/chunks/87d4f301da90027c-1740743412391.6c924336fe91d465.js	ScriptElement	469 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/87d4f301da90027c-1740743412391.6c924336fe91d465.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash 98eec1c1b295a1e00b01a507a3b20440 e0796322538611aa4619b7cdf81145670c22aff4 1a0475ccc7157198a00f1c45d14fa1d6daad15ea5da33e2a9816ba50caed763f Loading...

	woastehiwour.net/_next/static/chunks/3c56943bad654b4d-1740743412391.9a7fc97fdc6c3974.js	ScriptElement	449 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/3c56943bad654b4d-1740743412391.9a7fc97fdc6c3974.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash a2f19b2c354d06cea1627770aa390b43 9f74972c581a355d9b41acbe0b390deea1e18a72 bd4b259dc0fb0f36bdf52a85d0c06a633b3ab479aa56aeab58501a0bcffa1d89 Loading...

	woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a	ScriptElement	45 kB	2025-02-20	2025-03-03
Pretty URL woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-20 15:41 Last Seen2025-03-03 04:06 Times Seen109 Hash a7cb24260429a09d079dcf85b170b41a 68f7ecdba67536533eadecba7c0f3e4b0b40a87a 9877afe0b727015863a4b6a90edc747d7fe6228e7036f44084a9084a01712fe0 Loading...

	woastehiwour.net/_next/static/chunks/f8149e5cbfd36c3e-1740743412391-2443bba88dd747cb.js	ScriptElement	41 kB	2025-02-28	2025-03-03
Pretty URL woastehiwour.net/_next/static/chunks/f8149e5cbfd36c3e-1740743412391-2443bba88dd747cb.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-28 22:13 Last Seen2025-03-03 04:06 Times Seen25 Hash 503c3c1b9558871d1004465c4d18cb10 5212acf0beef53fe31694686fec78c25e94019ff 283b8a22415b241ff70f41ac371a2d2a1fe33bca4ce20557ac9d327fa5b9ac7e Loading...

	woastehiwour.net/_next/static/chunks/8fc6f0c1ec74df4d-1740743412391.a6b08a46df5a07d6.js	ScriptElement	449 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/8fc6f0c1ec74df4d-1740743412391.a6b08a46df5a07d6.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash 61be7e5efdc875e97f7de72fb2d662ca c844dc0dcd59089007f185814f7a0302228d4f7e 4cb0d9c7faecd282664abc5b6b836d444041dfab874b344eca758c81be5be2ce Loading...

	woastehiwour.net/_next/static/chunks/d7439aca7a8b9941-1740743412391.8c1253f2c9c376e0.js	ScriptElement	465 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/d7439aca7a8b9941-1740743412391.8c1253f2c9c376e0.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash da7eb01b166a66eabe03bb0be1fc6538 8d962cb1e6c74eeb50ef4beeafc6b5dde85d66b1 f33cc37c93676417c0ec6147b6cc14295cb6f1c69a7f6b7e47801d2b91c9de0c Loading...

	woastehiwour.net/_next/static/chunks/274741f174abf909-1740743412391.958405809ca3c63f.js	ScriptElement	43 kB	2025-02-20	2025-03-21
Pretty URL woastehiwour.net/_next/static/chunks/274741f174abf909-1740743412391.958405809ca3c63f.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-21 10:38 Times Seen314 Hash 9afaf937d53ecac3a63b70d5b988b5fc da3ec3b64b16c9a30f5e0710edaa433284fb21e2 10abbea3055739bcd94f45fcc3ce3373615e23780e404bbf257a545275fbad1b Loading...

	woastehiwour.net/_next/static/3jAktM-Fp3fME09m1qG0U/_buildManifest.js	ScriptElement	1.1 kB	2025-02-28	2025-03-03
Pretty URL woastehiwour.net/_next/static/3jAktM-Fp3fME09m1qG0U/_buildManifest.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-28 22:13 Last Seen2025-03-03 04:06 Times Seen25 Hash 90dc5d11ea58168b24ed69974aafb301 0e28406da630762be8d0a7a03a6102bf0a7be195 63ef80922846eeea03712a5cf7fae57784edd93f220f9e1226551e446f6d967e Loading...

	woastehiwour.net/_next/static/chunks/06ff87a69ffa8402-1740743412391.20ef2bdcef5c98e3.js	ScriptElement	15 kB	2025-02-20	2025-03-11
Pretty URL woastehiwour.net/_next/static/chunks/06ff87a69ffa8402-1740743412391.20ef2bdcef5c98e3.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-11 12:36 Times Seen258 Hash 8ab0e58efe2e61e2bd0818de3d5ed3d3 685aa9674d9573fc8b5ab3c74b89d4e47ab89692 cf75a79d575d9ae176e79b5c507a0c045817b93567fc279060fc47b77d1056fd Loading...

	woastehiwour.net/_next/static/chunks/38dae10dbd075567-1740743412391.6d500431489e3107.js	ScriptElement	449 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/38dae10dbd075567-1740743412391.6d500431489e3107.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash 07b6c39cd2b67f1c84a37d6e6e3194b9 edbabd56a277f0b034bbebd21c9ec6e90d7360a5 3ae5873e3d03686642b03ffde31cc5f3b8d84c712d15abeefda21988483e8a12 Loading...

	woastehiwour.net/_next/static/chunks/2bdd4d62f9c07d78-1740743412391.c58aa1c95e09907f.js	ScriptElement	449 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/2bdd4d62f9c07d78-1740743412391.c58aa1c95e09907f.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash f366b61829b8fef646674cb0002a99fc c8e3a01b7d9a3cf646b249b1915289b5c3c2c4db 102dbfde4590c8abe88ee689105d517afcb16a6ea0c45cbac39cb75805b8db2a Loading...

	woastehiwour.net/_next/static/chunks/1c02c3e681ea9f6d-1740743412391-ebf163de3da5e125.js	ScriptElement	27 kB	2025-02-20	2025-03-21
Pretty URL woastehiwour.net/_next/static/chunks/1c02c3e681ea9f6d-1740743412391-ebf163de3da5e125.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-21 10:38 Times Seen372 Hash 13e53dcb0fdd948fbae71fc9917d49fb 4675d37e2bf9648c797ae16186ac79d657152030 267cc8e20007a5dbeaf155c721cdbe4a2d49b003719fc9fc4b73cc738a54a5f3 Loading...

	woastehiwour.net/_next/static/chunks/9f1c06aba0c14c68-1740743412391.ee78737e76521d31.js	ScriptElement	574 B	2025-02-20	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/9f1c06aba0c14c68-1740743412391.ee78737e76521d31.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-04-16 11:01 Times Seen330 Hash c67d1dafa03eaca5d038a58814f36d96 c68b669ace41115dd02acc8ce8ed64055b5888d9 1b132189822bbfeb080445eec2d81fe8254ad9e3e0e171933534dceced76a560 Loading...

	woastehiwour.net/_next/static/chunks/3cacc58ea516fe6f-1740743412391.4d666b3ce7dcd66f.js	ScriptElement	30 kB	2025-02-20	2025-03-21
Pretty URL woastehiwour.net/_next/static/chunks/3cacc58ea516fe6f-1740743412391.4d666b3ce7dcd66f.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-21 10:38 Times Seen373 Hash f6ad5b7a5dfc198984b0f2f9dd8aa9a0 0c3bb432b998f3638fe41081b19ef96b953f88b6 ce950b2111c9e70202bb55f16d2995155499ad9a6c842fa5946367536f130216 Loading...

	woastehiwour.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=3956710&ymid=8495520&b=8160420&campaignid=4105106&click_id=919830659003064987&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=lepaughamaudie.com&var_2=919830659003064987	ScriptElement	46 kB	2025-02-26	2025-03-06
Pretty URL woastehiwour.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=3956710&ymid=8495520&b=8160420&campaignid=4105106&click_id=919830659003064987&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=lepaughamaudie.com&var_2=919830659003064987 IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-26 14:29 Last Seen2025-03-06 09:19 Times Seen500 Hash 0f8225a5ef3eb8007c8d38ecfb10bcd4 555a8d9a9ef0b18c231093994e9e2222c150333c 9abc73166d06037dab9ba6bbb952ceb992f31f169862568463483e521ebd60f4 Loading...

	woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a	ScriptElement	4.6 kB	2025-02-20	2025-04-01
Pretty URL woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-02-20 15:41 Last Seen2025-04-01 07:51 Times Seen481 Hash 42f8a48b0474a3c7dbeed1c690b259ba 2428ba89028a083affe5327b8e0f38fb5496b6a7 3741120df634d1c2eac5ae0fcb956e085b3c02543cf8c79783e6719760217175 Loading...

	woastehiwour.net/_next/static/chunks/146d76bf3d5fb8b9-1740743412391.10f1a530b815df9e.js	ScriptElement	473 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/146d76bf3d5fb8b9-1740743412391.10f1a530b815df9e.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash d527e55ba7e883d22150d247ccdcec0c 2e259235fa32517523e41776abea2c416edcd1fc 736b44b1efe8a7b945d1f42b9f935e5b163b68563f7437d9db5280f8948ba87c Loading...

	woastehiwour.net/_next/static/chunks/d6bae2fb8d6a34c3-1740743412391.c0db0e3a6b59783d.js	ScriptElement	457 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/d6bae2fb8d6a34c3-1740743412391.c0db0e3a6b59783d.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash 05610216c084cedbf8c752386ae10455 7c50c56ef28214a85f27034ec2409078652059f5 dd275d6ec5ee3eb025fbaa819f3ef86c3cc7cc44009db1d9ab5a8da2c113f46d Loading...

	woastehiwour.net/_next/static/chunks/e5f78f6f8e725c3d-1740743412391.b91bf7e15b6154bb.js	ScriptElement	453 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/e5f78f6f8e725c3d-1740743412391.b91bf7e15b6154bb.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash 5a2e3dadc11834e8e3f753dc782aa64f bf678922f8f31a96eec18ed49451b9102eb18dbd c3c5bb24eabd37e6e7560c2c453abbb14adaf2725e82b94e832375c4f5ac341f Loading...

	woastehiwour.net/_next/static/chunks/c298f066cdf5eea8-1740743412391.10859a08deafb1af.js	ScriptElement	6.6 kB	2025-02-20	2025-03-17
Pretty URL woastehiwour.net/_next/static/chunks/c298f066cdf5eea8-1740743412391.10859a08deafb1af.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-17 04:22 Times Seen275 Hash 8b9346768da7fafe66b1a8d5e31e08ac 34d65a560c9ce62cf1f629a6e51e26f735919246 bf9f2cfd20df01d3c80b9054630e1c490d22df08d31811766a3a042fdf3d47f2 Loading...

	woastehiwour.net/_next/static/chunks/127efc6b078804ef-1740743412391.836af60a55ea3e5d.js	ScriptElement	461 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/127efc6b078804ef-1740743412391.836af60a55ea3e5d.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash bff8869d3e70c3bf2c24532f3b924a57 baef0c012ab3ed28aceadf554ea0359fd4a7b70d 9d866b99572bfb9cb93327f39530fd61f47e0c37931a2db8d1a0b2d2c37fcbf2 Loading...

	woastehiwour.net/_next/static/chunks/173ade5bfbd26474-1740743412391.68066190c17c1f40.js	ScriptElement	6.8 kB	2025-02-28	2025-03-04
Pretty URL woastehiwour.net/_next/static/chunks/173ade5bfbd26474-1740743412391.68066190c17c1f40.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-28 22:13 Last Seen2025-03-04 10:39 Times Seen36 Hash ce972c841427b6fe85bc081601e297b3 66d6ff3d7b13f2fc49456c09a8bf909c9f42418a f12a662d206a8a2144bb6f8e560564cd90a4a58861d3381cfd83fb02354428b5 Loading...

	woastehiwour.net/_next/static/chunks/13c65fd13463b31b-1740743412391.d14fb864611e4790.js	ScriptElement	445 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/13c65fd13463b31b-1740743412391.d14fb864611e4790.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash 5bc077dba81433f0945bfc97e78afb5b a46298cf8faa518dce251d08b4d1ae78e47d0d66 d9e7cb19ff2b8005429f915130bcfadc44eb6523ffb71b9be38ced06fa5c1ef3 Loading...

	woastehiwour.net/_next/static/chunks/e1178574a1ad221d-1740743412391.7389e70158c8b007.js	ScriptElement	14 kB	2025-02-20	2025-03-13
Pretty URL woastehiwour.net/_next/static/chunks/e1178574a1ad221d-1740743412391.7389e70158c8b007.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-13 02:54 Times Seen265 Hash 85ecf414640781ef1b7a0a7c54991237 c49804383f6b18ffb6c0ad122a357bf608a26c5d be4184ae0d17a36a10d52baf63124decae4424840aa9d0714896b4958cde3962 Loading...

	woastehiwour.net/_next/static/chunks/03e2b47bcba3c890-1740743412391.b726b27e9fc71bcd.js	ScriptElement	6.2 kB	2025-02-20	2025-03-21
Pretty URL woastehiwour.net/_next/static/chunks/03e2b47bcba3c890-1740743412391.b726b27e9fc71bcd.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-21 10:38 Times Seen371 Hash 2ce0201a114c5f446b23ffe21f80ffd8 e630c1fe3e41ca60f878e27fb0d8afd2b959a36f 039d6adf169d30e3693d618230074cfbbe4b96f9d559ba5a3004f7d537755603 Loading...

	woastehiwour.net/_next/static/chunks/6c6f40314822b7bc-1740743412391.4efce0441b8579a1.js	ScriptElement	3.4 kB	2024-12-20	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/6c6f40314822b7bc-1740743412391.4efce0441b8579a1.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-20 07:20 Last Seen2025-04-16 11:01 Times Seen544 Hash 87562557cd870f30dbe4cd09dc6d764b 296afc6333b9eb7e3476d821cabb1e3ffc8b6102 cb2bdc14a39c507dc11a7ab4a26f2437ab42e9cc7a8806df01f3d9047d74ea45 Loading...

	woastehiwour.net/_next/static/chunks/9695121bd9a7fe25-1740743412391-946071a7570e0cdb.js	ScriptElement	109 kB	2025-02-20	2025-03-21
Pretty URL woastehiwour.net/_next/static/chunks/9695121bd9a7fe25-1740743412391-946071a7570e0cdb.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-20 15:41 Last Seen2025-03-21 10:38 Times Seen372 Hash f0cf941f62457cf06c31736327d88bdf cbfd6e1399241d17a3283d96abae10600ea71e32 ee6528aa1d16ef12fe13a5cbb75dc65d5bb0e1e3315c40aa04c9b6ceba7b9b9a Loading...

	woastehiwour.net/_next/static/chunks/6829d026d3eb6683-1740743412391-8f624ed2f6255bd0.js	ScriptElement	55 kB	2025-02-28	2025-03-04
Pretty URL woastehiwour.net/_next/static/chunks/6829d026d3eb6683-1740743412391-8f624ed2f6255bd0.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-28 22:13 Last Seen2025-03-04 10:39 Times Seen45 Hash bcaf6ebd5ac4d29787c7930744367f42 7078b1c6b8e918dff01db386457be60851d18ddc e068448450f9c172c12086e6c3463a2a941f59580958a3a1c23f157b3ae4e943 Loading...

	woastehiwour.net/_next/static/chunks/242ad9848e8ece8a-1740743412391.b1943e20729c92aa.js	ScriptElement	457 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/242ad9848e8ece8a-1740743412391.b1943e20729c92aa.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash a0e1fd509635a1a0010f8301e4e69a71 7eac7132164c2f577a1b5afc927da31ae2d3a085 772c7fa3dd176c37446a39719e467dab4e20de220531fb4785f70cc5674f4097 Loading...

	woastehiwour.net/_next/static/chunks/af846a0375549403-1740743412391.0d49c7577f644722.js	ScriptElement	465 B	2025-01-12	2025-04-16
Pretty URL woastehiwour.net/_next/static/chunks/af846a0375549403-1740743412391.0d49c7577f644722.js IP 104.18.39.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-12 22:58 Last Seen2025-04-16 11:01 Times Seen543 Hash 4acf898947594e0552b42564dc680987 cda272bcebf57e25c6c71921f734f24514d96d97 04414cc610d1820ca863e507764c69742afbf3f1d1c3f5babe9717465481d25c Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6c2875f1a9aa4e7aea000433b300f345	17 B	2024-12-03 18:23	2025-05-01 09:46
Pretty Observations First Seen2024-12-03 18:23 Last Seen2025-05-01 09:46 Times Seen2489 Hash 6c2875f1a9aa4e7aea000433b300f345 19ada7d0dfde6c8f5e91f79429fedb4c7c2c07e8 faff5a60a2c4aa315bd6d15ef5da1b81098a7b034d3a76acb8fcfffdce74153f Loading...

HTTP Transactions (76)

URL IP Response Size

nrbodn.special4dates.net/c/0dbeb794881a1ffa?click_id=kmpwc67c389bb000afb11&j1=1&j2=&j3=&j4=&j5=&j6=&j8=1&j9=1&lp=MJ&s1=205177&s2=1999586&s3=zdsl

52.19.138.177

302 Found

109 B

URL User Request GET HTTP/2
nrbodn.special4dates.net/c/0dbeb794881a1ffa?click_id=kmpwc67c389bb000afb11&j1=1&j2=&j3=&j4=&j5=&j6=&j8=1&j9=1&lp=MJ&s1=205177&s2=1999586&s3=zdsl
IP
52.19.138.177:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.special4dates.net
Fingerprint42:37:E0:AD:7C:66:D2:DC:2E:64:60:8F:F7:2D:D8:2C:99:AA:B4:FE
ValidityTue, 31 Dec 2024 05:17:15 GMT - Mon, 31 Mar 2025 05:17:14 GMT

File type
HTML document, ASCII text
Size
109 B (109 bytes)
Hash
6b6dcddd4f79fd4eda7d899fab5ca5cb
dc235e070f188de5c7132960949e9696adafbf1b
188d5bb116e67a333ae8f63ecbdf359b0230139388c4ca84aa9a44fb394f0e4a

HTTP Headers

GET /c/0dbeb794881a1ffa?click_id=kmpwc67c389bb000afb11&j1=1&j2=&j3=&j4=&j5=&j6=&j8=1&j9=1&lp=MJ&s1=205177&s2=1999586&s3=zdsl HTTP/1.1
Host: nrbodn.special4dates.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: text/html; charset=utf-8
content-length: 109
location: https://looraunuptuph.com/link?z=8495520&var=205177&ymid=ulvgl67c38a9f00064262
set-cookie: unique_id=67c38a9f000dde22; Path=/; Expires=Wed, 30 Apr 2025 22:30:55 GMT; Secure; SameSite=None
unique_id2=67c38a9f000f2b08; Path=/; Expires=Fri, 30 May 2025 22:30:55 GMT; Secure; SameSite=None
67c38a9f000f2b08_c=1; Path=/; Expires=Fri, 30 May 2025 22:30:55 GMT; Secure; SameSite=None
ref_token=205177; Path=/; Expires=Mon, 31 Mar 2025 22:30:55 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Sat, 01 Mar 2025 22:30:55 GMT; Secure; SameSite=None
tid=ulvgl67c38a9f00064262; Path=/; Expires=Sun, 03 Feb 2030 22:30:55 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2

looraunuptuph.com/link?z=8495520&var=205177&ymid=ulvgl67c38a9f00064262

104.18.41.59

302 Found

0 B

URL User Request GET HTTP/2
looraunuptuph.com/link?z=8495520&var=205177&ymid=ulvgl67c38a9f00064262
IP
104.18.41.59:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectlooraunuptuph.com
Fingerprint26:50:A8:1B:00:57:89:7C:CC:8D:F0:2A:7C:8C:D1:CD:39:0C:D5:9A
ValidityFri, 14 Feb 2025 12:47:11 GMT - Thu, 15 May 2025 13:25:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /link?z=8495520&var=205177&ymid=ulvgl67c38a9f00064262 HTTP/1.1
Host: looraunuptuph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 01 Mar 2025 22:30:55 GMT
content-length: 0
location: https://saigopooramee.net/link?z=3956710&var=8495520
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
link: <https://saigopooramee.net>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=04817ff117104e4be18e64b26daa71a4; expires=Sun, 01 Mar 2026 22:30:55 GMT
oaidts=1740868255; expires=Sun, 01 Mar 2026 22:30:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a03390b0afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

saigopooramee.net/link?z=3956710&var=8495520

172.64.146.197

302 Found

0 B

URL User Request GET HTTP/2
saigopooramee.net/link?z=3956710&var=8495520
IP
172.64.146.197:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectsaigopooramee.net
FingerprintF2:3E:26:9F:41:41:61:D9:EE:FF:3F:21:F8:62:9B:AE:97:25:36:86
ValidityTue, 18 Feb 2025 22:38:35 GMT - Mon, 19 May 2025 23:38:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /link?z=3956710&var=8495520 HTTP/1.1
Host: saigopooramee.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 01 Mar 2025 22:30:55 GMT
content-length: 0
location: https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
link: <https://woastehiwour.net>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
set-cookie: OAID=04817fd45651496aebf0befae8eee32c; expires=Sun, 01 Mar 2026 22:30:55 GMT
oaidts=1740868255; expires=Sun, 01 Mar 2026 22:30:55 GMT
OXCCLK=4105106.1; expires=Sun, 01 Mar 2026 22:30:55 GMT
allcnt=1; expires=Sun, 01 Mar 2026 22:30:55 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a03dfacb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/0cbfdb560d57ea2e-1740743412391-cd91c5f93afede6a.js

104.18.39.72

200 OK

16 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/0cbfdb560d57ea2e-1740743412391-cd91c5f93afede6a.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
gzip compressed data, from Unix
Size
16 kB (15767 bytes)
Hash
ebc705bc032d46a040a08f06108249a8
0a893f7942ee287df9914fad3e0aff364c47e4ff
ed8aa1b5ec693b589d84631e4087ac9becb167ed3d7e726ca1a25225de3d1eca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/0cbfdb560d57ea2e-1740743412391-cd91c5f93afede6a.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:13 GMT
vary: Accept-Encoding
etag: W/"67c1a499-6fde"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a075e73569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/2317b809a320dff8-1740743412391.d045a2102aa0b159.js

104.18.39.72

200 OK

4.5 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/2317b809a320dff8-1740743412391.d045a2102aa0b159.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
gzip compressed data, from Unix
Size
4.5 kB (4485 bytes)
Hash
b1dbdc2481bd03ee1805caf6f82a40ea
4ea7f0fa3343de8f32d11e735e6735a7a686ec41
c545b2fcfe0d673af1c5880965039294f54b676d5b07edb99937f1bcaa1a0142

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2317b809a320dff8-1740743412391.d045a2102aa0b159.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:13 GMT
vary: Accept-Encoding
etag: W/"67c1a499-3b50"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e5e569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/c360d44ead919d7f-1740743412391.8e64f8e332b18007.js

104.18.39.72

200 OK

2.2 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/c360d44ead919d7f-1740743412391.8e64f8e332b18007.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
gzip compressed data, from Unix
Size
2.2 kB (2249 bytes)
Hash
43c7e03920d0da2a233539a8ca25faa2
18cea9e5fa3eb0ac8337e073682b0665403d4f20
42672868fd116f127a9df597fa3cacf06de36640f4147783044107cad10fe608

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/c360d44ead919d7f-1740743412391.8e64f8e332b18007.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:20 GMT
vary: Accept-Encoding
etag: W/"67c1a4a0-1620"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e70569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/css/0bc0cde260d08b97.css

104.18.39.72

200 OK

2.8 kB

URL GET HTTP/2
woastehiwour.net/_next/static/css/0bc0cde260d08b97.css
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
gzip compressed data, from Unix
Size
2.8 kB (2816 bytes)
Hash
4065e6bdb150286fbecb14f300320dd8
116b08357abdc2fe6e663db9b1551d8273856a71
8a0e73f12ce648cf796900ccf5d3a44215eb1945b4f7beb7bc1c66e5370db089

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: text/css
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2608
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e54569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/e1178574a1ad221d-1740743412391.7389e70158c8b007.js

104.18.39.72

200 OK

17 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/e1178574a1ad221d-1740743412391.7389e70158c8b007.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
gzip compressed data, from Unix
Size
17 kB (17211 bytes)
Hash
aa0e88e965016a834acbc62d8542db32
cc481f21016d9dfa2b3313eb2308f912dddce43d
523812c8973136007f96f9a1bb3086a20e4698290c0ef8ac69cc7d53caa19f55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/e1178574a1ad221d-1740743412391.7389e70158c8b007.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:21 GMT
vary: Accept-Encoding
etag: W/"67c1a4a1-36ab"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e5a569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/confetti-2.c36ea98d.webp

104.18.39.72

200 OK

4.3 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/confetti-2.c36ea98d.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.3 kB (4258 bytes)
Hash
483d298f3477d9b9a9ed85e2997eb888
52e1956082c558621f102ba813e7bdcee3fcb31d
24763cff62c7e5d6aa028e7bc528010333a062aef7c5682c2dfdc7bfbcece822

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/confetti-2.c36ea98d.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 4258
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-10a2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6829
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0ccc96569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/e349ffdbb65d6c93-1740743412391-660e5b7e2e3b7996.js

104.18.39.72

200 OK

11 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/e349ffdbb65d6c93-1740743412391-660e5b7e2e3b7996.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
gzip compressed data, from Unix
Size
11 kB (11345 bytes)
Hash
4987ea2ad0d7a319b043126ef661ca2f
e97624d6ac3a7b1bc93cb28be7c0c0d6eb4047b8
0da1448f36b622018d58fdb9d971e6b4043d1647452de339503524f890ea4f16

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/e349ffdbb65d6c93-1740743412391-660e5b7e2e3b7996.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:22 GMT
vary: Accept-Encoding
etag: W/"67c1a4a2-29c8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a075e80569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

188.114.97.1

200 OK

11 kB

URL GET HTTP/3
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintDC:31:A0:CC:76:0E:5C:E3:45:17:43:52:62:B5:29:18:F1:70:D7:FE
ValidityTue, 11 Feb 2025 05:59:25 GMT - Mon, 12 May 2025 06:58:07 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
11 kB (10791 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XFGp4JtUs%2Fr7pGHWROwEaQH6174BPVtO2u07me1mPXmi6KOQQlTH58pqi2lj7nR7P5wOW4NqOw3Q1Yf8MIm5%2B3roduxRyTdYZsFbKgWhu72h3As2S%2BZAO3lzKJZ%2BN8r0PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 919c1a0b9c327128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=578&min_rtt=526&rtt_var=133&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3209&recv_bytes=1118&delivery_rate=7063414&cwnd=254&unsent_bytes=0&cid=f8b68c5ef9815284&ts=36&x=0"
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/person-24.d744f92b.webp

104.18.39.72

200 OK

2.7 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/person-24.d744f92b.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.7 kB (2650 bytes)
Hash
588ec8375786f1eca8d929945e56ce3c
776a27723c235d2ae8d59985c8c9e679effe6498
94e7731534edf0b837ca2d0df13c89976d94cf63e4b603396f08128962c6e90e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/person-24.d744f92b.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 2650
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-a5a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5874
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0d0ce1569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/person-21.a285e013.webp

104.18.39.72

200 OK

2.9 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/person-21.a285e013.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.9 kB (2914 bytes)
Hash
1847b72155fd56fed9de270fb8052bee
040705d8850f41f827bae8331bf75ad5bb43e3a5
123d4819d3af4e4f8f6da6ffddde1124aa9c70bfe4a07087f82fe6590e3ac874

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/person-21.a285e013.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 2914
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-b62"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5874
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0d2d1a569d-OSL
X-Firefox-Spdy: h2

cdntechone.com/stattag.js

188.114.97.1

200 OK

10 kB

URL GET HTTP/3
cdntechone.com/stattag.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
FingerprintDC:31:A0:CC:76:0E:5C:E3:45:17:43:52:62:B5:29:18:F1:70:D7:FE
ValidityTue, 11 Feb 2025 05:59:25 GMT - Mon, 12 May 2025 06:58:07 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
10 kB (10131 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLpKOC8CNurkmeVNPrf1v3VZ%2FL7W6HkOcgqJfqQlrnYTJdeeH%2Bi7w3T%2FWxS5nkMzc2OcLJ9sgVTQUHnVVzWS2r5iIfQGUsEvyPz%2BXQu28MTlPAaXlp8QNUzcQ0OKB2g8hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 919c1a0bac347128-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=578&min_rtt=526&rtt_var=133&sent=15&recv=11&lost=0&retrans=0&sent_bytes=11544&recv_bytes=1118&delivery_rate=7063414&cwnd=254&unsent_bytes=0&cid=f8b68c5ef9815284&ts=37&x=0"
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/person-34.06e19fb9.webp

104.18.39.72

200 OK

3.3 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/person-34.06e19fb9.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.3 kB (3342 bytes)
Hash
493a8bc5ee16e54e62892df5aa14b219
b1dc6e8e6a6384f3f4a878c02d117ebae7cc3c62
619b0b3512138a42972fa24f0d6d9cdb6f8b79ddf79c23374d3f411075b3988b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/person-34.06e19fb9.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 3342
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-d0e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6600
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0d3d22569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/person-22.cbaa9850.webp

104.18.39.72

200 OK

3.2 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/person-22.cbaa9850.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.2 kB (3178 bytes)
Hash
377c84ac3a10263b980eeed8ab2a73f7
ad73fc8367fc194d5e83ea5aa22822268eaf16e4
b9031957e3bd988575ea286e1da3a9dda53e4bcf133acc33fae1176208c48924

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/person-22.cbaa9850.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 3178
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-c6a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0cfcca569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/person-30.5b232ba9.webp

104.18.39.72

200 OK

3.8 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/person-30.5b232ba9.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.8 kB (3816 bytes)
Hash
994b3a71a57969afe8d521fd99a21516
b1514932a55c1f324b7fb7796ed129af08d3e419
b5b6aded70b2da4c2e3a2245b6540765e9b9e89f425051523a060d1a6da4f28a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/person-30.5b232ba9.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 3816
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-ee8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0d2d1d569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/6829d026d3eb6683-1740743412391-8f624ed2f6255bd0.js

104.18.39.72

200 OK

19 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/6829d026d3eb6683-1740743412391-8f624ed2f6255bd0.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
gzip compressed data, from Unix
Size
19 kB (18674 bytes)
Hash
3b9e5a0e21266c8047aeffaeb0a86e8b
b9548db47c911cf554edda8dc8dca98b8764ddb2
a55807f1f58d62f50b42abcd358bf9e591284e8b3eaf602991dc9f9b1943d5b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/6829d026d3eb6683-1740743412391-8f624ed2f6255bd0.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:16 GMT
vary: Accept-Encoding
etag: W/"67c1a49c-d803"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a075e88569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/f8149e5cbfd36c3e-1740743412391-2443bba88dd747cb.js

104.18.39.72

200 OK

17 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/f8149e5cbfd36c3e-1740743412391-2443bba88dd747cb.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
gzip compressed data, from Unix
Size
17 kB (17142 bytes)
Hash
d26ecf6ba90faad3216ea49401903888
fba59f6f172988bfce2ad3c7275d05e22f649892
e4b03cd35c3b3c6c063265e4aa9f75e5a7cbf22ef802308ed496ff82e130b9d7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/f8149e5cbfd36c3e-1740743412391-2443bba88dd747cb.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:22 GMT
vary: Accept-Encoding
etag: W/"67c1a4a2-a1c6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a075e7c569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/3jAktM-Fp3fME09m1qG0U/_buildManifest.js

104.18.39.72

200 OK

6.8 kB

URL GET HTTP/2
woastehiwour.net/_next/static/3jAktM-Fp3fME09m1qG0U/_buildManifest.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
gzip compressed data, from Unix
Size
6.8 kB (6839 bytes)
Hash
dad35df49eb2a93727eeadbc5c319d94
d84430561185fcca514bce58e257a5b7cd115a81
e413448f219d5c136351f8c482b0cac9e1d82437434f252be64dfc8f1ee3d916

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/3jAktM-Fp3fME09m1qG0U/_buildManifest.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-43d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a075e8b569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

lepaughamaudie.com/event

104.18.43.142

200 OK

0 B

URL POST HTTP/2
lepaughamaudie.com/event
IP
104.18.43.142:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectlepaughamaudie.com
Fingerprint0F:7D:38:40:5C:4C:45:E4:57:AF:99:B1:D4:FD:AB:18:20:DA:91:F2
ValidityWed, 26 Feb 2025 18:52:43 GMT - Tue, 27 May 2025 19:52:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: lepaughamaudie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://woastehiwour.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://woastehiwour.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a0e6952b4f4-OSL
X-Firefox-Spdy: h2

lepaughamaudie.com/event

104.18.43.142

200 OK

0 B

URL POST HTTP/2
lepaughamaudie.com/event
IP
104.18.43.142:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectlepaughamaudie.com
Fingerprint0F:7D:38:40:5C:4C:45:E4:57:AF:99:B1:D4:FD:AB:18:20:DA:91:F2
ValidityWed, 26 Feb 2025 18:52:43 GMT - Tue, 27 May 2025 19:52:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: lepaughamaudie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://woastehiwour.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://woastehiwour.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a0e6954b4f4-OSL
X-Firefox-Spdy: h2

lepaughamaudie.com/event

104.18.43.142

200 OK

0 B

URL POST HTTP/2
lepaughamaudie.com/event
IP
104.18.43.142:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectlepaughamaudie.com
Fingerprint0F:7D:38:40:5C:4C:45:E4:57:AF:99:B1:D4:FD:AB:18:20:DA:91:F2
ValidityWed, 26 Feb 2025 18:52:43 GMT - Tue, 27 May 2025 19:52:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: lepaughamaudie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://woastehiwour.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://woastehiwour.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a0e6957b4f4-OSL
X-Firefox-Spdy: h2

lepaughamaudie.com/zone?pub=0&zone_id=8565771&is_mobile=false&domain=woastehiwour.net&var=3956710&ymid=8495520&var_3=&var_4=&dsig=&tg=1&sw=3.1.597&trace_id=1b99174d-7bf4-470c-9a5c-daa44cd53ba8&action=prerequest&drf=

104.18.43.142

200 OK

0 B

URL POST HTTP/2
lepaughamaudie.com/zone?pub=0&zone_id=8565771&is_mobile=false&domain=woastehiwour.net&var=3956710&ymid=8495520&var_3=&var_4=&dsig=&tg=1&sw=3.1.597&trace_id=1b99174d-7bf4-470c-9a5c-daa44cd53ba8&action=prerequest&drf=
IP
104.18.43.142:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectlepaughamaudie.com
Fingerprint0F:7D:38:40:5C:4C:45:E4:57:AF:99:B1:D4:FD:AB:18:20:DA:91:F2
ValidityWed, 26 Feb 2025 18:52:43 GMT - Tue, 27 May 2025 19:52:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?pub=0&zone_id=8565771&is_mobile=false&domain=woastehiwour.net&var=3956710&ymid=8495520&var_3=&var_4=&dsig=&tg=1&sw=3.1.597&trace_id=1b99174d-7bf4-470c-9a5c-daa44cd53ba8&action=prerequest&drf= HTTP/1.1
Host: lepaughamaudie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:57 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a0e9ba00b55-OSL
X-Firefox-Spdy: h2

lepaughamaudie.com/event

104.18.43.142

200 OK

0 B

URL POST HTTP/2
lepaughamaudie.com/event
IP
104.18.43.142:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectlepaughamaudie.com
Fingerprint0F:7D:38:40:5C:4C:45:E4:57:AF:99:B1:D4:FD:AB:18:20:DA:91:F2
ValidityWed, 26 Feb 2025 18:52:43 GMT - Tue, 27 May 2025 19:52:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event HTTP/1.1
Host: lepaughamaudie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://woastehiwour.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:57 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://woastehiwour.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-max-age: 86400
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a0ea997b4f4-OSL
X-Firefox-Spdy: h2

datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=a1ff056f-a976-4f9d-8f1a-3b569f8829cc

37.48.68.71

200 OK

12 B

URL POST HTTP/1.1
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=a1ff056f-a976-4f9d-8f1a-3b569f8829cc
IP
37.48.68.71:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerSectigo Limited
Subjectdatatechonert.com
FingerprintED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72
ValidityWed, 11 Dec 2024 00:00:00 GMT - Tue, 23 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=a1ff056f-a976-4f9d-8f1a-3b569f8829cc HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1544
Origin: https://woastehiwour.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sat, 01 Mar 2025 22:30:57 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://woastehiwour.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

woastehiwour.net/sw-check-permissions/universal.js?var=3956710&ymid=8495520&zoneId=8565771&tg=1

104.18.39.72

200 OK

355 B

URL GET HTTP/2
woastehiwour.net/sw-check-permissions/universal.js?var=3956710&ymid=8495520&zoneId=8565771&tg=1
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
ASCII text, with very long lines (1172), with no line terminators
Size
355 B (355 bytes)
Hash
7aa1e1daab0f9adad7199def89fdeae1
ca4a6abacadfa80b3e99875ff4729d708f342233
e7bf7cf08a2d8b345aa1e2e9d596d33020a2db106b1281e5b8af399e79dd0017

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw-check-permissions/universal.js?var=3956710&ymid=8495520&zoneId=8565771&tg=1 HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:57 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:12 GMT
vary: Accept-Encoding
etag: W/"67c1a498-494"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
expires: Sun, 02 Mar 2025 02:30:57 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0e8e98569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

lepaughamaudie.com/event

104.18.43.142

200 OK

4.2 kB

URL POST HTTP/2
lepaughamaudie.com/event
IP
104.18.43.142:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectlepaughamaudie.com
Fingerprint0F:7D:38:40:5C:4C:45:E4:57:AF:99:B1:D4:FD:AB:18:20:DA:91:F2
ValidityWed, 26 Feb 2025 18:52:43 GMT - Tue, 27 May 2025 19:52:38 GMT

File type
gzip compressed data, from Unix
Size
4.2 kB (4167 bytes)
Hash
6647e3083683270817d9ba5cfc3135b7
566bfbd49b00f1d8f13455dfb6e976b2cafc62b7
df65ec30e4207d7b9c2bd5e86100f63e7e4f5392059f8724b75e7f7261054ac4

HTTP Headers

POST /event HTTP/1.1
Host: lepaughamaudie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 456
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:57 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a0e6b770b55-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/d6bae2fb8d6a34c3-1740743412391.c0db0e3a6b59783d.js

104.18.39.72

200 OK

457 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/d6bae2fb8d6a34c3-1740743412391.c0db0e3a6b59783d.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (463), with no line terminators
Size
457 B (457 bytes)
Hash
b78106ee1be6d0d8070e800b49763a13
40e4d16723a86d128d23bb87cdb322a33482df4f
1bd2926c524c586552e6e35f6df241b7dfbc8889664a73aea410cdeb00f5a191

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/d6bae2fb8d6a34c3-1740743412391.c0db0e3a6b59783d.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1c9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0a9a0b569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/megaphone.ab784acd.webp

104.18.39.72

200 OK

770 B

URL GET HTTP/2
woastehiwour.net/_next/static/media/megaphone.ab784acd.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
770 B (770 bytes)
Hash
66a5e8404b4514c579de67193ceae684
f41725c0b728ace6b8a7a328104ab25ae12eb778
71550ce5c0583f2db91a7644ae869cb122cbc76f5718915e789243d6297d5f89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/megaphone.ab784acd.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 770
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-302"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a082f61569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/03e2b47bcba3c890-1740743412391.b726b27e9fc71bcd.js

104.18.39.72

200 OK

6.2 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/03e2b47bcba3c890-1740743412391.b726b27e9fc71bcd.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (6273), with no line terminators
Size
6.2 kB (6179 bytes)
Hash
183547e910e9d9ed863cf18a814336aa
3832a716f5b6abd51ad86de2ff6a196d9d6d76e2
b61c4c90bda46986828adfc72579122541a3dd73d10249a5bd10f36a2771418e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/03e2b47bcba3c890-1740743412391.b726b27e9fc71bcd.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:12 GMT
vary: Accept-Encoding
etag: W/"67c1a498-1823"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2602
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0958c5569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/views.3ac91604.webp

104.18.39.72

200 OK

1.1 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/views.3ac91604.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.1 kB (1074 bytes)
Hash
e97abf6f136d9497fc14cb9e72b2c636
51f062d0abe008f75f96ad377deea587d47c381c
b462d5f38bf4519ff8232bcaa8c7e7420ed95c2a5e0d180565013aa7f3437776

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/views.3ac91604.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 1074
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-432"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a082f64569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/6d79ccd3b608095e-1740743412391.becb6280ad7b6c58.js

104.18.39.72

200 OK

6.1 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/6d79ccd3b608095e-1740743412391.becb6280ad7b6c58.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (6238), with no line terminators
Size
6.1 kB (6140 bytes)
Hash
26175787038d9ccf2e640590d87a4514
107618c3d5d1014c72e0791fb62c1b25902cc029
3379e8363345f9b02a6e05c3b9629620390fa671dd5349017417d1da6c6b3cec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/6d79ccd3b608095e-1740743412391.becb6280ad7b6c58.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:16 GMT
vary: Accept-Encoding
etag: W/"67c1a49c-17fc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2602
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0958cd569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/127efc6b078804ef-1740743412391.836af60a55ea3e5d.js

104.18.39.72

200 OK

461 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/127efc6b078804ef-1740743412391.836af60a55ea3e5d.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (467), with no line terminators
Size
461 B (461 bytes)
Hash
b614b0376e5f81de8cdce6303de0841e
3db3b10e3e48dd1dcd0c1cfa14e482b460137c34
9e03ab4cb6ab1ff090e69771327a534dffee7b9322cb3e9e8cf7e1bdfdf88823

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/127efc6b078804ef-1740743412391.836af60a55ea3e5d.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1cd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0a49a7569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/242ad9848e8ece8a-1740743412391.b1943e20729c92aa.js

104.18.39.72

200 OK

457 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/242ad9848e8ece8a-1740743412391.b1943e20729c92aa.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (463), with no line terminators
Size
457 B (457 bytes)
Hash
4143f6c793bb98263870ac8c849f4970
7ba56dcc28f306b6c41971f84c2eb6f98bf11d00
2562831b622957f9c72ee7c215709c63a5c14ab92260a591f7cb6ebe78726b82

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/242ad9848e8ece8a-1740743412391.b1943e20729c92aa.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1c9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0b0a91569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a

104.18.39.72

200 OK

116 kB

URL User Request GET HTTP/2
woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type

Size
116 kB (115954 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: text/html
cf-ray: 919c1a047b33569d-OSL
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Feb 2025 11:56:25 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/heart.53f2cd83.webp

104.18.39.72

200 OK

866 B

URL GET HTTP/2
woastehiwour.net/_next/static/media/heart.53f2cd83.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
866 B (866 bytes)
Hash
5ccd0e0b546c18b101aee4ddd519981d
9713e1200e35c8c3f682fa792fda89b898cf7aca
b489e2b31ce3037d8e68aa8acb36df8d726f489ea28a0aa2bb107487cf371348

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/heart.53f2cd83.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 866
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-362"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a082f60569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/146d76bf3d5fb8b9-1740743412391.10f1a530b815df9e.js

104.18.39.72

200 OK

473 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/146d76bf3d5fb8b9-1740743412391.10f1a530b815df9e.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (479), with no line terminators
Size
473 B (473 bytes)
Hash
f86fc3501f2234d05f9f68e2694f8134
2dbd1c47b12f68fe9ebbc0e40398a140f7eb00d5
085e37417994fa7412bb575dcad10375f44069b136aaa4f2c34ac279a1e46f68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/146d76bf3d5fb8b9-1740743412391.10f1a530b815df9e.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1d9"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0aca51569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/3cacc58ea516fe6f-1740743412391.4d666b3ce7dcd66f.js

104.18.39.72

200 OK

30 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/3cacc58ea516fe6f-1740743412391.4d666b3ce7dcd66f.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (29982), with no line terminators
Size
30 kB (29982 bytes)
Hash
f6ad5b7a5dfc198984b0f2f9dd8aa9a0
0c3bb432b998f3638fe41081b19ef96b953f88b6
ce950b2111c9e70202bb55f16d2995155499ad9a6c842fa5946367536f130216

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3cacc58ea516fe6f-1740743412391.4d666b3ce7dcd66f.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:15 GMT
vary: Accept-Encoding
etag: W/"67c1a49b-751e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2608
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e57569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/af846a0375549403-1740743412391.0d49c7577f644722.js

104.18.39.72

200 OK

465 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/af846a0375549403-1740743412391.0d49c7577f644722.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (471), with no line terminators
Size
465 B (465 bytes)
Hash
077416798998a684ff40fb3863cbc0a0
3641e4f818e4b2be2175e64a1f4be13510d17084
ec079bf75e188a1175a464e4e542cfa4c5edfd0e4473476df1db3dbadf7218b2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/af846a0375549403-1740743412391.0d49c7577f644722.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1d1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0b0a99569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/13c65fd13463b31b-1740743412391.d14fb864611e4790.js

104.18.39.72

200 OK

445 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/13c65fd13463b31b-1740743412391.d14fb864611e4790.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (451), with no line terminators
Size
445 B (445 bytes)
Hash
661d21f3a41e56a53cb44ddb62369251
0f70f2195b6db85f669894fce7c33740b7de1d0f
81fbf2c2174c4f07a9f0a6b4d53b3c6bc0d068e2a92017e52f6727d2ab932228

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/13c65fd13463b31b-1740743412391.d14fb864611e4790.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1bd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0a59bb569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/87d4f301da90027c-1740743412391.6c924336fe91d465.js

104.18.39.72

200 OK

469 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/87d4f301da90027c-1740743412391.6c924336fe91d465.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (475), with no line terminators
Size
469 B (469 bytes)
Hash
a076bf21751bc141e97406fbb584fac5
8064e789e206492b6038a0ee3756f6c2d384df7b
9ae20e9dcbb6a5533157562cd1834a3d304dcd6b77d3788b113ad86ad9daafe5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/87d4f301da90027c-1740743412391.6c924336fe91d465.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1d5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0ada68569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/81e2e5c30e8af1ae-1740743412391.1347f88c113f97c5.js

104.18.39.72

200 OK

25 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/81e2e5c30e8af1ae-1740743412391.1347f88c113f97c5.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type

Size
25 kB (24669 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/81e2e5c30e8af1ae-1740743412391.1347f88c113f97c5.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:17 GMT
vary: Accept-Encoding
etag: W/"67c1a49d-605d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e5b569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/bf7348b0f0f41677-1740743412391.c33e54f82eec272e.js

104.18.39.72

200 OK

30 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/bf7348b0f0f41677-1740743412391.c33e54f82eec272e.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (30026), with no line terminators
Size
30 kB (30026 bytes)
Hash
e355310f27c8059ff791634ff21732be
52686ba1870e0eae23aadc029bdb631b6262662f
ecef836065811aca160b94c51f6fbe46e7a49944e7a3f919ed44dfdbecadcc29

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/bf7348b0f0f41677-1740743412391.c33e54f82eec272e.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:20 GMT
vary: Accept-Encoding
etag: W/"67c1a4a0-754a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e6a569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/274741f174abf909-1740743412391.958405809ca3c63f.js

104.18.39.72

200 OK

43 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/274741f174abf909-1740743412391.958405809ca3c63f.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (42949), with no line terminators
Size
43 kB (42949 bytes)
Hash
9afaf937d53ecac3a63b70d5b988b5fc
da3ec3b64b16c9a30f5e0710edaa433284fb21e2
10abbea3055739bcd94f45fcc3ce3373615e23780e404bbf257a545275fbad1b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/274741f174abf909-1740743412391.958405809ca3c63f.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:14 GMT
vary: Accept-Encoding
etag: W/"67c1a49a-a7c5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e6d569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/38dae10dbd075567-1740743412391.6d500431489e3107.js

104.18.39.72

200 OK

449 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/38dae10dbd075567-1740743412391.6d500431489e3107.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (455), with no line terminators
Size
449 B (449 bytes)
Hash
c3909e39f684d50598cd82eebdcaf59b
3e8002d90756209e1df519b7d3cfe4bc675f6e7b
4af3aada23b3341b12e82b280d69a8dc53c525af41fd4122244ed7bde42675dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/38dae10dbd075567-1740743412391.6d500431489e3107.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0b2abc569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/favicon.ico

104.18.39.72

204 No Content

0 B

URL GET HTTP/2
woastehiwour.net/favicon.ico
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=5s8fnfim8d0k672e8fwop4lauh6zkm; syncedCookie=true; oaidts=1740868257
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 01 Mar 2025 22:30:57 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: MISS
expires: Sun, 02 Mar 2025 02:30:57 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 919c1a1179de569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=3956710&ymid=8495520&b=8160420&campaignid=4105106&click_id=919830659003064987&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=lepaughamaudie.com&var_2=919830659003064987

104.18.39.72

200 OK

46 kB

URL GET HTTP/2
woastehiwour.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=3956710&ymid=8495520&b=8160420&campaignid=4105106&click_id=919830659003064987&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=lepaughamaudie.com&var_2=919830659003064987
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (46502), with no line terminators
Size
46 kB (46502 bytes)
Hash
0f8225a5ef3eb8007c8d38ecfb10bcd4
555a8d9a9ef0b18c231093994e9e2222c150333c
9abc73166d06037dab9ba6bbb952ceb992f31f169862568463483e521ebd60f4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?sw=/sw-check-permissions/universal.js&var=3956710&ymid=8495520&b=8160420&campaignid=4105106&click_id=919830659003064987&rhd=1&btz=UTC&bto=0&z=8565771&cdn=1&domain=lepaughamaudie.com&var_2=919830659003064987 HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Thu, 27 Feb 2025 14:28:07 GMT
vary: Accept-Encoding
etag: W/"67c07677-b5a6"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
cf-cache-status: MISS
server: cloudflare
cf-ray: 919c1a082f57569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/sync-metrics

104.18.39.72

200 OK

17 B

URL POST HTTP/2
woastehiwour.net/sync-metrics
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
17 B (17 bytes)
Hash
225f751e75610b98f8b287e79370be3a
9e29d2c966fb36f3d233dfb232be6eeeee8f1341
0b19f26f50f17771f6562e4cf8c7bead37ba5aeeeec7cbfaf2576a6647401569

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /sync-metrics HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 506
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 5bbd0a4fa4b7371c0591f95b131cfd36
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a0a0965569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/person-32.5cea9256.webp

104.18.39.72

200 OK

3.4 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/person-32.5cea9256.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.4 kB (3372 bytes)
Hash
5e646bb71dc10f2afd85b8d8ac76b1a6
163f9df1093b01b79812b926fde0e510e4db5cdb
d05ef60aa46ff6d0c80bfceb579bfe80774c9af0ea2db49855a627961731e277

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/person-32.5cea9256.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 3372
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-d2c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 82
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0d0cdc569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/c0f3edd3515d9c5f-1740743412391.188d10dcf199966c.js

104.18.39.72

200 OK

2.2 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/c0f3edd3515d9c5f-1740743412391.188d10dcf199966c.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (2276), with no line terminators
Size
2.2 kB (2193 bytes)
Hash
671742ed9aac5da698d38d80a90eb775
999e8bbdb575a3a3909abe0161f08046c7f9e82e
c8eed3e775bb4b273a6d033c9279834cc6e20aed06e2824506140a3c6845884e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/c0f3edd3515d9c5f-1740743412391.188d10dcf199966c.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-891"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e65569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/06ff87a69ffa8402-1740743412391.20ef2bdcef5c98e3.js

104.18.39.72

200 OK

15 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/06ff87a69ffa8402-1740743412391.20ef2bdcef5c98e3.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type

Size
15 kB (15282 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/06ff87a69ffa8402-1740743412391.20ef2bdcef5c98e3.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:13 GMT
vary: Accept-Encoding
etag: W/"67c1a499-3bb2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2602
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0958c7569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/16642289520928c9-1740743412391.cce7c766f8de695c.js

104.18.39.72

200 OK

385 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/16642289520928c9-1740743412391.cce7c766f8de695c.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (391), with no line terminators
Size
385 B (385 bytes)
Hash
4f4cca3bbbc43c9202524018cf7d8620
d9512e432b82a98e62d5f27d1373d9ff973c002f
0d6847aef607b198a1ee240473114614a93ada5936a1167594481d769f76f6d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/16642289520928c9-1740743412391.cce7c766f8de695c.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-181"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0b0a92569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/8f2581ca04431b22-1740743412391.fe378dc874d64db4.js

104.18.39.72

200 OK

89 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/8f2581ca04431b22-1740743412391.fe378dc874d64db4.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
89 kB (89400 bytes)
Hash
2b1036f3f7e993b27ea343f4444d8057
5d61b8721d09170a57fbd61f12e9a40407af637a
cb292d22c13d5e549822898597c873e23096130d3d7985cf44f690052aa85fd0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8f2581ca04431b22-1740743412391.fe378dc874d64db4.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:17 GMT
vary: Accept-Encoding
etag: W/"67c1a49d-15d38"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e62569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/f141f7458f59f103-1740743412391.7b1724452fb2a85f.js

104.18.39.72

200 OK

3.4 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/f141f7458f59f103-1740743412391.7b1724452fb2a85f.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (3455), with no line terminators
Size
3.4 kB (3383 bytes)
Hash
6e546c711b4ac677652d2ccfe1044279
24dc123e33c29b0e8be2067b1047a6c7abe83a96
667d8b62d049e0a97606c7759940291358b1c2c4fd94329a12dd03dbf66acc06

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/f141f7458f59f103-1740743412391.7b1724452fb2a85f.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:22 GMT
vary: Accept-Encoding
etag: W/"67c1a4a2-d37"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2602
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0958d4569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/5f80e97b59861eae-1740743412391.d796ee7b26b320ae.js

104.18.39.72

200 OK

485 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/5f80e97b59861eae-1740743412391.d796ee7b26b320ae.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (491), with no line terminators
Size
485 B (485 bytes)
Hash
dfda463ac50781d113391d36396e4a2b
7d7cfd8b7e8455fc1af3e1423a6ccd3236035e4c
33f6f13e47fccc038f1978972d4a70bd2febf340b05ab713c13e726509e30b49

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/5f80e97b59861eae-1740743412391.d796ee7b26b320ae.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1e5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0a59c7569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/2bdd4d62f9c07d78-1740743412391.c58aa1c95e09907f.js

104.18.39.72

200 OK

449 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/2bdd4d62f9c07d78-1740743412391.c58aa1c95e09907f.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (455), with no line terminators
Size
449 B (449 bytes)
Hash
6856d9e4ade1e8756d20ff3f000e4011
a5ebe7acede23f1bbdb5c868112ef51b767a0277
7ebec28980bdf99f4a5571ed93ee10d8a3739ef067a084c4ccf40c434187fa33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2bdd4d62f9c07d78-1740743412391.c58aa1c95e09907f.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0b3ac0569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/173ade5bfbd26474-1740743412391.68066190c17c1f40.js

104.18.39.72

200 OK

6.8 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/173ade5bfbd26474-1740743412391.68066190c17c1f40.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (6918), with no line terminators
Size
6.8 kB (6835 bytes)
Hash
ebf48dfa51ddf3ac2f8702543483c007
68673a82a5f07ea41a22aa930fdf2d092b121a96
84a8dc85cad555c03f23e61801185c3c28ebf03535e15a77c0492c7b53ffc090

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/173ade5bfbd26474-1740743412391.68066190c17c1f40.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:13 GMT
vary: Accept-Encoding
etag: W/"67c1a499-1ab3"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e60569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/3jAktM-Fp3fME09m1qG0U/_ssgManifest.js

104.18.39.72

200 OK

120 B

URL GET HTTP/2
woastehiwour.net/_next/static/3jAktM-Fp3fME09m1qG0U/_ssgManifest.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
ASCII text, with no line terminators
Size
120 B (120 bytes)
Hash
7b10cb073fc3ca3fdaccfa110b5cc938
c4ee546a6f5be40a010c40cc5324024617e4a7a4
ce24007874bc6c23d831eb1c13fdf623e33f4a524a88ac6f3b67813942bc95b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/3jAktM-Fp3fME09m1qG0U/_ssgManifest.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:12 GMT
vary: Accept-Encoding
etag: W/"67c1a498-78"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2603
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a075e8c569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/c298f066cdf5eea8-1740743412391.10859a08deafb1af.js

104.18.39.72

200 OK

6.6 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/c298f066cdf5eea8-1740743412391.10859a08deafb1af.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (6895), with no line terminators
Size
6.6 kB (6606 bytes)
Hash
aeff3de13f66fd44d8c02feb07c95c86
53646bb12db0aa5d16437c37c256a62cafc5f9ba
9bdd47d76debb0ecd9cd15a2c785502c273e67963924468a879e42dfe031339a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/c298f066cdf5eea8-1740743412391.10859a08deafb1af.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:20 GMT
vary: Accept-Encoding
etag: W/"67c1a4a0-19ce"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2602
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0968db569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/3c56943bad654b4d-1740743412391.9a7fc97fdc6c3974.js

104.18.39.72

200 OK

449 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/3c56943bad654b4d-1740743412391.9a7fc97fdc6c3974.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (455), with no line terminators
Size
449 B (449 bytes)
Hash
fa05ba44235dbda2b264298db0cc6c79
0af61b59314f2e84e0d57b480a4d520ed5c2cad2
f7666b5ee4bef26bef8ad075329c87253f7448ec4aeb54a1a984c7dd0878424a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3c56943bad654b4d-1740743412391.9a7fc97fdc6c3974.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2600
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0b3ac2569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/person-26.a4c1d2a6.webp

104.18.39.72

200 OK

2.7 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/person-26.a4c1d2a6.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.7 kB (2712 bytes)
Hash
b74c9fa59f2d0405ec351240c503dcb8
6e9522c102f8b78f9fbd2ff8f81fd32e6f615a7b
a9af5e537bf204b98e8adb21c130e2bd71a30bb1808da53e043de6ae203fa979

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/person-26.a4c1d2a6.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 2712
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-a98"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 82
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0d3d1e569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/8a7d810c6e1be66c-1740743412391.b4e3489aaa830908.js

104.18.39.72

200 OK

4.9 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/8a7d810c6e1be66c-1740743412391.b4e3489aaa830908.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (5169), with no line terminators
Size
4.9 kB (4947 bytes)
Hash
e8ef03c1ba9d9af8f9a08aefbc566661
094eeea65bc66afa1f141e7c46edbf1641845d75
216dd62b6acc3ec38a3a97d6d008ac12463c1104f32a93d9aa3bfcdc9b65edf9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8a7d810c6e1be66c-1740743412391.b4e3489aaa830908.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1353"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a074e6c569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/624f56eeee3114bf-1740743412391.26e21342eb44f646.js

104.18.39.72

200 OK

654 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/624f56eeee3114bf-1740743412391.26e21342eb44f646.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (681), with no line terminators
Size
654 B (654 bytes)
Hash
0d5d89266b8ecdf6ae599c7039c0afae
771b53f584040ae6aed3ce105915024990db3fd8
78dfe025bb7e494cfe67ab43354579ba1f6cda33342dff5e85928a9307288899

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/624f56eeee3114bf-1740743412391.26e21342eb44f646.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-28e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0a2996569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=5s8fnfim8d0k672e8fwop4lauh6zkm

172.64.146.234

200 OK

63 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=5s8fnfim8d0k672e8fwop4lauh6zkm
IP
172.64.146.234:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint56:7F:53:10:57:2F:C3:F4:06:8B:DB:2F:C1:F7:6A:1D:68:59:14:3F
ValiditySat, 04 Jan 2025 10:02:11 GMT - Fri, 04 Apr 2025 11:00:33 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
63 B (63 bytes)
Hash
56663ecf8a4fc6dce8c2c23be96d0001
58268439d09b0ec8deb5a6ded87fc25d9b1afef4
cfade9806d80c807ba3834dac8880c685783ac4e08194a4c4c6104958e8a35a2

HTTP Headers

GET /gid.js?userId=5s8fnfim8d0k672e8fwop4lauh6zkm HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://woastehiwour.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://woastehiwour.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
set-cookie: ID=5s8fnfim8d0k672e8fwop4lauh6zkm; expires=Sun, 01 Mar 2026 22:30:56 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 919c1a0a4ce856c9-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/confetti-3.22ce5e15.webp

104.18.39.72

200 OK

7.4 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/confetti-3.22ce5e15.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.4 kB (7428 bytes)
Hash
6ffe537f32b7be06a870808ee94dadc5
598b8776ac199d0d8737969255c81da7c2cf16f2
e0ddaa01c812e3cdc7963b53edf9a53867a1930a7a566edeb872a0f36da94f7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/confetti-3.22ce5e15.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 7428
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-1d04"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6829
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0ccc97569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/8fc6f0c1ec74df4d-1740743412391.a6b08a46df5a07d6.js

104.18.39.72

200 OK

449 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/8fc6f0c1ec74df4d-1740743412391.a6b08a46df5a07d6.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (455), with no line terminators
Size
449 B (449 bytes)
Hash
2899abaaca7ebca8137f9956f49255bc
b0299ff2146427d399f3f7d90121bd3cc104299e
3a9d084b7f77f91b4734a6c73a9b57846ee38ef859b90d6e761db6946b78fe24

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8fc6f0c1ec74df4d-1740743412391.a6b08a46df5a07d6.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1c1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0a39a0569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/d7439aca7a8b9941-1740743412391.8c1253f2c9c376e0.js

104.18.39.72

200 OK

465 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/d7439aca7a8b9941-1740743412391.8c1253f2c9c376e0.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (471), with no line terminators
Size
465 B (465 bytes)
Hash
5070444a5a78ee0ece4f94b7160645fa
16c99c4e57dd99a6e8deded831fb6da7eebfa485
aced97608de9880d8279a915c52c7a22772d9abeb88130166f5a5d19ea32e546

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/d7439aca7a8b9941-1740743412391.8c1253f2c9c376e0.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1d1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0aea6c569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/6c6f40314822b7bc-1740743412391.4efce0441b8579a1.js

104.18.39.72

200 OK

3.4 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/6c6f40314822b7bc-1740743412391.4efce0441b8579a1.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (3545), with no line terminators
Size
3.4 kB (3442 bytes)
Hash
388170b8a956ca09e3d2840fee805a2b
37c1e70206b0433ad9d8aba17b2f59f8ba928c1a
44284f63a7924f7e4300c0a1fd15ade737156b31603d7d2b70e2171f62df3eca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/6c6f40314822b7bc-1740743412391.4efce0441b8579a1.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-d72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2602
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0988fb569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/9f1c06aba0c14c68-1740743412391.ee78737e76521d31.js

104.18.39.72

200 OK

574 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/9f1c06aba0c14c68-1740743412391.ee78737e76521d31.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (576), with no line terminators
Size
574 B (574 bytes)
Hash
1f5c5bca5e2f055b1792b279d63b0579
35feb0cea898bc2a2173c05f10c5c7ca698a4ccf
261d8e4d7686726e007c83864b340e07e4ba81f12bbc6a7267b22449d526ab71

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/9f1c06aba0c14c68-1740743412391.ee78737e76521d31.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:19 GMT
vary: Accept-Encoding
etag: W/"67c1a49f-23e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2602
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a09d947569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/confetti-1.7ba08d11.webp

104.18.39.72

200 OK

12 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/confetti-1.7ba08d11.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11774 bytes)
Hash
eb224b5a86e8c9f478bd6f2a8c3c53ac
0bdc5a91bb1c87fe55b023ee6cef886edb64967e
e910f36c92776b4e4a415316307a6cbb4d4f039bb8d66dd094c7b90d76f6fa1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/confetti-1.7ba08d11.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 11774
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-2dfe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6829
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0ccc93569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/media/person-29.73effde7.webp

104.18.39.72

200 OK

3.3 kB

URL GET HTTP/2
woastehiwour.net/_next/static/media/person-29.73effde7.webp
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.3 kB (3282 bytes)
Hash
f056fca1ff4905abc7f176ac97a51b4e
aa36ec73e22e130f0222d3403c590b7c1bf2a501
2f4095eedb5fad7a3d85414d111fc1578da4e3cd8377512b5d9eff81409e54ee

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/person-29.73effde7.webp HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: image/webp
content-length: 3282
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: "67c1a460-cd2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
server: cloudflare
cf-ray: 919c1a0d0cdd569d-OSL
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/1c02c3e681ea9f6d-1740743412391-ebf163de3da5e125.js

104.18.39.72

200 OK

27 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/1c02c3e681ea9f6d-1740743412391-ebf163de3da5e125.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (26652), with no line terminators
Size
27 kB (26652 bytes)
Hash
13e53dcb0fdd948fbae71fc9917d49fb
4675d37e2bf9648c797ae16186ac79d657152030
267cc8e20007a5dbeaf155c721cdbe4a2d49b003719fc9fc4b73cc738a54a5f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/1c02c3e681ea9f6d-1740743412391-ebf163de3da5e125.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:13 GMT
vary: Accept-Encoding
etag: W/"67c1a499-681c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a075e74569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/9695121bd9a7fe25-1740743412391-946071a7570e0cdb.js

104.18.39.72

200 OK

109 kB

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/9695121bd9a7fe25-1740743412391-946071a7570e0cdb.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
109 kB (109045 bytes)
Hash
f0cf941f62457cf06c31736327d88bdf
cbfd6e1399241d17a3283d96abae10600ea71e32
ee6528aa1d16ef12fe13a5cbb75dc65d5bb0e1e3315c40aa04c9b6ceba7b9b9a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/9695121bd9a7fe25-1740743412391-946071a7570e0cdb.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:55 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:57:18 GMT
vary: Accept-Encoding
etag: W/"67c1a49e-1a9f5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2604
expires: Sun, 02 Mar 2025 02:30:55 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a075e79569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/4a836005f8bcf7a4-1740743412391.fff493d2a43c55d5.js

104.18.39.72

200 OK

453 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/4a836005f8bcf7a4-1740743412391.fff493d2a43c55d5.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (459), with no line terminators
Size
453 B (453 bytes)
Hash
4ee9a52fa5b221544de592b9b9658c44
36a90b9107106989de9b10c9aec69c1d50d055de
adb8d405568e5be15d68e01bd893732448cfc5e1aa1c047257d6b8258e556a90

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/4a836005f8bcf7a4-1740743412391.fff493d2a43c55d5.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1c5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0a79df569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

woastehiwour.net/_next/static/chunks/e5f78f6f8e725c3d-1740743412391.b91bf7e15b6154bb.js

104.18.39.72

200 OK

453 B

URL GET HTTP/2
woastehiwour.net/_next/static/chunks/e5f78f6f8e725c3d-1740743412391.b91bf7e15b6154bb.js
IP
104.18.39.72:443
ASN
#13335 CLOUDFLARENET

Requested by
https://woastehiwour.net/sweeps-survey/1383/?s=919830659003064987&z=3956710&var=8495520&campaignid=4105106&b=8160420&ymid=919830659003064987&city=oslo&svar=1740868255&ssk=4871a53a1dbc58a957bbb4e904fae68a
Certificate
IssuerGoogle Trust Services
Subjectwoastehiwour.net
Fingerprint40:CC:CE:D0:AE:FE:C8:A0:77:33:D9:DF:38:76:A2:01:92:51:7C:6B
ValidityFri, 10 Jan 2025 16:01:29 GMT - Thu, 10 Apr 2025 17:01:25 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (459), with no line terminators
Size
453 B (453 bytes)
Hash
33014746e0401d5b543e8023042ee62f
599d33cf6fe6eb0b555145b2af56136cc278e83b
0c0f1e65045edffc1ef8bdda1eea4e92646327fdc3d4b2653f7100cf346edd55

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/e5f78f6f8e725c3d-1740743412391.b91bf7e15b6154bb.js HTTP/1.1
Host: woastehiwour.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Mar 2025 22:30:56 GMT
content-type: application/javascript
last-modified: Fri, 28 Feb 2025 11:56:16 GMT
vary: Accept-Encoding
etag: W/"67c1a460-1c5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2601
expires: Sun, 02 Mar 2025 02:30:56 GMT
cache-control: public, max-age=14400
server: cloudflare
cf-ray: 919c1a0aea74569d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (51)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML