| gutuchewaids.com/img/dating/jessica.webp | 172.67.148.33 | 200 OK | 20 kB |
URL GET HTTP/3gutuchewaids.com/img/dating/jessica.webp IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 500x390, Scaling: [none]x[none], YUV color, decoders should clamp Hash32015af3744ecf213e5d89661f763e88 258614fc256b6fac24fb952e4c0364ccfd309553 d9d561a628dfa01b112d7ab632da73d2270de5fae7549cc196ed0112fbbb9ebb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/dating/jessica.webp HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/webp
content-length: 20200
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-4ee8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cjD%2FipJ8e3mNnth3Su74ybxzXbkXSdeyLGBU2gfXNmml0ErI4uE3S0yVEzJ2gXyn6jLH34%2F1e67rtRbhfKmE0YkDf%2BnuKlISiBjlAKnBs5KNo21lUWDuu7tkLRTWG5O6xh7I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789f456a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/img/dating/milana.webp | 172.67.148.33 | | 8.5 kB |
URL gutuchewaids.com/img/dating/milana.webp IP172.67.148.33:0
CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 500x375, Scaling: [none]x[none], YUV color, decoders should clamp Hasha720c0311818090ac5d0011ac1ee9169 23303f8fa9932fe369b39e9c92503147cb6b9526 d47c3085088b0964867de396473c6552befe6f13ad3946718f76f7ff8a781b6d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/dating/milana.webp HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/webp
content-length: 8522
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-214a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5EVpWNAd3Ow3pVXEC%2FvKHjL3zGv2K10hYSs3Vj5V3nEHeRc72QFklnQCCeyeEznc34bGkqsKqGOABUndGQsGG%2BOYcl5rZs2AIBIh2jJG1y8Q9VAwZIHdJMTYhil0r%2BeDGgvW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789f856a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/img/dating/adriana.webp | 172.67.148.33 | 200 OK | 10 kB |
URL GET HTTP/3gutuchewaids.com/img/dating/adriana.webp IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 500x500, Scaling: [none]x[none], YUV color, decoders should clamp Hasha72acf36a318a48fae3269a70e595350 c89b823e53a6aca172a8998621f7767838586c25 5800f01a47e4c9266b23e3c9bc9d1cba7ca6a7860405d70bbe67c47bcea2cec0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/dating/adriana.webp HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/webp
content-length: 10520
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-2918"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ANQll7vXIyZYVfqfh6m46kOuo536WgOi8oKhUvGhXQoOJ4EsCtJhBIPVC3K%2FrLXpEqNzOCXJyzm4rmGvvuzDMPV4fXrt7%2BhEJaioArxcZgpfyaWSYNhHpFrb8oYhRb%2F0oyQy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71799f956a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/img/dating/jayden.webp | 172.67.148.33 | 200 OK | 4.9 kB |
URL GET HTTP/3gutuchewaids.com/img/dating/jayden.webp IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 360x241, Scaling: [none]x[none], YUV color, decoders should clamp Hash1b1a762ced577ff1ae9c8e28f871f413 dd14acfc0e7b93dc6d2ca9ef13bbfd8682f62eba 7ab7205c68dd0cc636ba0be7046e43f266c131cd8725cc9857b7bb801f3113c3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/dating/jayden.webp HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/webp
content-length: 4912
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-1330"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BOxEHin0JH2Tqlb8mDLPZDbnugaTPRLdUUTvRtMuE8fkU7ZvhVAKwx71MfU2lQBfHVMA1JENjKGeOZ3MugjSvSkOtm%2B9gS4YOOu90oukXbJgAslSHozv2d8%2Fi%2BfSMp%2FxwiCX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71799fb56a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b | 172.67.148.33 | | 5.3 kB |
URL gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b IP172.67.148.33:0
CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeHTML document, ASCII text, with very long lines (12804), with no line terminators Hash9d24f696798ba9a843a74dd612dbabda 3f186113fdff0bbc2e63da541f9b7770b8bc9b9a b07865d16e2697889533fdef9a28f9038849626b1346def33949c87f8c17f319
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 11:44:13 GMT
content-type: text/html
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FU8%2BuHi3%2FMX8a2iTTel39Ziw1Hm4a7bI9wQMFZqFiACwdZu%2B0RKvMWvF9kpAxJbKqQwjudZnMnReqMvohn1rMpCYgvAihlXm3D%2BXSbfUD7iU6S3t4mJLNXVzy8aQyA%2B46Y%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d715fef156c9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gutuchewaids.com/img/dating/melisa.webp | 172.67.148.33 | | 33 kB |
URL gutuchewaids.com/img/dating/melisa.webp IP172.67.148.33:0
CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 554x414, Scaling: [none]x[none], YUV color, decoders should clamp Hash41c64b4dd274f6057d54efcc99fc9c27 dfabde2e691ff0f264258a0f3974a5d6a36d66ae d31231e53199c4e75d6f82e839cdb38984b266121574c55ce85c1612f78b4278
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/dating/melisa.webp HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/webp
content-length: 32782
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-800e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Js5YqrP0a35n9GhKsiSPkG1wQ0%2FUr2sPTL5gdytJRwcZFbISEZnCoRmr0NBNUGeHPXXf17iNRhsxGgxtyGF2wC2WNmX4RBXynw2MCHcsCpDZLgrYYQdfSKPBfZMB4JiJ2xZz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d7179a0056a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/img/dating/tiffany.webp | 172.67.148.33 | | 17 kB |
URL gutuchewaids.com/img/dating/tiffany.webp IP172.67.148.33:0
CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 507x500, Scaling: [none]x[none], YUV color, decoders should clamp Hash121e18066a90b04b590f94d59737fb63 85be91d1428a759286aa1b9cc827c978c522415d 3cfacc85bcfc651f7052c2cc7b378ae530f27b39e88ca4e58b67816f497bad30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/dating/tiffany.webp HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/webp
content-length: 17412
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-4404"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fyu7XBoAzR9D%2F6vAB%2BIdgcJ35J%2FBdNzS8jNO8mbhRlfVawzOLN%2FWOW6KUVapNzj1Tyrih20HpoO0NmVLWPiMmRKHSOcTrcKqN%2Feja6Iijl7cfnsXFfJwx80q5HRf611V%2Bjgw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d7179a0256a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/img/dating/jasmine.webp | 172.67.148.33 | 200 OK | 32 kB |
URL GET HTTP/3gutuchewaids.com/img/dating/jasmine.webp IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 500x620, Scaling: [none]x[none], YUV color, decoders should clamp Hash933dec2aaa8b66537ee5dbec726302b7 9d60a68e7a99263f101289bfb941c656f14d2333 03a5e38911a4cf7978c712bd809511e68327f909d5a5249df9bd75ae54f7897b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/dating/jasmine.webp HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/webp
content-length: 31474
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-7af2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U2nwTrFWzZ1MAYfrbVi1XasiCmVmBBBsz1nCiGUh8gomUw6fK4xrkbD%2Bd65Vqnw74pN1GGft6rp06tffVuBarmfmb%2FxTx8xJZxhiCyKH3peqly7q3j0DkeNB7GtRRuqAPJqO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d7179a0356a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/img/dating/anna.webp | 172.67.148.33 | | 14 kB |
URL gutuchewaids.com/img/dating/anna.webp IP172.67.148.33:0
CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 500x499, Scaling: [none]x[none], YUV color, decoders should clamp Hash2de563c3cbee5c2322c8ac8a2b081cd0 f281d6a51e1f9910211fa24f9f8c6b2b893fe76c b6fc298a9e5ceb3e5533137e2439179adc97db2278cdf2c07baac25e711bab27
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/dating/anna.webp HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/webp
content-length: 13976
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-3698"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OQKL1Xhr0ia1kGa5GhHa80AUVJPufCmnSc%2B7PPW7vpyQ3FS%2FeGrl%2FmO%2FiGpPLLRN6pTXCZAfs1MWXmGyaRgNH%2FNyhIPNHb9PbrlrKy1BiGVpbmkMRtVps8OLv9jYIdXNN2Q4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789f756a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/img/dating/map.webp | 172.67.148.33 | 200 OK | 19 kB |
URL GET HTTP/3gutuchewaids.com/img/dating/map.webp IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 580x580, Scaling: [none]x[none], YUV color, decoders should clamp Hashc0c1ccee54f80a107e8424ca1c3c72d2 191ad2c877f7904c22ec5c4e46262d97ff843a53 b2e5f5af4ce01433609251c3fb4e83c8bad2b9cd1ccd51d3d8249dd29f2d16de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/dating/map.webp HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gutuchewaids.com/css/survey-dating.77b63812.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/webp
content-length: 19442
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-4bf2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ka1cXdItjl6R8vBihDRvxogYnveJhLR%2Flz92pr7UOnKxrwEAfJ%2BgdDNmOobt6ozvaz55fI6OAFHar1A6%2Fq9dEXU5K493Prztj4xEg8EreXaqZ7uODRZNtPdrrtyEJc2OF9xv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d7186b6656a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/css/survey-dating.77b63812.css | 172.67.148.33 | | 6.7 kB |
URL gutuchewaids.com/css/survey-dating.77b63812.css IP172.67.148.33:0
CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeASCII text, with very long lines (27787), with no line terminators Hashee945ebf4de130e4e4c6f3c53d2f3733 bf062d5689ab9d5c5b2e6bd0c055416198f896ca fc4662f6f7d5aac7cda0f7fc07c042c5334cb74a9fd6aea1526026be698cfc0d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/survey-dating.77b63812.css HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=27797
etag: W/"661f9116-6c95"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N8ErmIWys88aMlt%2F9E5keTD0wnFmrEFPFHC%2FCFXPS3isDMVzy%2FJWQeZ6WT30rpLXe%2FC3WwkvP%2Bgln%2BB1qFIYAb3yUtTWEKQ3d45aaEhZ%2BrJSwSwd4212TjiXkltO8uvKkIt7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789f256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=rfy19q5wxa4d304epxuyhsrbjkufcy9a | 139.45.195.8 | | 65 B |
URL my.rtmark.net/gid.js?userId=rfy19q5wxa4d304epxuyhsrbjkufcy9a IP139.45.195.8:0
Hashff29a636985086bf944699e85581ad7a 093368d130ac57569fe6876b5d5bddca1dbd0d8b 2f0e9971f023e7a573718df1c945cf2b8a629dbe2a04236c2e20f445195580a6
GET /gid.js?userId=rfy19q5wxa4d304epxuyhsrbjkufcy9a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gutuchewaids.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://gutuchewaids.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; expires=Thu, 24 Apr 2025 11:44:14 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://gutuchewaids.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:44:14 GMT
content-length: 0
access-control-allow-origin: https://gutuchewaids.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gutuchewaids.com/js/v-utilities.js.d1112fc4.js | 172.67.148.33 | 200 OK | 1.3 kB |
URL GET HTTP/3gutuchewaids.com/js/v-utilities.js.d1112fc4.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (2577), with no line terminators Hash18cb151303391373ec2138ce7f10bd7f c3d6fdc026a675d23ac14beebd3a46e3e72e9dc4 93cc28fc75a9cbc865ed918e1a8d139ecf52c3a7d9a2caef63ed7092f69ee142
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-utilities.js.d1112fc4.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-a11"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jrAtMuuRkRgNW%2Fir4Mfe0A0p5csYF4FALLnZbhjaE1xcn6T1FgNGMzKuwez5Gy3eqri5A1FGnspl8vzUBONkckFXVLXfKxTUudHSYD51H1JLgKuiMemYWPqndTZO00rOEQpw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d719ad5b56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 754
Origin: https://gutuchewaids.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: a901d480ff3ae314c836a978b462387c
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gutuchewaids.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 834
Origin: https://gutuchewaids.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 29e6c419ac248cf0abd7f434387e4911
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gutuchewaids.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gutuchewaids.com/js/v-dom-to-react.js.26fdf751.js | 172.67.148.33 | 200 OK | 658 B |
URL GET HTTP/3gutuchewaids.com/js/v-dom-to-react.js.26fdf751.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (1085), with no line terminators Hashb9187a6f31bd6c7c0cfe0bcb37ecf60a 1150c33a65703059e43c0d85b1680aa04d4d60e6 a5f216a4ea67c8f005b6cededba525ee330a2d4f8caedc8232f44e4e163e5ebd
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-dom-to-react.js.26fdf751.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-43d"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=phxlf0nL9Ym%2F8k40d509szlVEljBfWG90V1HiNXdtviH%2BscrgD%2B1GrZwFXL98a%2Ba8j52PmDSjD5UR3vDOQHp6sVa%2FFZLsZcoCK4qnCffXZ4jF2K1deVg%2F1AJ6P3Eum%2Bqbnat"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d719ad6156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/pfe/current/micro.tag.min.js?z=6009598&sw=/sw/sw6009598.js&var=7284912&var_3=null&var_4=fad88h9qnojrn1568b&ymid=1206397&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 | 172.67.148.33 | | 10 kB |
URL gutuchewaids.com/pfe/current/micro.tag.min.js?z=6009598&sw=/sw/sw6009598.js&var=7284912&var_3=null&var_4=fad88h9qnojrn1568b&ymid=1206397&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 IP172.67.148.33:0
CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (27174), with no line terminators Hash75c26ccd65e96e912725399ff3ce66e9 d300939979d2048844dc5ac80c51ed8121126f4e c9db5c92934b273ad485c58710d6fbc2d580c2923a99bb456b18cb5e1465f5cf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?z=6009598&sw=/sw/sw6009598.js&var=7284912&var_3=null&var_4=fad88h9qnojrn1568b&ymid=1206397&cdn=1&domain=ofklefkian.com&ab2_ttl=5184000000 HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
vary: Accept-Encoding
etag: W/"661f9117-6a26"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JkuUfTDFSC68%2F8u3PLU7ry7xQwTo9C3EBrmMFQCfKftH11P8L8eYhRFvHwx78R0mLrXSga0Zy3QNy29ZIn9eO2dvLpWTJYKWvIMrWHPvnCXGlD7WhfUEzTFKc1K3WOvEIjRM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d7199d4d56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 177 B |
IP139.45.197.248:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd0772218af510e4d684d6d362654b50b 695c414dd14162915520c5d7b078dc5db13336b2 aabfa27fcfd0b8b04efb721f3db9da912c86272468c25256c3b1e0a7a83db2a6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 155
Origin: https://gutuchewaids.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/json; charset=utf-8
content-length: 177
x-trace-id: 55fb29c7e6f31304c3a2cd2c813f767a
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gutuchewaids.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 867
Origin: https://gutuchewaids.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 3671986e73bba7cf1dc4d0f05846b1e4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gutuchewaids.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| gutuchewaids.com/js/v-constants.js.49317f47.js | 172.67.148.33 | 200 OK | 358 B |
URL GET HTTP/3gutuchewaids.com/js/v-constants.js.49317f47.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeASCII text, with very long lines (600), with no line terminators Hash973e735a355fd5b10428c250e8fd7236 bd3fb14c90e2700400c69b15a84e317d52493bd9 16f1d5ca604ad59b9e5b484b1a0cf2d43eebda055ecee80ac847fbcc4437f0b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-constants.js.49317f47.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
vary: Accept-Encoding
etag: W/"661f9117-258"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=74fjDQqLqqznoN2Y6NZuhsb4wR0opLlS3OAavDalTt48BzE0oo9GCbTDRYlbPUNlWHmXcsD6%2FZhTLcdffjHGXBLwZ8eWN16AnSeIhP7gd7LKHa%2BVyafiu10RC3m6bFpgZIoy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d719ad6f56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1846
Origin: https://gutuchewaids.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 34b11f288df037636293990ed9c5a5ce
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://gutuchewaids.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ofklefkian.com/zone?&pub=0&zone_id=6009598&is_mobile=false&domain=gutuchewaids.com&var=7284912&ymid=1206397&var_3=null&var_4=fad88h9qnojrn1568b&dsig=&tg=1&sw=3.1.472&action=prerequest | 139.45.197.251 | | 0 B |
URL ofklefkian.com/zone?&pub=0&zone_id=6009598&is_mobile=false&domain=gutuchewaids.com&var=7284912&ymid=1206397&var_3=null&var_4=fad88h9qnojrn1568b&dsig=&tg=1&sw=3.1.472&action=prerequest IP139.45.197.251:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6009598&is_mobile=false&domain=gutuchewaids.com&var=7284912&ymid=1206397&var_3=null&var_4=fad88h9qnojrn1568b&dsig=&tg=1&sw=3.1.472&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:44:14 GMT
content-length: 0
x-trace-id: 44ea4195fc01776fba80aeb359a62089
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=27a5f10c-a7a3-4d8d-9839-0a79853b38b6 | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=27a5f10c-a7a3-4d8d-9839-0a79853b38b6 IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=27a5f10c-a7a3-4d8d-9839-0a79853b38b6 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1536
Origin: https://gutuchewaids.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 24 Apr 2024 11:44:14 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://gutuchewaids.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| gutuchewaids.com/img/fav/heart-apple-60.png | 172.67.148.33 | 200 OK | 1.4 kB |
URL GET HTTP/3gutuchewaids.com/img/fav/heart-apple-60.png IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typePNG image data, 60 x 60, 8-bit colormap, non-interlaced Hashf4471d411b901f4ffadfe746f4301a94 5eeccf4b904e8d7c08637ff7ea86a349ba61fd34 7c57c6ba7a764d7e5199abf41c8ae69dbc759bc31367ed49cfa9e02c44621e84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/fav/heart-apple-60.png HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; syncedCookie=true; oaidts=1713959054; ID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; OAID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; oaidts=1713959054
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/png
content-length: 1430
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-596"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=isbP4EWBmgTjlYhEtVMz6EabbWFxoNoguU8U4n7RmFIkwz1uqlbNdZLPsRuOFyQypUN6TlmZUN2cxFA4dXJjrGl3NvV%2FDwabfyeqYWDUQMFMdnVpDJRnjXsn%2BFQDyreWU9L5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71cda7356a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/img/fav/heart-16.png | 172.67.148.33 | | 324 B |
URL gutuchewaids.com/img/fav/heart-16.png IP172.67.148.33:0
CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typePNG image data, 16 x 16, 8-bit colormap, non-interlaced Hashb4cd647d8f4287b5bfb000409bf3f467 2ecdf76086a51393192e3a963207ce1123c5bfa4 1ea844325ec9fc0f9c3b94ae21ba4673b11632ea8a5a7b588b125d5439525ca0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/fav/heart-16.png HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; syncedCookie=true; oaidts=1713959054; ID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; OAID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; oaidts=1713959054
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: image/png
content-length: 324
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: "661f9116-144"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxWiFFCACDSwaH%2FT6P0bQnWnkZ5WnrcNpQilxxQtZzPIHeqxXhOz%2FSIYFNjaC1gUE8xkTkgRVyl0nQyqFEglZpj9SKqtX7%2BLpxzzaj9zMMixePG%2BUHVSke6HCiL5dv9qC9lZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71cda7456a4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/js/s-checkSessionStorageAvailable.ts.e8412d91.js | 172.67.148.33 | 200 OK | 3.0 kB |
URL GET HTTP/3gutuchewaids.com/js/s-checkSessionStorageAvailable.ts.e8412d91.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (330), with no line terminators Hasha1707fb484c103f2351843fcfb7028c4 43d3d0c0563335d6a9ba13a8920bdf7b70cea7bd bec32703d77fa5a512dd84399bdd43cb32735e483476e66d0eeb957a403c790c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/s-checkSessionStorageAvailable.ts.e8412d91.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9116-14a"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u6VkAhEwT487us252%2BuE8OShIN0GKdZpRPfKfQviGTH8Yhyq%2BnOEZqTThImvH%2BZ5v1xybRPTC12jzv2RQ48lAQY4Ueioce9lbYhuo%2BQQKLowIXn%2BrtfcYGIFXLm8SNZ2sXXX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789e356a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/js/v-redux-toolkit.esm.js.fe3487ca.js | 172.67.148.33 | 200 OK | 12 kB |
URL GET HTTP/3gutuchewaids.com/js/v-redux-toolkit.esm.js.fe3487ca.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (11319), with no line terminators Hash5aa3676547abc9a38889c09e69ca968d d19ea919192e86f97c34c0a5959ad05c52299aec 21648e7ba668a077e403b6bd1a38f05d55d987737b959d57e3b3c53787107eb7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-redux-toolkit.esm.js.fe3487ca.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"661f9117-2c37"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDlVB7yJ82ayxv7ezxIf6ru%2BdjbOOPh13eTS8gWlSOEAs8slFJ1WNyVbjIZgmq8%2FVljVoCOUbn0NWSv6WOJSBUjn1i6N4tYOOd%2FhxnXQIpMkVvCBiDe2ssPqJyIUj1OLtR17"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789e756a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/js/v-react-dom.production.min.js.c3329619.js | 172.67.148.33 | | 46 kB |
URL gutuchewaids.com/js/v-react-dom.production.min.js.c3329619.js IP172.67.148.33:0
CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashc53e5e3d8c5ca5f1c4edbce65426edfc 36cc2e7e0b893d82bf5f457c7a62374019d0f7aa ed83bf6bc001bd6f841c76b67aedfd3bc02cb28fb5537a1d55804f5ad0515e39
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-react-dom.production.min.js.c3329619.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=129359
etag: W/"661f9116-1f94f"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eq%2FqfDK3hUy5QqGdDZgAHeygm08hFaY1w4ZHBx7mOSu5gQh46TZYbVG11QOq1kZSzasdPaDn8OzHqh70hekigr7eF4knEbD9zFsZ%2Fv8tIJaphMcpMVFGm2D1KDT9alTo6yhp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789ea56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| offpichuan.com/rotate?zz=5473375;5473392;5473395;5473420;5473383;7044710&var=7284912&ymid=1206397&uid=rfy19q5wxa4d304epxuyhsrbjkufcy9a&var_4=fad88h9qnojrn1568b | 139.45.197.237 | 200 OK | 2.6 kB |
URL GET HTTP/2offpichuan.com/rotate?zz=5473375;5473392;5473395;5473420;5473383;7044710&var=7284912&ymid=1206397&uid=rfy19q5wxa4d304epxuyhsrbjkufcy9a&var_4=fad88h9qnojrn1568b IP139.45.197.237:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerLet's Encrypt Subjectoffpichuan.com Fingerprint8B:DE:51:B7:81:9E:EA:DE:73:A4:3D:67:F9:5E:6F:7B:F4:D6:77:5A ValidityMon, 15 Apr 2024 21:54:27 GMT - Sun, 14 Jul 2024 21:54:26 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (2649), with no line terminators Hash1323e632e25e27e353f6aba0c6dcdfc2 b52b408dd1a50bea4c3d61f2d17a537c7deec1fc 435b07e4f875f5b46aa28a40b472d8e8aa3f7fcb9e48058a84466a7ce2307f9c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=5473375;5473392;5473395;5473420;5473383;7044710&var=7284912&ymid=1206397&uid=rfy19q5wxa4d304epxuyhsrbjkufcy9a&var_4=fad88h9qnojrn1568b HTTP/1.1
Host: offpichuan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://gutuchewaids.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
x-trace-id: 8ba9b06655e168656b045c14ed9aa928
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://gutuchewaids.com
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; expires=Thu, 24 Apr 2025 11:44:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| gutuchewaids.com/js/_rtc.f86a36d7.js | 172.67.148.33 | 200 OK | 12 kB |
URL GET HTTP/3gutuchewaids.com/js/_rtc.f86a36d7.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (12222), with no line terminators Hash128d6eec0793a7e02c314d2f6245f260 c9f09311c3f229b770f38d0cc69b422430f1c748 bf1606ac64db254cc565a094e7162a96f31f7e48ddece56fc92c654559e5abb8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_rtc.f86a36d7.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-2fbe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RzkmcDqvjr0L6Js8ROCG9Pv9GLS63DDuZWTXLD00BTrN34iDD0%2BHRyV7maMrJo3LyDbalOLuTP1UL%2FWIA10fKc88koSSzaoJ%2BUqlJE6I0RGJKAi5ay%2BTL%2Fsc%2F3MCXoEcWoM5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789e056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/css/_core-survey.d3ac2ee0.css | 172.67.148.33 | 200 OK | 83 B |
URL GET HTTP/3gutuchewaids.com/css/_core-survey.d3ac2ee0.css IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeASCII text, with no line terminators Hash30d726a40ffe74d794b282ca1795b44c b43155653a1b9cc8d257687df9a75e0f204db348 4916da6d6e00e0e6681cccaf9107eb45fdfc78fe2e476444623c30a64959b5e4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/_core-survey.d3ac2ee0.css HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=84
etag: W/"661f9116-54"
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUnfAFyL%2Fu52PIMSreFF%2BH0t2u0gglwUwO4339ybkjaUALG2%2BAmz4BH1cg%2F4QnMm0IskYgiP63uo0j5BtDuegwa%2F1jt%2FnU9BXpOUpRPCK2NeAic2txjbTJC7sm68wXsHCCqH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789f156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/js/v-attributes-to-props.js.a2e7cd04.js | 172.67.148.33 | 200 OK | 702 B |
URL GET HTTP/3gutuchewaids.com/js/v-attributes-to-props.js.a2e7cd04.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeASCII text, with very long lines (718), with no line terminators Hash4f868b7a0330d32e1450766a54886355 4b5952301185e7b02e2cdcba80f4aea3de700c47 2435c4b396d0b35fca9f618a201479cdcd64e84d43a386eec071a4082d7a781f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-attributes-to-props.js.a2e7cd04.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
vary: Accept-Encoding
etag: W/"661f9117-2be"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FbOhe4UfRM4zfR9o0dv9nWTtQoN6mc8h9nqL%2BffipDsBvxBR3RXmYlSdB4FbC8lp91qbhSKYhv1pZ8xYhnVHSpRJtUmvpzEcm11g%2F8Sy9OvBAM2NZyuEEmCXRjObpvGKwQO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d719ad6656a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/js/SurveyContainer.e2959212.js | 172.67.148.33 | 200 OK | 57 kB |
URL GET HTTP/3gutuchewaids.com/js/SurveyContainer.e2959212.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (57082), with no line terminators Hash0df7a0f05192a1af311ce45d48639a89 df29dce5914578a52af5f516ccd18d289d808951 4cde10689c1ef6c2f58585483fae6d656ccfa1d16cc282dcfbe6cb89700ae2dc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/SurveyContainer.e2959212.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=57085
etag: W/"661f9117-defd"
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BIH6E1uSCVhFn1%2FUZ9BUwEm8mwznyvs6%2BoRqHQslK71lwN5WPrkebdUmxkydu12eW0cGWaGEKGymUK5wla9uWCXILx0ZuL6qleaT702OlxZgIBTq5lqi0DaMdUAN%2Bqr5Wkbu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d719ad7156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/sw/sw6009598.js?var=7284912&var_3=null&var_4=fad88h9qnojrn1568b&ymid=1206397&ab2_ttl=5184000000 | 172.67.148.33 | 200 OK | 1.3 kB |
URL GET HTTP/3gutuchewaids.com/sw/sw6009598.js?var=7284912&var_3=null&var_4=fad88h9qnojrn1568b&ymid=1206397&ab2_ttl=5184000000 IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeASCII text, with very long lines (1381), with no line terminators Hash93d7a32d2534bd0bfcc8566b83319ba5 edacae51ce3b795a1824aaa0b9fd16b024ab77f4 74d914371454da3deff6655b07d51fd9cdab7db983633703f441de9d43b52165
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/sw6009598.js?var=7284912&var_3=null&var_4=fad88h9qnojrn1568b&ymid=1206397&ab2_ttl=5184000000 HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: OAID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; syncedCookie=true; oaidts=1713959054; ID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; OAID=rfy19q5wxa4d304epxuyhsrbjkufcy9a; oaidts=1713959054
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-529"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DZhrojOoPiHZEG1PDevPCfCwt5NAWo%2BJIuXn6i82a7xpM3lWXrSAelCay3L1cO8Nczefdc9Y3zuu0X2WCE6MxEauUiq2FrjxyaU46ZR0BsVNc1iDXD2eAcrkeYL41M43iMKJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71aef7556a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/js/config/sd/sd-2061-en.js?v=10 | 172.67.148.33 | 200 OK | 4.1 kB |
URL GET HTTP/3gutuchewaids.com/js/config/sd/sd-2061-en.js?v=10 IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeUnicode text, UTF-8 text, with very long lines (4256), with no line terminators Hashd6eff4cd72a173e43e019abbb79e5412 0ce63bd8cf3ec64d79d6a52656b2febc7d209762 75aff33001b426baaac9a4c8b1c197091b8fec531ca22aa1f4c7bab941991429
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/config/sd/sd-2061-en.js?v=10 HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
vary: Accept-Encoding
etag: W/"661f9117-1020"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nn9j8Ft00TXbdNFTPSCVHaL9Bck40AOtiqH3rkRfL818K0BqYiKStZCBUr18ZK4Od1FeHBV2cOYFoBsygmqWyIfJjw1OhvSrZR03pvin6xiqNhL1rrO5I90jjOeLqRcpvSK%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d718cc0a56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/js/v-node.js.28d8082c.js | 172.67.148.33 | 200 OK | 6.3 kB |
URL GET HTTP/3gutuchewaids.com/js/v-node.js.28d8082c.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (6337), with no line terminators Hashb11cf8c1d8d8183e4d11a8f17a41189c 2f912e66ec3992d21e66e7c8e4ff40a2142a4d64 9e69f7af4cfb7fa8b5eb0d67ed8a36f5d23c276ba29b7209565faefab84b71ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-node.js.28d8082c.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:30 GMT
vary: Accept-Encoding
etag: W/"661f9116-186b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ETRNBZBRXvLA1AsIC9JHwyPpNytOWhUFWpVfpSiqdY2ec7f8ZvbodJm95YCcPeHNr1GuYlqeTBbXq3kl%2BcMChzSwY%2BscA%2BvoWFpesoYPYzyrAnQ0VqQeer3dAgp%2F4JJZm9qd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d719ad5956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/js/_each-land-config.3299fec3.js | 172.67.148.33 | 200 OK | 72 kB |
URL GET HTTP/3gutuchewaids.com/js/_each-land-config.3299fec3.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeJavaScript source, ASCII text, with very long lines (65452) Hashe50959a36d50199dd1e5357099e71a21 e9bde06c83f10ac6300701792180dc50c298e79b 231a989a44135e73887bfa3a1a56a6205e7e00a00f746976bb4bc0601125ab77
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/_each-land-config.3299fec3.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:31 GMT
vary: Accept-Encoding
etag: W/"661f9117-1196b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x13OK2jeric8q5fBvJPrUVSmrUcY1mBRC8E%2Fn4k3sJauIFq7GPPUzl6pq2vNbT%2BelK0DoJFiX%2FRFV8Eat44chgf%2BqhR3wbBNvlVbCvn2p8hGqr%2BhJEk9033RLf2YKWue0mIZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d71789e856a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gutuchewaids.com/js/v-possibleStandardNamesOptimized.js.205abacb.js | 172.67.148.33 | 200 OK | 7.6 kB |
URL GET HTTP/3gutuchewaids.com/js/v-possibleStandardNamesOptimized.js.205abacb.js IP172.67.148.33:443
Requested byhttps://gutuchewaids.com/dating-survey.html?testinapp=4455851&offer_id=2061&b=20655551&z=7284912&nwimpr=1&var=1206397&ymid=fad88h9qnojrn1568b CertificateIssuerGoogle Trust Services LLC Subjectgutuchewaids.com Fingerprint57:B2:BB:2C:1B:76:54:AA:E5:FA:B6:82:16:74:26:5B:0F:FF:75:46 ValidityWed, 20 Mar 2024 16:19:09 GMT - Tue, 18 Jun 2024 16:19:08 GMT
File typeASCII text, with very long lines (7923), with no line terminators Hashf80cb2aef29b4a80d135d1a598ce1dfa 0653306df1fd8d8591f84661643825e41684d3f6 43c16ae11cea687efa4ca55dec516b23257c3fcb22c9d3541041f1816aaa7b5b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/v-possibleStandardNamesOptimized.js.205abacb.js HTTP/1.1
Host: gutuchewaids.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 11:44:14 GMT
content-type: application/javascript
last-modified: Wed, 17 Apr 2024 09:06:32 GMT
vary: Accept-Encoding
etag: W/"661f9118-1d99"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qc5YN%2BLo%2BPuhzQHeJrsm08itwxZyGsq6fBxs%2FsxtGIOxoSNPAQVh8gl3OZltlhw7FtuBTCU%2Fn7j7lK13d70TNZF%2FbQMj5uFcu9354sGW1VA9hPX2CACAnGTlC%2BuaV9GfIIqd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8795d719ad5a56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|