| ledronin.com/img/rain/dollars-2.webp | 104.21.10.179 | 200 OK | 8.1 kB |
URL GET HTTP/3ledronin.com/img/rain/dollars-2.webp IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeRIFF (little-endian) data, Web/P image Hash8b4203d496c3f52b116af082a0cd4017 de5369e9459e240950bb7eb5261eaac1db26907f 8dd1f04088c25e20d15e1bc23129604830aab2b4d3d0a408a5f047f9768f39a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-2.webp HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: image/webp
content-length: 8140
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: "6627bca2-1fcc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bq%2F8FfBsENQ9dwHlm8eZYDmlaAdu3WoX9UUDVC%2BWSeBZ7NZ082BaJuqYzjcABfeUMP2vobj43C4iXq0%2FrPMJ%2BGuNiGgEfYsFuMKUXNn3FzkfzdEwELg2%2B3%2FGJpS0JUU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eaa79ba56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/2090-5c4f654224750f4b.js | 104.21.10.179 | 200 OK | 14 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/2090-5c4f654224750f4b.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (10772), with no line terminators Hash48a7086ede3da4d57eaa11bf2ba435dd a58e6ce70f2675ce2fdcaff04a63d33c4bc0744d 59750f2431678c96646d026ec016eeeb91df7913acfe972f7e9a3110b302dc3f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-5c4f654224750f4b.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-2a14"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ta5LIe9e%2BCPsiQ7hVuAV7M6PnB7Z3V9yFcVdezXQ71Rh31EZ22ndQUhMjmwew99N1irfV7LSgM1AfUXOSQ7j5QGMVb4Qx4ee0z78NTR1ZrP5TMs4bgbdZtSehT11jY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c8af56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/img/rain/dollars-3.webp | 104.21.10.179 | 200 OK | 5.9 kB |
URL GET HTTP/3ledronin.com/img/rain/dollars-3.webp IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeRIFF (little-endian) data, Web/P image Hash51ea76ff382bff8ef58a9943f7fd21d1 5c3d6ad6620fbde5ce3dddc88604e6d54621eba2 0240f30fc542fb5c2d532f33bc793b797199adaea75e22a7d9f04674b80d9a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-3.webp HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: image/webp
content-length: 5938
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: "6627bca2-1732"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E1gIN0W22FLes2xoEJdZCWP4NY%2BK1Mmk9KjMfxU0tIs%2B%2BzAyJwk0NDU%2FOft2rHIt0vOdkl%2FgKNGX7ZjzCbJDiJtdret%2BWCv7Cz%2BQDe1PUQ9nL8KcFTgmqeATTLpwfNU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eaa79bf56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/825.dc2233ab620d87e2.js | 104.21.10.179 | 200 OK | 8.4 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/825.dc2233ab620d87e2.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (39469), with no line terminators Hash72ac5913c12eaedbe7594c6acf1a627f 544008497f3ce02575d0fdd1df7aeecdb0b4d08b 2b3a1eabd05bc09901c3dcfc74e0ecadce09d0d29e9ddaf90f53fe22e169f05a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/825.dc2233ab620d87e2.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-9a2d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3FiUlzwpE%2By3dY2eRJPRGd3nosAVdYJr2pMBW2doPgfL9bBT8xn5EpDHTVdYgIzPyemoY0YUrc0LZRha1bM0g8r5riebaonhU%2FQx3eZfKrc%2FPkuW2CRL31qaZp%2BEa9E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9b89c56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm IP139.45.195.8:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash7d93fdd0561cbd2dc04133d06fdf7078 5705277f381be34931c8a9d007b1f09e277cdd13 0c118ff32cccd28331c9aba1ded0e5ef569872c931c9760e172ff5825fc10264
GET /gid.js?userId=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ledronin.com/
Origin: https://ledronin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ledronin.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm; expires=Thu, 24 Apr 2025 06:54:29 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ledronin.com/_next/static/chunks/main-beb6af9e60a8e042.js | 104.21.10.179 | 200 OK | 33 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/main-beb6af9e60a8e042.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash44ec1451f689d71d5f33a10d4aa44658 0f7e72050b7bf72366d9463a16038ae94e232f46 1708144463d376da261c16eab17b1d2fe5c49351847f43a46c6ae4b347fd9304
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-1a957"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FkRHQxFweHave5%2BQdzIl9IjsrUMMZ7%2FgM4q7PG8uwbKsKPhLFN6S3dKSt33s0syjtEksL1kpLsj3PpO%2F1mA2gm1cUmGeGeZ7PXNpJL%2BRGqSDOPGE12i9q7Xs42eWhXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c8a456ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ledronin.com/
Origin: https://ledronin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 06:54:29 GMT
content-length: 0
access-control-allow-origin: https://ledronin.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ledronin.com/
Content-Type: application/json
Content-Length: 386
Origin: https://ledronin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: ad8c22d4bc109b7d5b4de8bff7ce456d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ledronin.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ledronin.com/img/comments/finance-survey-people/person-1.webp | 104.21.10.179 | 200 OK | 1.4 kB |
URL GET HTTP/3ledronin.com/img/comments/finance-survey-people/person-1.webp IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5da2ea294623650bae71fc84401cf60 f1f62ea011cf81953cefe28254c134e992453b91 09a846c5b1af2c6100ff3193789be1e0e21ba9fc45c268f76f2007c78f1e4ac1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-1.webp HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: image/webp
content-length: 1402
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: "6627bca2-57a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bnSGAbwyfk8EfP8hDjJN%2F8YlFNGelJRu%2FxhsbBsYE%2B7ZyCSj6BFdjLaZkdlt5RhPgkBRX9XCgUYM%2BA%2Fl44%2B0tfab3Zicv895L35uebGeekGM9%2FICWDg2nJhe77IH4so%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eacfbde56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/img/comments/finance-survey-people/person-4.webp | 104.21.10.179 | 200 OK | 1.8 kB |
URL GET HTTP/3ledronin.com/img/comments/finance-survey-people/person-4.webp IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash5dc160f6b521dc8f6c670b140b354fed 22e15cda82b532067b99932ec28f86ea2cc1ecbc 09c6c6de57458ec0c4e7a3d2375e0c7b9c037de9366b63e3685cc0ca94d838b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-4.webp HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: image/webp
content-length: 1798
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: "6627bca2-706"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JwQlM11HZabPIErUSarApXbLrAGqVGymCY4ebbT2zjJlDoKlg2HtHbfGw1MqBh8bRkf1jk88N9frKKwNyz3gFoP%2FFpwCermJQhUcaW9FVRXzFrnEjHa9jLqArZwOqcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ead2c1f56ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/img/comments/finance-survey-people/person-2.webp | 104.21.10.179 | 200 OK | 2.2 kB |
URL GET HTTP/3ledronin.com/img/comments/finance-survey-people/person-2.webp IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash8f8ffbb278de1342e5cf44cd0c677c23 1b4b4428e409479cc8a8acfce6f537c2aeea7556 ac4284ed6941963c4fa0db306537f42f3a0b1fa18710bc7b9e1e62188961d83a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-2.webp HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: image/webp
content-length: 2220
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: "6627bca2-8ac"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXoJG1dYnBmCuL9noxu7d3jIV9qcrp0hv%2FmGeFjAFl0hEU9yDdWWDvJzaNFcFmEZjcN%2F3WEGyejYmcxmVJqXp1qk1k4anQYCLdhgbDWuccT%2FZsp%2F2L5zLaSbJQqAy7c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ead2c2056ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/9787.32846937d0160cf7.js | 104.21.10.179 | 200 OK | 794 B |
URL GET HTTP/3ledronin.com/_next/static/chunks/9787.32846937d0160cf7.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (1761), with no line terminators Hash0b47bad6a8778bdc8cd3dec268938624 246ca006b4bdb919f3f1e8fd567a8631f5a136d9 1bb773520bd8d662232b89b67a6ae04556b715b90239d9c443502219b71a2471
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9787.32846937d0160cf7.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-6e1"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B1OQ8ZArx2mohhcwRSgsV%2F0V5QEde8VVihBBsCkNmAd0OoaxR15y4tYCg2yXz1YidHINixJCPIAEfjtrj2%2BoJ5rzNe57SrSWt0UcyOFKL7f0y%2Fy6DxbqEbHD4P9Jqbk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eabaaf256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/img/comments/finance-survey-people/person-5.webp | 104.21.10.179 | 200 OK | 2.4 kB |
URL GET HTTP/3ledronin.com/img/comments/finance-survey-people/person-5.webp IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash188dfcdf19da1d86ed162d54ed03536d 98b1baefbb803548b2894547091b4c7773406524 4f8251665e3cc796f127ea6cbdc00a9ec450adff16acb4ec74463c446b6f4ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-5.webp HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: image/webp
content-length: 2384
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: "6627bca2-950"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cqbMcLlVfV7dSkJCSFsfxtN2CXXIJ69qvKjvIDGWdyDbcSsxoptMRQdTuz7ya1WheM%2Bj2tH79UOyAq4X7U0pXbCaeIeT61VfT4NoraeNka28RcYvdDzkkOVodys8Xzk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ead2c2656ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/img/comments/finance-survey-people/person-3.webp | 104.21.10.179 | 200 OK | 1.5 kB |
URL GET HTTP/3ledronin.com/img/comments/finance-survey-people/person-3.webp IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hasha747d227c2e10b5178fd942484301d7a b3c5cf90dd5fd2c26c7b17dcb2d35b6dd47065be 9f4fb1281b7141b9dd48925953f7b039b6c411ea0e6e5b158d3e000d75316e9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-3.webp HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: image/webp
content-length: 1454
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: "6627bca2-5ae"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cr%2Fg6SzKkNELpwvSWJpyiDpJoiCCVtkZXGhsr1Ax%2FWyEYsh5qAcS4jJSv26fytHmUyZiY5hDJa2Y55lYRu6W19WoGyC%2B5EcImAIaKhdNaWFhCOsZNBydgJ7%2FQandmwY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ead2c2256ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 0 B |
IP139.45.197.248:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://ledronin.com/
Origin: https://ledronin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 06:54:30 GMT
content-length: 0
access-control-allow-origin: https://ledronin.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| ledronin.com/img/comments/finance-survey-people/person-6.webp | 104.21.10.179 | 200 OK | 2.4 kB |
URL GET HTTP/3ledronin.com/img/comments/finance-survey-people/person-6.webp IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash7be25941ac032fcec25b1bb4ede296d2 cfc4fb3733844326076b6d7632087204c0bea34d 0ff9d28c4ab7516d2790e8df4d325cf602bc8f9eb787a7cd9b6554edd9530e4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-6.webp HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: image/webp
content-length: 2440
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: "6627bca2-988"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rj20Lu1digUYKylpnwCZZhLwG5u%2F2KF8uQxkyyvur4skL6SIMnnPqtob7zRTrrlhKVxul9LZlnSKKE28QuNjPIh8pf13YyUtnDOz6qcablZ6KghBUyh7%2FeXn52NtUFk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ead2c2556ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/finance-survey/icon-survey.svg | 104.21.10.179 | 200 OK | 753 B |
URL GET HTTP/3ledronin.com/finance-survey/icon-survey.svg IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeSVG Scalable Vector Graphics image Hash9a8ba19b913810bd358e5caf3a7c2a75 6eff5e84f2b82772bb6029088ed852a8161b3252 58b0a3aa24ef605d4b812bcf92cbaa2e7f78bd43f929ca6362bc259da610399a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/icon-survey.svg HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: image/svg+xml
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-a72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cxsvqxBYGdr%2FtJN64g3MKyPwjyHItBQvwNSZxPxJwf8cX%2FNpTKxegnz6lRD1LRKlUeuf5DF9aoFadMkj3G%2FV42C1VjU6SvQwt%2Fe0FbYJiEOs4eU7UPdp9qeeoe2I93I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ead1c1e56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 179 B |
IP139.45.197.248:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerLet's Encrypt Subjectarleavannya.com Fingerprint8A:67:B7:06:5F:61:ED:52:C0:9B:58:C2:64:98:7D:1B:64:03:3F:47 ValidityThu, 18 Apr 2024 17:09:05 GMT - Wed, 17 Jul 2024 17:09:04 GMT
Hash081142aa1c9267422ee7fd25ac457579 cf8a223610da412aab4cc9aec68f6f304258b3ce 58084d495376ed2e41f026c352cabb187129c58109f2b15caeb1a539deb2cd19
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ledronin.com/
Content-Type: application/json
Content-Length: 161
Origin: https://ledronin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: d66bd304b3eaa3380a0765d264101ee0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ledronin.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c08d87d8-0fd0-4d51-a21a-1ccbda6e0493 | 139.45.195.253 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c08d87d8-0fd0-4d51-a21a-1ccbda6e0493 IP139.45.195.253:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=c08d87d8-0fd0-4d51-a21a-1ccbda6e0493 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1437
Origin: https://ledronin.com
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 24 Apr 2024 06:54:30 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ledronin.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| ofklefkian.com/zone?&pub=0&zone_id=6679100&is_mobile=false&domain=ledronin.com&var=5072357&ymid=6118780&var_3=&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ofklefkian.com/zone?&pub=0&zone_id=6679100&is_mobile=false&domain=ledronin.com&var=5072357&ymid=6118780&var_3=&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest IP139.45.197.251:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerLet's Encrypt Subjectofklefkian.com Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02 ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=6679100&is_mobile=false&domain=ledronin.com&var=5072357&ymid=6118780&var_3=&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ledronin.com
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 06:54:30 GMT
content-length: 0
x-trace-id: ee5fe7aca5ffba7fbb01d1dd33184d8d
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ledronin.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| ledronin.com/favicon.ico | 104.21.10.179 | 204 No Content | 0 B |
IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Cookie: OAID=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm; syncedCookie=true; oaidts=1713941669
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Wed, 24 Apr 2024 06:54:30 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNbMtTt9scFVbylPI2uvjZ%2B3SA2zJ8WoP5hKeaofJZATb9hVvK9ibAlzAG5SZN3rPNpAndWAuUSM4uEQrX08KCGfhARGttBd2U33bxbKVeL7JByB0%2BLiogJ2Ou54V8w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87942eafff0756ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/1754.9cd5cec6a6099ad4.js | 104.21.10.179 | 200 OK | 11 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/1754.9cd5cec6a6099ad4.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (12011), with no line terminators Hash97a720cc805d2afba1d18c848124b92e 600abde3f10a7008dcf63a06a38ddcee64d57824 67f19c84ea29e05d552357bf00c539946706d764dbe36d184af3b711ebd663b2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1754.9cd5cec6a6099ad4.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-2eeb"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sDfn3nvJgVqen3I8LC3cWYcR3SzgCTqeod8x8w1y%2FouspKZiZOCCwR6rcsw9ugOCENtPWpuaD%2Flh282IcALcyxGs7qVZwNcUGhZP%2FayvhG6rVjK3QAV0sLr9A8QPsWA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ead2c2756ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5072357&ymid=6118780&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm&os_version=&btz=UTC&bto=0&z=6679100&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 | 104.21.10.179 | 200 OK | 18 kB |
URL GET HTTP/3ledronin.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5072357&ymid=6118780&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm&os_version=&btz=UTC&bto=0&z=6679100&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (27012) Hash4d5fdbf5a5eaf9b73b515e58aaea8ab1 af206657baadc54af340d9b32738e9797934eaff 05b026bb4f34d6fd3b5db29bffb1ba5be6f9b11d954fa44fd4d57acd997ecb2d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5072357&ymid=6118780&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm&os_version=&btz=UTC&bto=0&z=6679100&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Cookie: OAID=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm; syncedCookie=true; oaidts=1713941669
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-6985"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4tGxRGZTnHt2004WGlEGRILk5udDtWv91041jpb%2BkYUQn24QwA0c0A%2FpF8fsJstMXPaf%2BfvFxyTdxWDM90NmhtsvqrxWTtlIjjZMAeLEnx0sHipy3krhlGa7S5cMmEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eaded0c56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 172.67.195.28 | 200 OK | 16 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP172.67.195.28:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com Fingerprint3D:20:D4:11:5D:06:B3:63:9C:08:BF:D9:D9:16:22:D5:DC:3B:9A:CB ValidityMon, 22 Apr 2024 03:33:58 GMT - Sun, 21 Jul 2024 03:33:57 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2318
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPFpxwq04w8SpDy7kn7HdhudcKxhMAcXpZTZkpZdjiEs1%2BBPrNu6rMPtdE8%2BTMiqG6l%2BnNlukbXGIMzagpUz0cWkhQpWQVWL09yfCuQapl7lmk%2BcxzCU9%2BGi2AJUADKhfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87942ead19ad568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ledronin.com/sw/universal.js?var=5072357&ymid=6118780&ab2_ttl=5184000&zoneId=6679100 | 104.21.10.179 | 200 OK | 3.8 kB |
URL GET HTTP/3ledronin.com/sw/universal.js?var=5072357&ymid=6118780&ab2_ttl=5184000&zoneId=6679100 IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
Hash10b28f14a4642eb75e65f9babba5b2e5 83063f314d4e3f6568f4494abc796cdcbd87e3b4 0571c36e64ce7b589721a47fba1a604ca982a0b2a3694440db526d05dfb4e5a9
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=5072357&ymid=6118780&ab2_ttl=5184000&zoneId=6679100 HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Cookie: OAID=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm; syncedCookie=true; oaidts=1713941669
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-5b5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0dL20r1qCf9fCxMpu1nzSdZi2gHRKX63cWfvLGKlsqbfavS5ObcMck4Bxbu68Q7YlDQNClX5DF%2B27Jr14wtnbZtxD76r1Y9bz%2FvNJHdqcjhBaYbFmbe3wpXdgtvFKuA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eaecdef56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE | 104.21.10.179 | 200 OK | 40 kB |
URL User Request GET HTTP/2ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE IP104.21.10.179:443
CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: text/html
last-modified: Tue, 23 Apr 2024 13:50:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpUj8lpqcFF%2FXR6vcIvPr%2FD01YXKdoSZbggKlYq0vtbY1Ro2gOmkNw4NqdZpOfaRxYMMQ8eMuF%2FCbf7WqLbFHunpyYUcqTia9wz2jeL4%2B9V6s2P1nojDotI9EQfDPOE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea80f7f5691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ledronin.com/_next/static/chunks/7903-dd238946c7924507.js | 104.21.10.179 | 200 OK | 32 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/7903-dd238946c7924507.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-7c98"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uWCYnmeaoD883bILm1JUQteGy5GXjuw4jXsLAbiEoGzBxoqI2S9XyLkUYACHq93uPqbk4LNUlhp9SdE%2Bq1%2FsxB4YmcL2lnQh%2FoU1BEvpDkJE13hn3J03wlXa2QmjFRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c8ab56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/SvPrY0nXpsuijobtZfca-/_buildManifest.js | 104.21.10.179 | 200 OK | 1.6 kB |
URL GET HTTP/3ledronin.com/_next/static/SvPrY0nXpsuijobtZfca-/_buildManifest.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeASCII text, with very long lines (1697), with no line terminators Hashf04c2c67c01e953b9905a6d2cf3ff213 1325595e714d656cd1c55a083a38200caf7b4c37 6b48b4aa73ef1ddfbfca4feeb48bdf145394fd598bd598b8c6e762d90d8aa5b5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/SvPrY0nXpsuijobtZfca-/_buildManifest.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-645"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00tFryLhS9wOfsA4CnrscRIpkTliT61TCiAVbVJx4jrr11TUe7WZ9mUdn2K2em9rHkOH3LXfWI9boLxLVVAXKO1YFRLll%2F4t5uAY1BYUQiMK0dI3mwoJMZ1o9C2WYFQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c8bb56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/6223.36a8be3b6724c1ee.js | 104.21.10.179 | 200 OK | 3.8 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/6223.36a8be3b6724c1ee.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (3870), with no line terminators Hash1d892f4ab084b8290d79dcf9ec65b79a 17b0c18b7201dd8eb4bbd3db5be2f1d784000948 77e68c0c19f773bcf939398361c922509f29268cea7afe93f3f7050183115e14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6223.36a8be3b6724c1ee.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-eee"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XvzwIJbBEXmj%2F%2BymfHz2rCm4PvUOBQDRf5dLkGgkfG2Af2L4N%2Fd5O7KM80WurlB60L%2FdxFlZ%2BwEmgXn7v12UXmAnfq5cv%2BSLHCFvsHG%2FpiLAS5IV2jm2MQJOwZiWWWY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eab6ab256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/pages/_app-0f814bf65bb937b6.js | 104.21.10.179 | 200 OK | 40 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/pages/_app-0f814bf65bb937b6.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (39639), with no line terminators Hash649804f3281026754527e570b07d551b 54462d1b3add95899433716bcde17544f776758c e7803952bd4f44ad5a04f512815505e81c32c128aaa61eeb68e97d5ca812293b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-0f814bf65bb937b6.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-9ad7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SXPWlEfITPua0Kfo5eiknedDwEyDxw8ELXkypHZF8IGEFVk27H%2BS34NxpiVCGCmAcP%2B%2Fcmlxkw3Ie1WCXddPq5OCLyTzT0Uq8Tim8%2F5Fd7y%2FAGszWWCF95RzxwMq20o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c8a756ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/86.bac2ba45e7336f6e.js | 104.21.10.179 | 200 OK | 3.1 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/86.bac2ba45e7336f6e.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (3146), with no line terminators Hash9a621532474eeef3ddd201e38ac6cd16 337c9e6f44c3c88c1a6e78ecb54a688a7135940b 2d1989da0dcd5209582d6fcfda76f736466a5480f3bca445d56a10bfb372dd01
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/86.bac2ba45e7336f6e.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-bee"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2FwVGCCncJIHQKItR3mpbf0osfl2Haxwm710nAOvrh57Boia%2FT5wQml7gi9933WDISWWCGA0OIOwUc3P0NSpDLoJmCzxy7MmNAEvpW4k5BVjtacSiko2sX4x9nGX%2BBc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eab6aa856ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js | 104.21.10.179 | 200 OK | 925 B |
URL GET HTTP/3ledronin.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (939), with no line terminators Hashe370c58940efd9305daf2c9601a7da0d ac6f3895617e4817d7bf86b7c637a231b13a12b7 acba948084ac297d876a066617c1a4c6d9f5a664d43514af605a4c6d1fe37315
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8904.6fbc0cfd51623cbf.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-39d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5XsxU7b%2Boiqk1sDpAXR%2F8tVzH0lS5xPllYNCWdT3HQImjSAFsBXYQBls6khw6VFE%2BhkR%2BNmoxdh1vjjveDrKDEHqCxj2hZOhojrGMc1RWAHGduLTIApSCrF%2BMdj1p2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eab6aac56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/1155-583789f39fbca4d3.js | 104.21.10.179 | 200 OK | 65 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/1155-583789f39fbca4d3.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (65221), with no line terminators Hashd1b9c2180b8a1044493574202e4e6764 df3bce9ad71114de9408d34178cbcd7e8fecadbc 1b4ae3890096039116579befc0c26b8c1ff9e23f9c92553c0f69d3fc1f975fd8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1155-583789f39fbca4d3.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-fec5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0FDWQTg4%2FG%2FX9HIZ8Y%2Fy4L5thsmHGn18H9pHLkJMcovpO8%2Bx6vshjPUVwOJpYT6ujp6mYYWY1a3Y5B4a2o4mK6LRKVrykXbqS9spYRvhmiHTiatBjJ8LaEY4aJJfCVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c8b456ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/css/0bc0cde260d08b97.css | 104.21.10.179 | 200 OK | 1.8 kB |
URL GET HTTP/3ledronin.com/_next/static/css/0bc0cde260d08b97.css IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeASCII text, with very long lines (1843), with no line terminators Hash64b2b4fa42c7d558d735e2cd28ecf88a 03d6da6e55b1201b51689590520da495a9233d67 2fdb3ce9ccba8355040e5ba3dfb2283194acba81858943b5d88f70030dbb71ea
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: text/css
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-733"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sd4z3QNUa2YmFPMwlMK%2FpOoPoZ5bAHD9zSTFvbINHXjlCH5QSj%2Bn3IErDDgEQglQpUqpus5rFOWLI6vx3Hh8NkBxxYX9pc1ucP4wANFW3r6NsCGwQM%2FPKwR7eIRl3cM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9b89356ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js | 104.21.10.179 | 200 OK | 662 B |
URL GET HTTP/3ledronin.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (666), with no line terminators Hash49f9c13e383477050c867416e60b3222 eeb57b5af30601d21511ff1eb94001b86d0c6465 1430b1cd7eaade1b7ba5b3a245f9221c0f6067efd03fc812821d0762b5d10ad4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-296"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HWwhBD5vmiU90%2Fcg2UN0ublMEgiLyWa09mSzxWWMAol1Dw3VhKxsceyAe%2F7wZZ%2FteSW42X8RKjBlgDkHneLZ4G97neRV0s37rsJYdc%2FAzNd%2FE41yTZzRQGjqpbZsRWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c8b856ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/5927.10a9d67f6732d4d8.js | 104.21.10.179 | 200 OK | 18 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/5927.10a9d67f6732d4d8.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (18514), with no line terminators Hasha430ce709a2b2e9b144810c17115f6c7 b0d435157a5614b2d58efdc0f2b5d94bfbfb5c2b d2461dafb3c86b97148ce5a6fe69d9f050cfe2aba4ba5fa311ebc3349504a7e2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5927.10a9d67f6732d4d8.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-4852"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2FYc0TcDOdcNwwDvE6yaMNlnvYUsk1rBdvSHLQ3unRsO%2B5GL6Jegw7%2FOAwvt%2B0ksuUmKqNaF%2BcTImtLzZ69cFxDZATvspjVZ7tR4RA9GpIGKA3ND2%2FZlHyK9Ka80Uf8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eab7ac756ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/framework-3281cb961088a9a3.js | 104.21.10.179 | 200 OK | 26 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/framework-3281cb961088a9a3.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (26042), with no line terminators Hash499fb17b15c09c2d76681f27dde9a031 5564d317c33112db56918ec372d392caabec70f2 9350c53e2fe847ec629962106d01d6af28a0d9c69feb57e7609b3c096935cdb2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-3281cb961088a9a3.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-65ba"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FE%2FShWxaz5Ro0MF1xV7TRU%2BePNp%2B%2FENQ%2Bhx7WLnlaTIwVOYxlD2LoZSM9x1leintHy4AbZUIqq0a6bOMvgthO4zudS5RObp5oKw4eYgE68kUx3U%2BjCQRnLbBv6tpffM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c89f56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/2734.c0427a5c5baaafc8.js | 104.21.10.179 | 200 OK | 4.1 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/2734.c0427a5c5baaafc8.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (4183), with no line terminators Hash2ccceb54e595113f97529d0abcac6974 cc2193e9d9141a5e9cd10e3aa09c48ed40ffd197 e84010b7c11ac1e8a381c56e2483be7d2c48783e9356d31cf4c723338e7dd0f2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2734.c0427a5c5baaafc8.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-100f"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DefhxpHSrqYDJ9VoKbCZu1%2BC7lVIwOhqM9VanPQR1oqh5iulo8W2I9ngrOhVazM1NXllRe9B1dDmLJ5MjQtq5YYR5AjTSCoJ8yVtErLf9dY%2FzpFMZA0sMsiAN37Rdzc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eab6aa356ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/3091.c21155d8b2396207.js | 104.21.10.179 | 200 OK | 2.4 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/3091.c21155d8b2396207.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (2429), with no line terminators Hash3b91a1044dbf61b756a3730050ebd45f 9336d892614e8c5ab834d493c1cc7c0aa8aacf1a 586c6e521c5ec066a20ba11265175c9c75446d1ae33fc954f14c7d4cd3be2a62
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.c21155d8b2396207.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-94d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O5tUXZmmkRm4r41eO4USIR%2FuZq%2BTBIClNDexY3%2FYafyLad%2FG2JsoV8Z%2FXUndl%2Bx66pwgBcKxQXYpPFm6ElmqwGEDtVMs%2FoVOa4qXgov4W%2F6cbWwlIU3quRGsTyUF2vw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eab6ab456ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/webpack-b5b3ca56f779a8e2.js | 104.21.10.179 | 200 OK | 6.1 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/webpack-b5b3ca56f779a8e2.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (6330), with no line terminators Hash563c74348424353082d03b5eea3a061a e22f3220daf08c99b493da24e4665fdb9bbacd03 80c600559242ac8d92825bdb8aa37a96c930557c03d710b348b978d12f715c1e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-b5b3ca56f779a8e2.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6627bca2-17d2"
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsow8DsEvYbVnD%2BCp6W9RQ6CQxKgmdHtqTxCn7crvbx9iGB8Alz%2BTNX9HVccngcpudTXt%2BRIxaTQLbaEuRUIZIuQh1EvLqFVbrZBGhB4ceSksMN%2BdwC5TmUB%2BQRtMXY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c89d56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/track?dry=false&request_var=6118780&oaid=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm&os_version=&var=5072357&var_3=&var_4=&variable2=FMy6WvYBtCS3C7xoq6vigE&ymid=6118780&z=5072357&offer_id=2025 | 104.21.10.179 | 200 OK | 182 B |
URL GET HTTP/3ledronin.com/track?dry=false&request_var=6118780&oaid=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm&os_version=&var=5072357&var_3=&var_4=&variable2=FMy6WvYBtCS3C7xoq6vigE&ymid=6118780&z=5072357&offer_id=2025 IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe6246b04b7d99b675f7086e756e1f242 9f3b5f5cb9b34830dc20448a0acc83bcce5d2727 5ecadcf1c19edd16643f48e47f530b024c97a5653f98a47e14c61d5270dd7881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=false&request_var=6118780&oaid=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm&os_version=&var=5072357&var_3=&var_4=&variable2=FMy6WvYBtCS3C7xoq6vigE&ymid=6118780&z=5072357&offer_id=2025 HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
DNT: 1
Connection: keep-alive
Cookie: OAID=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm; syncedCookie=true; oaidts=1713941669
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: b57de21e1673e54b46dc4163276a73c2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://ledronin.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6rGKtuw19M23zOBr337Hs4jx1bBOCtx%2F817yJh9bsZIA5PR%2FouljI31cU1JexlRLkgZ3bjip6yORkYsyaoDwtzfehuEeEn1hViR3K%2Ftgz%2FrbLDGZUeeHuQHyKl20OF8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ead7c8856ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/4981.3c1daeeee82e08ea.js | 104.21.10.179 | 200 OK | 22 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/4981.3c1daeeee82e08ea.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (21617), with no line terminators Hashe5a18eccb2797e5391d6ce697f63eaba fd0cfa9d1d8af22b690973928c5d65b6be83389b 865d0997740868b6c2804f1949e997d55baffc23023235d8af966f8b999c2b84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4981.3c1daeeee82e08ea.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-5471"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wjyz2D%2FtFHzib2e%2FWt0654OT8d6J9JEIV4BbqD8hJg5mQ0aIvUnzxft6axuG9bWIH5bVH3x%2FeqhfIYbQ9wbv%2B8WW3om%2FZ83ZlVnKn8Tx6rlJ1reZcRxJ7inBfRhtNTk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9b89756ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/1706.8b7dd24879347088.js | 104.21.10.179 | 200 OK | 20 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/1706.8b7dd24879347088.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (19738), with no line terminators Hash7cd1db24e089a8319084d97207e5bab9 da0814161e7abc9c852b7219ad17af3db13774e7 46d44f30314f990c43945d6bc834b31b3051d68836c384244a632195e22df8e6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1706.8b7dd24879347088.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-4d1a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a7ah%2FShMZ7qgHKnxQt8x748XiWc3HmHZ8bXL1IUhgDdwkhXTiLy2k4fWkGRsuenWDQRr2bMyF%2BOCvRfFLB24pf4dhCgNRj0cGN95Ij2XrIc1R4xji2qzPr%2B1ZO3IVjo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9b89a56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/img/rain/dollars-1.webp | 104.21.10.179 | 200 OK | 10 kB |
URL GET HTTP/3ledronin.com/img/rain/dollars-1.webp IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeRIFF (little-endian) data, Web/P image Hasha5bef813a0113d018592091106451c8b 59365e96c4abca5eb98a0c56db0af0bb5cbffebb 036beb7de9c9d450e1442d593ff70ad392ca4be6754e7feaec249c0009e1bd83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-1.webp HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: image/webp
content-length: 10546
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: "6627bca2-2932"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tXoniInCo5e5xHd1usBxys%2Ft2YjnJOxxbLv3ZTO1POBcnMzhzoQ9fhzX5LvXjQEURv2Wp%2B2K2OsQZryxxDfOHgErMtGbPFFpD0n9LCqbRJSNFeXIwYSsk%2BTN7ZQf7dk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eaa79b456ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/2610.1baf2de4c8779a0e.js | 104.21.10.179 | 200 OK | 13 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/2610.1baf2de4c8779a0e.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (13124), with no line terminators Hash285f6dd54ac88cdc30a796895c98adb3 f4ff40359e70d2a28b3ba2773e180ac93ce29a37 6dff74775e02f0f3618dcd683ce01b570ed044fca2a250051e6f7e6bb0cc2974
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2610.1baf2de4c8779a0e.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-3344"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=el1MmJZciNKqFSAseHPTgHrAZjNPhyntmMfmQ26VIhHF%2BgzjeP1Nfvx%2B5pKlxpsZmyfxqZNBpm3OHAqdsTU2p2qOhu5p4Dtq1m%2BW3tQMRw%2BWh%2FaPNqjHlfzZxDGk3XE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9b89556ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/SvPrY0nXpsuijobtZfca-/_ssgManifest.js | 104.21.10.179 | 200 OK | 182 B |
URL GET HTTP/3ledronin.com/_next/static/SvPrY0nXpsuijobtZfca-/_ssgManifest.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/SvPrY0nXpsuijobtZfca-/_ssgManifest.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-b6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqDFInrw7lgxf21AKN%2BleKi%2F%2B%2BtBENzMzSow2Oo8l%2BUiKa55YRyE3BLN7gQFrYFwmlosJZN0KQEK4XBRx2qkT0GDTLcw9GvmHG%2FL1uXOX7zE3bH7pNhifl%2FzwJYXhd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ea9c8bd56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/rotate?zz=4292526%3B5128285%3B4326653%3B4949467%3B5381239%3B5381316%3B5381307%3B5381339&var=5072357&ymid=6118780&ab2r=&var_3=&var_4=&os_version=&uid=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm | 104.21.10.179 | 200 OK | 4.8 kB |
URL GET HTTP/3ledronin.com/rotate?zz=4292526%3B5128285%3B4326653%3B4949467%3B5381239%3B5381316%3B5381307%3B5381339&var=5072357&ymid=6118780&ab2r=&var_3=&var_4=&os_version=&uid=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (4807), with no line terminators Hash7017820215784b72fac47fcdc1f8daaa 5ae713af25a600aec1ddf92e8f8cd05d83710b9c cd26c6d9b3243807bd8c84ffb63283b94f52e2a4cf524bb23efcf72be460c7ad
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=4292526%3B5128285%3B4326653%3B4949467%3B5381239%3B5381316%3B5381307%3B5381339&var=5072357&ymid=6118780&ab2r=&var_3=&var_4=&os_version=&uid=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
DNT: 1
Connection: keep-alive
Cookie: OAID=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm; syncedCookie=true; oaidts=1713941669
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:30 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: 343786913595c6714dee3e89a4c1fa71
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://ledronin.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=kbdov581bbrf0ywwhqmpmz8lwbo2bbnm; expires=Thu, 24 Apr 2025 06:54:30 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AureeME5y%2BGSE8epARXZm13cF1bjeH8ScbbQXaKEqUp5hzagd%2FC0KrieNCgd0NZHpP8FyJAZZoviqGnnL7llCKJKSC1%2FtY34HP72MGzdSApS8bPgoha2fw4hu2iCP94%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942ead8c9656ca-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ledronin.com/_next/static/chunks/3978.f48a53d50c258a97.js | 104.21.10.179 | 200 OK | 3.0 kB |
URL GET HTTP/3ledronin.com/_next/static/chunks/3978.f48a53d50c258a97.js IP104.21.10.179:443
Requested byhttps://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE CertificateIssuerGoogle Trust Services LLC Subjectledronin.com FingerprintAF:38:E1:84:C8:27:77:3F:A5:A5:6F:4B:D2:0F:7D:DD:36:7C:1E:4D ValiditySun, 14 Apr 2024 02:12:10 GMT - Sat, 13 Jul 2024 02:12:09 GMT
File typeJavaScript source, ASCII text, with very long lines (3033), with no line terminators Hash74bc667253313da76d87a4a986be1be8 9fa4f4b0ef93eb4d387552e257796321d197540f 1c06c61294617665f38c1276deec5d74330236351921feeef0061359cdf139c7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3978.f48a53d50c258a97.js HTTP/1.1
Host: ledronin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ledronin.com/finance-survey.html?z=5072357&offer_id=2025&var=6118780&ymid=FMy6WvYBtCS3C7xoq6vigE&ymid=FMy6WvYBtCS3C7xoq6vigE
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 06:54:29 GMT
content-type: application/javascript
last-modified: Tue, 23 Apr 2024 13:50:26 GMT
vary: Accept-Encoding
etag: W/"6627bca2-b8b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ciaaC95D80F8vH6Sb%2FaBgpqkCqKPHih8%2Blrahoxzfji65RJVvU0RJsJUl1UwX1C6ZPPQbOa7O%2FO43wu%2BSvnSviRa2GAoKCjDzbEC0P8C7wK38Pecfavhsq5SOv%2FnBd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87942eab6aab56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|