Report - haucawoug.com/single-page/145/?z=5615727&var=841732872225169408

Report Overview

Visited public
2024-07-29 10:19:10
Tags
URL
haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Finishing URL
haucawoug.com/single-page/145?z=5615727&var=841732872225169408
IP / ASN
172.67.145.197
#13335 CLOUDFLARENET
Title
Participate in Our Exclusive Online Survey: Share Your Insight

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
e6.o.lencr.org	unknown	2020-06-29	2024-06-07 08:35:09	2024-07-28 18:13:41	326 B	729 B	23.36.76.226
auchoahy.net	unknown	2024-07-24	2024-07-27 15:10:36	2024-07-27 15:10:36	547 B	483 B	139.45.197.226
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2024-07-28 19:11:04	425 B	738 B	139.45.195.8
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-07-28 18:17:42	2.6 kB	7.1 kB	23.36.76.226
haucawoug.com	unknown	unknown	No data	No data	12 kB	378 kB	104.21.63.132
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-07-28 18:14:44	327 B	887 B	23.36.76.226
arleavannya.com	unknown	2024-01-22	2024-01-22 21:55:05	2024-07-28 17:49:55	462 B	845 B	139.45.197.248

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-29	medium	auchoahy.net	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed
2024-07-28	medium	haucawoug.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	From	Size	First Seen	Last Seen
	haucawoug.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5615727&ymid=841732872225169408&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=&os_version=&btz=UTC&bto=0&z=7490937&cdn=1&ab2=&ab2_ttl=5184000&domain=	ScriptElement	46 kB	2024-07-26	2024-08-19
Pretty URL haucawoug.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5615727&ymid=841732872225169408&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=&os_version=&btz=UTC&bto=0&z=7490937&cdn=1&ab2=&ab2_ttl=5184000&domain= IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 18:57 Last Seen2024-08-19 15:40 Times Seen547 Hash 330e07243aa1347d0727931c5f42ffe0 9fd6218a23b26bba4f6f47a88943c06130323dd6 3038ea5e50e6a506794417b0ce509010ad2198368ff940ceb4b83227664dcbf3 Loading...

	haucawoug.com/single-page/145/?z=5615727&var=841732872225169408	ScriptElement	3.3 kB	2024-07-25	2024-08-19
Pretty URL haucawoug.com/single-page/145/?z=5615727&var=841732872225169408 IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-25 15:03 Last Seen2024-08-19 15:47 Times Seen28 Hash bcc8c305c465803822af39384a8feadc e099a9b674714e18bf4d63bd0575f1cfa74b4cda 5b655ba3edd808ad30d565a7c9730e25552c0ab758ee9002d99758ed487a4a4d Loading...

	haucawoug.com/_next/static/chunks/main-beb6af9e60a8e042.js	ScriptElement	109 kB	2024-03-02	2024-08-20
Pretty URL haucawoug.com/_next/static/chunks/main-beb6af9e60a8e042.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-02 21:14 Last Seen2024-08-20 08:30 Times Seen2393 Hash 49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4 Loading...

	haucawoug.com/_next/static/chunks/pages/_app-0585c48a645ae867.js	ScriptElement	48 kB	2024-07-26	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/pages/_app-0585c48a645ae867.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 20:10 Last Seen2024-08-19 15:40 Times Seen167 Hash fb950c1cc5ea66d8081e31a8693c2e2b e7e6384655056156983e308be992b52c55aa7f23 628cea7ae3a51d2ead87bc4b3daccba5fafd9c67898ef61e46ef3228cb0ec955 Loading...

	haucawoug.com/_next/static/chunks/810.f3820b52ee95ba41.js	ScriptElement	10 kB	2024-07-25	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/810.f3820b52ee95ba41.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-25 16:39 Last Seen2024-08-19 15:47 Times Seen443 Hash fbfc0c1ad00b4aadf66589f8f19a2b89 79724b83987373049a3187d5d2ca1655f796f854 333036cd4b96d038480be44716fbd6170d1c43135347efa6f20b410d72f51c33 Loading...

	haucawoug.com/_next/static/chunks/2734.bbc6ed86e30997d0.js	ScriptElement	4.5 kB	2024-07-16	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/2734.bbc6ed86e30997d0.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-16 16:40 Last Seen2024-08-19 16:46 Times Seen643 Hash edb04bdb3e423c113c42552c93f2e89d fe5673deee7ed3ed6082f9da011c421c9b7f47c1 2f9925b884652018969b4158ded1acd963fdd22a6e1d5323375ae9c80750cc78 Loading...

	haucawoug.com/single-page/145/?z=5615727&var=841732872225169408	ScriptElement	17 kB	2024-07-25	2024-08-19
Pretty URL haucawoug.com/single-page/145/?z=5615727&var=841732872225169408 IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-25 12:20 Last Seen2024-08-19 15:48 Times Seen943 Hash 96c0ca7b416add168fe687e513688c1c 0592f8166a689e2a5de89c0fff645d1637d01f0c bc7836e72fb3e24ff37528b52992403b6e3b25e6ce00efb09e2ff91bb468d4fa Loading...

	haucawoug.com/_next/static/chunks/webpack-dd1847d371f28c48.js	ScriptElement	6.2 kB	2024-07-26	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/webpack-dd1847d371f28c48.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 20:10 Last Seen2024-08-19 15:40 Times Seen167 Hash a55d58fd0b0412c4f8755fc7811a85ae ced35062e097ac5cc5e2aa926fe768dd89894340 51fa9d5e21f9c3de83048806d54f874387e15eaa31f5f47d8715dc0b98672627 Loading...

	haucawoug.com/_next/static/FQtUDibKAOyE4tJDKKJT8/_ssgManifest.js	ScriptElement	134 B	2024-01-31	2025-04-16
Pretty URL haucawoug.com/_next/static/FQtUDibKAOyE4tJDKKJT8/_ssgManifest.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-31 16:47 Last Seen2025-04-16 11:01 Times Seen9660 Hash 5af451de5239a70857cf148059518454 d6735fa6bfc3626a57b75af27472aead7bbbcfd2 44c6c8a145065314f0fcf7e1a9624f4f73f49136ffdb9441199ec7166c6bfe33 Loading...

	haucawoug.com/_next/static/chunks/8759.4b325d3b5e02a887.js	ScriptElement	6.3 kB	2024-07-25	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/8759.4b325d3b5e02a887.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-25 16:39 Last Seen2024-08-19 15:47 Times Seen418 Hash bdc5736a22bf699182e64f409c7e4f14 27cd2fac6173e1ed632775904c493ee2e93c2837 723dbe9b4716ac5bc04c040fd7db8557e574bcb17897e5b026193e6ab246d686 Loading...

	haucawoug.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f4f7a87d7be323ee.js	ScriptElement	31 kB	2024-07-26	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f4f7a87d7be323ee.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 20:10 Last Seen2024-08-19 15:40 Times Seen155 Hash d3ab6cd0238a35e396a6266bdad730b5 fe6c156a816236b2f85d0f65474e1a1fb2d73521 24cfe321667a3699360703c3dfedf76e2c931d976c623fd6673886ddd2c7a992 Loading...

	haucawoug.com/_next/static/FQtUDibKAOyE4tJDKKJT8/_buildManifest.js	ScriptElement	1.0 kB	2024-07-26	2024-08-19
Pretty URL haucawoug.com/_next/static/FQtUDibKAOyE4tJDKKJT8/_buildManifest.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 20:10 Last Seen2024-08-19 15:40 Times Seen166 Hash ae02b4a185e4a881030ce91404715fc8 f8e8eb7872f077bc770c0f1187610d60cfdd849b 4f986206604e09fd8e60fa25c6f8c67caa0bb0aa91e16e5f631c5b747c83ebcf Loading...

	haucawoug.com/_next/static/chunks/3586.ad2c11bc05da5ebf.js	ScriptElement	9.3 kB	2024-07-25	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/3586.ad2c11bc05da5ebf.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-25 16:39 Last Seen2024-08-19 15:47 Times Seen180 Hash 0e78e4f0c2b7005a421ebb58c64e5079 d70ca990e288bf35f22fb175b3b44b75cb704557 991c5b4f7098d332c91db7fed88675ebeec69a9112c1f7234a1fea1d81de3ce8 Loading...

	haucawoug.com/_next/static/chunks/2798.8b54c5a7f4399151.js	ScriptElement	7.5 kB	2024-07-24	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/2798.8b54c5a7f4399151.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-24 16:18 Last Seen2024-08-19 15:53 Times Seen294 Hash 600453148e24a41d78b41ed41090fc61 31a7aaf4c84dfd6ac6de5e99594900f3164481da f031bd57adc19d721d6144f217ed38c42f4fca5c918279757948c9cca21b22a6 Loading...

	haucawoug.com/_next/static/chunks/7983.eb9b410d8acc4fc1.js	ScriptElement	3.2 kB	2024-07-26	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/7983.eb9b410d8acc4fc1.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 23:20 Last Seen2024-08-19 15:39 Times Seen21 Hash b4d4be52efe6556a00897b0dd19b0bc5 2237420629097f7aab8b001941a83374d7bab791 4c6e6489c39a16c4525c635121041c33b15e46d2331b58fe1a505006ac8da684 Loading...

	haucawoug.com/_next/static/chunks/framework-8940d626f3bfb7e9.js	ScriptElement	26 kB	2024-04-25	2024-08-20
Pretty URL haucawoug.com/_next/static/chunks/framework-8940d626f3bfb7e9.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 15:50 Last Seen2024-08-20 02:49 Times Seen3291 Hash 33a34c525e2bee14a166fe1289835308 4afb650772181930d19dca9a41490beea5087932 bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555 Loading...

	haucawoug.com/_next/static/chunks/6674-0ba16d017546c4b8.js	ScriptElement	38 kB	2024-07-26	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/6674-0ba16d017546c4b8.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 20:10 Last Seen2024-08-19 15:40 Times Seen165 Hash cd98dff3081acee250db8aa7fae91400 c49d2fa69c28d437fb5e1dede35898aaee75794f 882dd46e7f8c25f833ad4f8b992e71fd9dd649ab6b21dcf5fc92ac21b9b723b0 Loading...

	haucawoug.com/single-page/145/?z=5615727&var=841732872225169408	ScriptElement	3.5 kB	2024-07-16	2024-08-29
Pretty URL haucawoug.com/single-page/145/?z=5615727&var=841732872225169408 IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-07-16 18:51 Last Seen2024-08-29 18:15 Times Seen1293 Hash 2b70019b314895a1f3b10c2f4a33591e 5c6468426a43247d6daf379f7647a91c08595ebc c874febfa204cc0ba267a2a25247c5965f93346ef9d9cc1b8102976b5d8de875 Loading...

	haucawoug.com/_next/static/chunks/839.3015c18d03ae6ad2.js	ScriptElement	10 kB	2024-07-25	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/839.3015c18d03ae6ad2.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-25 12:20 Last Seen2024-08-19 15:48 Times Seen632 Hash 38d733e9f951afc8867f4d9da63c427c a2bfb79eea857925aa540696ba379e2f7704bdfd 4af53d1a12dfa74312823b3b227c18057c1b62967e9f056c4da6d4df46380964 Loading...

	haucawoug.com/_next/static/chunks/427.4dc22f62bf3faf82.js	ScriptElement	13 kB	2024-07-26	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/427.4dc22f62bf3faf82.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-26 23:20 Last Seen2024-08-19 15:39 Times Seen96 Hash 8bbe9026c1f712fb1ef9e24340cce041 edefd16d2f29c8e49c44d4dfee0ca7d5c5f76dbf 6315c594210593b199be278265ac8c6232902e60fefd3b32d82bfa3356a26e86 Loading...

	haucawoug.com/_next/static/chunks/8904.bb7f4acee0b7d2dd.js	ScriptElement	3.4 kB	2024-07-25	2024-08-19
Pretty URL haucawoug.com/_next/static/chunks/8904.bb7f4acee0b7d2dd.js IP 104.21.63.132 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-25 12:20 Last Seen2024-08-19 15:48 Times Seen573 Hash cfb8a8734558c1a3529863ca2ad9c65c ccd64a97a89944dbe4c3a56d0139e0ef1bdf9538 0bffcdc5bf48c81cf2ba7bfcc52f2fcbb621118e3189d86d89280326ad077ed1 Loading...

HTTP Transactions (41)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
1923cde36555abe065c52a358521a6f5
1cfff065ff7d9706aa7142cc99855769a50f642e
9bdc1a9c47d76dc96134b04996050573491d15a2d8b6be4157791b9d6f0766c9

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "9BDC1A9C47D76DC96134B04996050573491D15A2D8B6BE4157791B9D6F0766C9"
Last-Modified: Sat, 27 Jul 2024 06:56:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4431
Expires: Mon, 29 Jul 2024 11:32:35 GMT
Date: Mon, 29 Jul 2024 10:18:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2d61bb5b56bc4df48e399a14ebeea8ca
60814ad62b84875481a3fc851280f608dbc0b4f6
504effa12a1ca53eac798bf38ea5a9edde08ec398b53c8de2885a94f133ea845

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "504EFFA12A1CA53EAC798BF38EA5A9EDDE08EC398B53C8DE2885A94F133EA845"
Last-Modified: Sat, 27 Jul 2024 06:27:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4329
Expires: Mon, 29 Jul 2024 11:30:53 GMT
Date: Mon, 29 Jul 2024 10:18:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b4e7d529107c1c5044860fb7b56942ca
dceacb49fd49caaa8aaa4e403f2516696467fe24
d5e5dfe382059e479448fbd9adc4d0130f6fa669a454173c6fbc377f23397312

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "D5E5DFE382059E479448FBD9ADC4D0130F6FA669A454173C6FBC377F23397312"
Last-Modified: Sat, 27 Jul 2024 06:26:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10512
Expires: Mon, 29 Jul 2024 13:13:56 GMT
Date: Mon, 29 Jul 2024 10:18:44 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
81824d7fe3586f45f4b9de236d1c9ea6
5027c81d077b62345c80560922f2d6cd51c42efb
8fdc10e4c15083f0f547cf016657e65e77beb95ca9ed87c0aa820ae2054a9a99

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8FDC10E4C15083F0F547CF016657E65E77BEB95CA9ED87C0AA820AE2054A9A99"
Last-Modified: Sat, 27 Jul 2024 06:57:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14489
Expires: Mon, 29 Jul 2024 14:20:13 GMT
Date: Mon, 29 Jul 2024 10:18:44 GMT
Connection: keep-alive

GET haucawoug.com/_next/static/media/bag-money.66d70492.webp

104.21.63.132

200 OK

8.1 kB

URL GET HTTP/3
haucawoug.com/_next/static/media/bag-money.66d70492.webp
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
8.1 kB (8132 bytes)
Hash
92fa9a9f4fdc737ac45d1de8b543ffa8
3ec775edaeb060d29e753b3b9870de33033ef7aa
172b14289e6fe8b24b87911f936c50d4cb26c534d30a8b0ff8e89b6305eed147

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/media/bag-money.66d70492.webp HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: image/webp
content-length: 8132
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
vary: Accept-Encoding
etag: "66a394de-1fc4"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 3827
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WlhFnvL4D0YtxK6EEhMQfInJiiRx5O4tMT8nM4CmJZ7lra53y6Z9FPj%2FgYzoSwVeC59uJm%2BSckiZ2cNFFJ3wSMdavvnC3ndC8DTy0ZBgpL%2BNBS6IbAwQA4XoGJuSkfmf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf891ab512-OSL
alt-svc: h3=":443"; ma=86400

r11.o.lencr.org/

23.36.76.226

504 B

URL
r11.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
2863fc70f0ce53a03352edba98a5c6ec
b9d26933d76b3fb0a9a621844cbb4da9bde251a1
b7bf00d3468096176423e726298068cb2c91ba47de241b3ca5f4c73f823e0a37

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B7BF00D3468096176423E726298068CB2C91BA47DE241B3CA5F4C73F823E0A37"
Last-Modified: Sat, 27 Jul 2024 06:44:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3070
Expires: Mon, 29 Jul 2024 11:09:55 GMT
Date: Mon, 29 Jul 2024 10:18:45 GMT
Connection: keep-alive

GET haucawoug.com/_next/static/chunks/main-beb6af9e60a8e042.js

104.21.63.132

200 OK

49 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/main-beb6af9e60a8e042.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
49 kB (48906 bytes)
Hash
49c6f57370e917bd37dc7d4d4d0bdb56
f5b56f5b9498f3500055c5614808903d85303991
0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"66a394de-1a957"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OxmzX0jyJjb5iiubKujnEIldQORyZYxX11hqbmmzZ%2BGKB3QRlI8TSUlVsshJEcxC1MgoKAlrpMxYBsskH1RXiXj2yTKa4Venuj%2FnnwpI%2FIBYFcvVb4cgExTg7XeD80ez"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf7907b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/rotate?zz=7490945&var=5615727&ymid=841732872225169408&ab2r=&var_3=&var_4=&os_version=

104.21.63.132

200 OK

890 B

URL GET HTTP/3
haucawoug.com/rotate?zz=7490945&var=5615727&ymid=841732872225169408&ab2r=&var_3=&var_4=&os_version=
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JSON text data
Size
890 B (890 bytes)
Hash
a12f5464216cb3caaa861fd64e326249
0bcddb216353a8c7b41c84a36c2b9c022e5359f3
2a00266bfe709019674372f79843b69d4f48aa62aaf963fa8a89a7b804b0d523

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /rotate?zz=7490945&var=5615727&ymid=841732872225169408&ab2r=&var_3=&var_4=&os_version= HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: d3149915e5e65c638679034cd37c4dcf
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
timing-allow-origin: *
access-control-allow-origin: https://haucawoug.com/
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=ae2633d1e59440f0af6de977591f95d3; expires=Tue, 29 Jul 2025 10:18:45 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dRRVrsB7fY12ufWNS0dW%2B93ew2%2BQQE8iquZj1kXKyySQjC5zHPcYTA4dfgzyUoo2GCHe3G%2BFJn56DiRO7PHkOoM0I4FvBt291cinO1%2B8c5JW9HJy7omgVfL08wu48xJK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de01a58b512-OSL
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/framework-8940d626f3bfb7e9.js

104.21.63.132

200 OK

9.9 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/framework-8940d626f3bfb7e9.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (25995), with no line terminators
Size
9.9 kB (9940 bytes)
Hash
33a34c525e2bee14a166fe1289835308
4afb650772181930d19dca9a41490beea5087932
bebac61ce044debeb2025b1fbf1c95f1b9a4bc97d0702676dea22b0bb689b555

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/framework-8940d626f3bfb7e9.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-658b"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EPiS%2BCgjSee5VC6VTqvXxkr5v%2FgwNl327LtsHPVQKZPvhnFQYN5dBwtVX3gGUZ5NJVbD%2FNfXsoofhCR%2FZaodMiG6QcEuNhHpFlfdVbBLuzsW0f2nI%2FaWwTSrOXGMomyy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf7902b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/7983.eb9b410d8acc4fc1.js

104.21.63.132

200 OK

1.1 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/7983.eb9b410d8acc4fc1.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (3173), with no line terminators
Size
1.1 kB (1071 bytes)
Hash
b4d4be52efe6556a00897b0dd19b0bc5
2237420629097f7aab8b001941a83374d7bab791
4c6e6489c39a16c4525c635121041c33b15e46d2331b58fe1a505006ac8da684

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/7983.eb9b410d8acc4fc1.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-c65"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 3826
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zyWlGjL8jj0kU84yeSc5nSNfAjwsoqP4tINZFuACTk1PqPYdBmW9bNe0gGaWcNPnAkvpIx5LVI%2BnIp6bU2sQsNt2FpGotl0bYHIzbmh5zVWxxyc%2BdMzW9mjbtWeiadQ%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf78fdb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

OPTIONS arleavannya.com/sync-metrics

139.45.197.248

200 OK

17 B

URL OPTIONS HTTP/2
arleavannya.com/sync-metrics
IP
139.45.197.248:443
ASN
#9002 RETN Limited

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerLet's Encrypt
Subjectarleavannya.com
FingerprintE4:D4:9E:1D:AE:92:48:76:88:11:4C:36:B1:41:35:A8:55:C9:8E:9C
ValidityWed, 26 Jun 2024 19:28:37 GMT - Tue, 24 Sep 2024 19:28:36 GMT

File type
JSON text data
Size
17 B (17 bytes)
Hash
5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

HTTP Headers

POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 288
Origin: https://haucawoug.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 599a0d5ba19a6b722f4eae97ae3d5ca8
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://haucawoug.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

e6.o.lencr.org/

23.36.76.226

346 B

URL
e6.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
433ff18a0418b5bc38bd45beff738dd9
da350f12d5dc714e3b714c577a3e2f3bd9dcb36f
9804675a3dd58688b2c96adc9d4a71015324208229cd56d36b4b7514435bf55f

HTTP Headers

POST / HTTP/1.1
Host: e6.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9804675A3DD58688B2C96ADC9D4A71015324208229CD56D36B4B7514435BF55F"
Last-Modified: Sat, 27 Jul 2024 07:08:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4797
Expires: Mon, 29 Jul 2024 11:38:42 GMT
Date: Mon, 29 Jul 2024 10:18:45 GMT
Connection: keep-alive

GET haucawoug.com/favicon.ico

104.21.63.132

204 No Content

0 B

URL GET HTTP/3
haucawoug.com/favicon.ico
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: OAID=2yddreqnmwqfvgs7s14hs5bjhdx8i; syncedCookie=true; oaidts=1722248325
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Mon, 29 Jul 2024 10:18:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6523
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPP%2FaOhijwOQ3PORWnp%2BpMJzjE0CmIMifHxeQrSw1dx8hBxzjSVuMaeXCD7m03QPDsPe5grTEB4VfOTJ9wBhpcTbzHpbAOTkWgE5tky%2BYYrqKQVbWNuh82%2FRWkyhUkQy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8aac5de368f5b512-OSL
alt-svc: h3=":443"; ma=86400

POST auchoahy.net/zone?&pub=0&zone_id=7490937&is_mobile=false&domain=haucawoug.com&var=5615727&ymid=841732872225169408&var_3=&var_4=&dsig=&tg=1&sw=3.1.543&trace_id=265d8536-f78a-4fc6-bbf1-4aa1859f8a6b&action=prerequest&drf=

139.45.197.226

200 OK

0 B

URL POST HTTP/2
auchoahy.net/zone?&pub=0&zone_id=7490937&is_mobile=false&domain=haucawoug.com&var=5615727&ymid=841732872225169408&var_3=&var_4=&dsig=&tg=1&sw=3.1.543&trace_id=265d8536-f78a-4fc6-bbf1-4aa1859f8a6b&action=prerequest&drf=
IP
139.45.197.226:443
ASN
#9002 RETN Limited

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerLet's Encrypt
Subjectauchoahy.net
Fingerprint3A:DE:56:77:2E:4A:67:9D:EB:BA:DD:AD:1D:1D:00:38:3D:CC:CE:3B
ValidityWed, 24 Jul 2024 08:39:43 GMT - Tue, 22 Oct 2024 08:39:42 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /zone?&pub=0&zone_id=7490937&is_mobile=false&domain=haucawoug.com&var=5615727&ymid=841732872225169408&var_3=&var_4=&dsig=&tg=1&sw=3.1.543&trace_id=265d8536-f78a-4fc6-bbf1-4aa1859f8a6b&action=prerequest&drf= HTTP/1.1
Host: auchoahy.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Mon, 29 Jul 2024 10:18:45 GMT
content-length: 0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fe86340c305817b173f7c0f3f59c795b
bae41a5fad9f6cf6e13281eb7d567d6103f292b3
310ca992570f568ed449d579727a026e44e75f4dd6a609897a3fba0bc7cbce57

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "310CA992570F568ED449D579727A026E44E75F4DD6A609897A3FBA0BC7CBCE57"
Last-Modified: Sat, 27 Jul 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6357
Expires: Mon, 29 Jul 2024 12:04:44 GMT
Date: Mon, 29 Jul 2024 10:18:47 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fe86340c305817b173f7c0f3f59c795b
bae41a5fad9f6cf6e13281eb7d567d6103f292b3
310ca992570f568ed449d579727a026e44e75f4dd6a609897a3fba0bc7cbce57

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "310CA992570F568ED449D579727A026E44E75F4DD6A609897A3FBA0BC7CBCE57"
Last-Modified: Sat, 27 Jul 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6357
Expires: Mon, 29 Jul 2024 12:04:44 GMT
Date: Mon, 29 Jul 2024 10:18:47 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fe86340c305817b173f7c0f3f59c795b
bae41a5fad9f6cf6e13281eb7d567d6103f292b3
310ca992570f568ed449d579727a026e44e75f4dd6a609897a3fba0bc7cbce57

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "310CA992570F568ED449D579727A026E44E75F4DD6A609897A3FBA0BC7CBCE57"
Last-Modified: Sat, 27 Jul 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6357
Expires: Mon, 29 Jul 2024 12:04:44 GMT
Date: Mon, 29 Jul 2024 10:18:47 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
fe86340c305817b173f7c0f3f59c795b
bae41a5fad9f6cf6e13281eb7d567d6103f292b3
310ca992570f568ed449d579727a026e44e75f4dd6a609897a3fba0bc7cbce57

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "310CA992570F568ED449D579727A026E44E75F4DD6A609897A3FBA0BC7CBCE57"
Last-Modified: Sat, 27 Jul 2024 06:58:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6357
Expires: Mon, 29 Jul 2024 12:04:44 GMT
Date: Mon, 29 Jul 2024 10:18:47 GMT
Connection: keep-alive

POST haucawoug.com/event

104.21.63.132

200 OK

6.9 kB

URL POST HTTP/3
haucawoug.com/event
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JSON text data
Size
6.9 kB (6896 bytes)
Hash
8d4fc46f15d84dc05bd56f3de87f6f1d
a16ced1665cf4c99345e4644cfd9353dd4551ff6
0b16505271e39e032fd89c66cd9e2da80d89732037d5df6336487762a4e645af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /event HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1543
Origin: https://haucawoug.com
DNT: 1
Connection: keep-alive
Cookie: OAID=ae2633d1e59440f0af6de977591f95d3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://haucawoug.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5KGTVszPBYi1RKJaVDJ5QDIcFmlNRba5phTi%2B%2BSRPOjjodb1ZE9RBknk2mo1ydPasO%2BeaosQ7aLQm52ryGEj70ehyhIsRKH6SOui3qrypY7XRkEnNlf5Cq1zWSjqeZz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de1ad38b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/FQtUDibKAOyE4tJDKKJT8/_buildManifest.js

104.21.63.132

200 OK

7.8 kB

URL GET HTTP/3
haucawoug.com/_next/static/FQtUDibKAOyE4tJDKKJT8/_buildManifest.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
ASCII text, with very long lines (1040), with no line terminators
Size
7.8 kB (7837 bytes)
Hash
ae02b4a185e4a881030ce91404715fc8
f8e8eb7872f077bc770c0f1187610d60cfdd849b
4f986206604e09fd8e60fa25c6f8c67caa0bb0aa91e16e5f631c5b747c83ebcf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/FQtUDibKAOyE4tJDKKJT8/_buildManifest.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-410"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dm1pE6JE2H9a6CZ%2FyqqrGoQ1OdsG8E3TmyQTCKjwOBT8Smim1wrJ73%2FkYEl%2BU1q5LpgZ9XRE5ocjqYMt5cD6pN5qLs1oIB1hc1WSOVE9idC8pB2KadHvvajA%2BSf6CYxN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf8913b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/single-page/145/?z=5615727&var=841732872225169408

104.21.63.132

200 OK

35 kB

URL User Request GET HTTP/2
haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type

Size
35 kB (35112 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /single-page/145/?z=5615727&var=841732872225169408 HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 29 Jul 2024 10:18:44 GMT
content-type: text/html
last-modified: Fri, 26 Jul 2024 12:21:51 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZP2Sv9c5gRtFgsr5b7niA7rnCcSOcRDtk3jSjABdE0aKnCPd9OrwHT5jMcn8T6Z52c%2B71boOA4I3bbgYGysr%2FbUsrz6IR1Nx6ENSaXSfEjVYg7lSA%2BrOcBClWZXKU5Eg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddd0b800b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET haucawoug.com/_next/static/chunks/3586.ad2c11bc05da5ebf.js

104.21.63.132

200 OK

9.3 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/3586.ad2c11bc05da5ebf.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (9318), with no line terminators
Size
9.3 kB (9270 bytes)
Hash
ff23212be9f3089301bf2909abd240fa
9b9f39514bf03af0dc7975549a89566a021b329a
2479c45ea1288b2935b34d9b68737c515a68a60d289db2604c4b4aa34cda78c1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/3586.ad2c11bc05da5ebf.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-2436"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4752
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIyJRcUM%2BRFiVv2gQl10vikvLA%2FHTmFgYL6GG4jwS%2Bu2ZkuS2%2F2fEEgTkuFXHvlyp5HLN0lavTk%2BpVJFF182LGV3hyVTNdVExMwkxYaN4ZRf0tv9Ml2PwZ24tvqgjmqS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf78ecb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

POST haucawoug.com/custom

104.21.63.132

200 OK

39 B

URL POST HTTP/3
haucawoug.com/custom
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
c16023891530fbce40f0a1244c3af01c
e15d9dff768d82673e5e797a8395d1fa7d9049b7
c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 354
Origin: null
DNT: 1
Connection: keep-alive
Cookie: OAID=ae2633d1e59440f0af6de977591f95d3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJ0xo4sHt5e2iJlQL8WpXm5cHEC8GeniIbvC2DkfKvp%2BgCx4XjI67s5yCKsE7904TTrxt0KE4p%2BytJ7xIZfF4Ir3NJuOBOeFEtUuwI7HvGzCTIJlvY7otXhUmkCr%2FTRw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de1ad36b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/2798.8b54c5a7f4399151.js

104.21.63.132

200 OK

7.5 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/2798.8b54c5a7f4399151.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (7685), with no line terminators
Size
7.5 kB (7530 bytes)
Hash
b83e80cff87b9087250e0e504653916b
e295d63d4f8a06284bd8b0e0c47ad4d67b0a9a8a
8a58913797d0ceb4589465669f67f3004c0a18a3fe63439654986b2f42d49e43

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2798.8b54c5a7f4399151.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-1d6a"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BrCJr8UBVTonsLNk%2B1tTjxSVP2L%2BkjSMERW14LukdvQ6C4IoooMz%2BR05%2F2UY5gW5rvlkiWRVD1B%2Fk5kMbePoXdaaeEYrfPuoOX96e%2FpI1vRXIiQ%2B1ZHnLaLeFjjYTXh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf78f5b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/FQtUDibKAOyE4tJDKKJT8/_ssgManifest.js

104.21.63.132

200 OK

134 B

URL GET HTTP/3
haucawoug.com/_next/static/FQtUDibKAOyE4tJDKKJT8/_ssgManifest.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
ASCII text, with no line terminators
Size
134 B (134 bytes)
Hash
8ffe0d99020b7535af6db34ba54a25cf
c9e0b6379bdae795228998c3050d295d14e65669
1f5fd7652f124b236dc9ef40458fe6fbbd3b09ef521cd3e4f22602450525773c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/FQtUDibKAOyE4tJDKKJT8/_ssgManifest.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-86"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4754
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vGWWqt6r1Tbz%2Bw5lTikFzBuC%2FctlwM6CoVDiRTET0VC9jeuL%2BhxoXV4fZiDhD0tssIlGwJk7oCKp%2FJ%2FoULnBkkjkNq091Cah9lOjPTsvIps4j5r7evo7vHa5HAp4IV7v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf8917b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/810.f3820b52ee95ba41.js

104.21.63.132

200 OK

10 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/810.f3820b52ee95ba41.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (10204), with no line terminators
Size
10 kB (10204 bytes)
Hash
fbfc0c1ad00b4aadf66589f8f19a2b89
79724b83987373049a3187d5d2ca1655f796f854
333036cd4b96d038480be44716fbd6170d1c43135347efa6f20b410d72f51c33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/810.f3820b52ee95ba41.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-27dc"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1397
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TeXSS74kS5DPKqqSpFt0XPb4ySWB3loyKbmmYf%2Bk59AUlAnQjK2A9gk5F6bmwCplzVonc6tghYaye5Uap3AwRrRs8o3dAe3hrqH%2BczkGm4v0%2BfcKRDHh4hp2nYBKt9Is"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de0ab50b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/sw/universal.js?var=5615727&ymid=841732872225169408&ab2_ttl=5184000&zoneId=7490937

104.21.63.132

200 OK

1.4 kB

URL GET HTTP/3
haucawoug.com/sw/universal.js?var=5615727&ymid=841732872225169408&ab2_ttl=5184000&zoneId=7490937
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
ASCII text, with very long lines (1515), with no line terminators
Size
1.4 kB (1433 bytes)
Hash
422ad993943fb23429b7684bf9f27db3
90226fc9e56b9ec8c02d42e4caf820aa7bba5945
770d4d3ce80bafb24f2aee344031670ff0031b4ab24bde75b79384cbef0230fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sw/universal.js?var=5615727&ymid=841732872225169408&ab2_ttl=5184000&zoneId=7490937 HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Cookie: OAID=ae2633d1e59440f0af6de977591f95d3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
vary: Accept-Encoding
etag: W/"66a394de-599"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iVmPJbXki5zaPi%2Bme%2BCyAc%2BN1w9oC0tPbcdGlWUoub%2FUjlq36RSy8Fo5kRC1FXCagy5aPqNxpk5PO6D2trr3IF6dIVPGzo4xUjI34s3eCmKXaHInzlFW3kKaI60Wp4qr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de1ad39b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/8904.bb7f4acee0b7d2dd.js

104.21.63.132

200 OK

3.4 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/8904.bb7f4acee0b7d2dd.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (3483), with no line terminators
Size
3.4 kB (3421 bytes)
Hash
8223fdec65e29548eb14c2bfe23371ac
afa39afb60d31d5c73f8ebd0cf24d33b36ac9de1
b746270895a6ea1ad91be84ed24242a3b5b7680b8c428270fab980333240a5b9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8904.bb7f4acee0b7d2dd.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-d5d"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1397
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFFIxHFaxFEiB%2Bxo%2BhlqdjsHPqdVek8M5pxbFak2FXuSEc%2BpIbxUwRAfgDrg3XFgjFCYUbyBR6cvnExgFZU8ALuFITu92UzwUXLg5zKcHzXbpv0t1yMsXHWEZ3w1K%2FYL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de0ab54b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/427.4dc22f62bf3faf82.js

104.21.63.132

200 OK

13 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/427.4dc22f62bf3faf82.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (12695), with no line terminators
Size
13 kB (12695 bytes)
Hash
8bbe9026c1f712fb1ef9e24340cce041
edefd16d2f29c8e49c44d4dfee0ca7d5c5f76dbf
6315c594210593b199be278265ac8c6232902e60fefd3b32d82bfa3356a26e86

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/427.4dc22f62bf3faf82.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-3197"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=81RxZ5zaeUq%2B1VQ4V5tWxBouOm7dXDXhetuCdAoSisZdooAE0mTOe6g3x%2FNecaGS6A9pAFutEOccGaoTV4yPIEnuncgUm8x40ae%2BrR88KAcYlJl51z7bKJE81rYzsAQC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf78fab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

POST haucawoug.com/custom

104.21.63.132

200 OK

39 B

URL POST HTTP/3
haucawoug.com/custom
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
c16023891530fbce40f0a1244c3af01c
e15d9dff768d82673e5e797a8395d1fa7d9049b7
c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 355
Origin: null
DNT: 1
Connection: keep-alive
Cookie: OAID=ae2633d1e59440f0af6de977591f95d3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRnKqGezvctZLxII2BmFAG%2FLCQ1muv8M1vmb2HrMArg1ysteNotgPmWYfLokf7xjzO3qYWaXoSDDH%2By8YB57oCudAxJVUV2f3vs6kPKRbgXbtp1oHl1RftwKQeiOYi%2Fl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de1ad30b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/839.3015c18d03ae6ad2.js

104.21.63.132

200 OK

10 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/839.3015c18d03ae6ad2.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (10454), with no line terminators
Size
10 kB (10454 bytes)
Hash
38d733e9f951afc8867f4d9da63c427c
a2bfb79eea857925aa540696ba379e2f7704bdfd
4af53d1a12dfa74312823b3b227c18057c1b62967e9f056c4da6d4df46380964

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/839.3015c18d03ae6ad2.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-28d6"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1426
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJ2FHZdRkbvRR%2FOLfhsSROmUncoa3veoieBVtq5Tj7Mi2RJ1dMXsbc0H%2BQhVBAFohDxd%2BR6%2F139SZg6ga%2BxACaEJ0nbWMJzUdU6lJlt9RmNrjhntgFI1PU5XiX%2FXVIIp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf68e5b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/pages/_app-0585c48a645ae867.js

104.21.63.132

200 OK

48 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/pages/_app-0585c48a645ae867.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (48076), with no line terminators
Size
48 kB (48076 bytes)
Hash
fb950c1cc5ea66d8081e31a8693c2e2b
e7e6384655056156983e308be992b52c55aa7f23
628cea7ae3a51d2ead87bc4b3daccba5fafd9c67898ef61e46ef3228cb0ec955

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/_app-0585c48a645ae867.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-bbcc"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ycoc%2B2p%2B66Z4Ixk%2BouyMfkqJY%2BhMvMZKQnQteycRz2Nn%2FPtAOuCFgfH1djNeeeqDauyir1HKZT8hISG1IEPzXN8qvcioGJkHbB5Zq3faAS6JhrxAxq2ElaHUnlMso7Db"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf790bb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/css/0bc0cde260d08b97.css

104.21.63.132

200 OK

1.8 kB

URL GET HTTP/3
haucawoug.com/_next/static/css/0bc0cde260d08b97.css
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
ASCII text, with very long lines (1841), with no line terminators
Size
1.8 kB (1841 bytes)
Hash
ff1d3d5d24ca0172d59b02e7505ddaa1
41e83ee08e21f369886b0fdad0ba01d8b20897b6
939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"66a394de-733"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1426
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PdVtVlIPGYlJ7LUVcBvleSNk0ck1BdhwuDSdiphtfrjBF6ifl2k2iP1zh9Ukyk2%2FCfjekFz28JTMrbUs39l4vRo0mJGuhjjxVdV3JJYFpCdWB2uvkfDmsCeSGQIj78r1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf68e2b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5615727&ymid=841732872225169408&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=&os_version=&btz=UTC&bto=0&z=7490937&cdn=1&ab2=&ab2_ttl=5184000&domain=

104.21.63.132

200 OK

46 kB

URL GET HTTP/3
haucawoug.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5615727&ymid=841732872225169408&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=&os_version=&btz=UTC&bto=0&z=7490937&cdn=1&ab2=&ab2_ttl=5184000&domain=
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (45536), with no line terminators
Size
46 kB (45536 bytes)
Hash
330e07243aa1347d0727931c5f42ffe0
9fd6218a23b26bba4f6f47a88943c06130323dd6
3038ea5e50e6a506794417b0ce509010ad2198368ff940ceb4b83227664dcbf3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=5615727&ymid=841732872225169408&b=&campaignid=&click_id=&ab2r=&rhd=1&var_3=&oaid=&os_version=&btz=UTC&bto=0&z=7490937&cdn=1&ab2=&ab2_ttl=5184000&domain= HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
last-modified: Fri, 26 Jul 2024 12:16:19 GMT
vary: Accept-Encoding
etag: W/"66a39393-b1e0"
access-control-allow-credentials: true
cache-control: max-age=1800
pragma: no-cache
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J1L06dSJn4vjvWcdr1G%2FZB8Kt9INZOPxzMrqJc9mxuhHEejcxP2SKG4%2BeTBnEAFqYQhna58SLk18XDTsoxRBUr%2BrwuK3CMHEGrkISLpz6Lv86aKsyPWjdKe4AnM81xFP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de01a4db512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/2734.bbc6ed86e30997d0.js

104.21.63.132

200 OK

4.5 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/2734.bbc6ed86e30997d0.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (4572), with no line terminators
Size
4.5 kB (4494 bytes)
Hash
eeb64cc89c3f5bbf733126698dd8c764
58206b909a13f1a317de6d0a1f0ce3629fae2577
9f93564d6212a57630466ef0aca9dbda09d8f8455b3f585e2125fca9fa87e068

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/2734.bbc6ed86e30997d0.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-118e"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1380
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lc0F%2FwxU1GuK2bg7glrSxOvOWkSU4b%2FAMk0o249mW%2BHTwyaOUv%2FQYxKu%2F2eUyFqnmPJ6B40uczLNFwFfg9vbbr7AvNn2OJAtPDR%2B3oYx6NoeIoTyTHKKN6yhPtJGEANI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de0ab45b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/8759.4b325d3b5e02a887.js

104.21.63.132

200 OK

6.3 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/8759.4b325d3b5e02a887.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (6426), with no line terminators
Size
6.3 kB (6318 bytes)
Hash
3810d519bd85ce721d4738a66acacd8a
b74254fc5380b47de29c420218107fcdbe20e247
54b6faf07266e6bc9ad2fc0554e82fc08dc4aa9a19bfccd466317cdd5c1d99a9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/8759.4b325d3b5e02a887.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-18ae"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1423
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BXgCZBrxy9PkkAaWDYWUVw6OrXD2nMB%2B77X7Lj4bhc9wpkvtDyii%2B6slhaVsGyvcotixIHXX%2Fu2780EW32kdTuK6UVU5EIDl%2FA0S6nWzS7VCGHDFH%2FBeAOAPrKayV5k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de0ab56b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET my.rtmark.net/gid.js?userId=2yddreqnmwqfvgs7s14hs5bjhdx8i

139.45.195.8

200 OK

62 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=2yddreqnmwqfvgs7s14hs5bjhdx8i
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
Fingerprint4B:EF:80:EB:90:B5:8C:01:82:25:B6:92:59:BE:A9:6A:C7:83:75:8E
ValidityFri, 05 Jul 2024 22:30:11 GMT - Thu, 03 Oct 2024 22:30:10 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
3931d49ba66ca54373fee880e6f090e9
0d85c213159c035a513045995709455295ed8ed8
9ea6679b2bc00f4ebd8a8ed4060783c579b2689f7d2d5d4c7186a745010bb19e

HTTP Headers

GET /gid.js?userId=2yddreqnmwqfvgs7s14hs5bjhdx8i HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://haucawoug.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/json; charset=utf-8
content-length: 62
access-control-allow-origin: https://haucawoug.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=2yddreqnmwqfvgs7s14hs5bjhdx8i; expires=Tue, 29 Jul 2025 10:18:45 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

GET haucawoug.com/_next/static/chunks/webpack-dd1847d371f28c48.js

104.21.63.132

200 OK

6.2 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/webpack-dd1847d371f28c48.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (6464), with no line terminators
Size
6.2 kB (6171 bytes)
Hash
4934d37a3398f20d1d25a3866b885c0d
9d88130684d6824402a86fdac1a4d7a230d86e24
bee0ce3628e6dd606d40d69443d00b87f384e3a214a2e891fe3d06072cdc0139

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/webpack-dd1847d371f28c48.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-181b"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQBfGsccUBKN4nvxQ7cpiLH%2Fheo7VsfkLxR0r%2BURg8Rzw2YYc4%2FpLAJ2TAQTOIC7Gb6quQRRbdLDyFWg9e7jX%2F4HG%2FpfYTqlCebBNajpzq1haVuguYU%2BZc%2Brp%2Bq3KBtX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf78feb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/6674-0ba16d017546c4b8.js

104.21.63.132

200 OK

38 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/6674-0ba16d017546c4b8.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (37707), with no line terminators
Size
38 kB (37707 bytes)
Hash
cd98dff3081acee250db8aa7fae91400
c49d2fa69c28d437fb5e1dede35898aaee75794f
882dd46e7f8c25f833ad4f8b992e71fd9dd649ab6b21dcf5fc92ac21b9b723b0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/6674-0ba16d017546c4b8.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-934b"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhlaKuyCDluuCQlMBisYbTkBJ0NF1RNxRP%2BOUo2WxCRdFr62vhvbkshqYRRwEOKUKdre2lreKrH%2BMH0BaasRR%2FU5TtkWfsXc8iVL%2FmadBEUhwn9X%2B5cvgAlZhhD2pyhA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf7910b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET haucawoug.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f4f7a87d7be323ee.js

104.21.63.132

200 OK

31 kB

URL GET HTTP/3
haucawoug.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f4f7a87d7be323ee.js
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
JavaScript source, ASCII text, with very long lines (30991), with no line terminators
Size
31 kB (30991 bytes)
Hash
d3ab6cd0238a35e396a6266bdad730b5
fe6c156a816236b2f85d0f65474e1a1fb2d73521
24cfe321667a3699360703c3dfedf76e2c931d976c623fd6673886ddd2c7a992

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-f4f7a87d7be323ee.js HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"66a394de-790f"
last-modified: Fri, 26 Jul 2024 12:21:50 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4751
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUaEpMESJ6VEzbw7UwV6JG0%2BI6WKGQpSFADVHzHJR2x1qH604OeYtljxHLQ2LpuY%2F0hRGYKqGCw%2FBYucmQeLLcgSaYjjqZJxs5CXgvcYhlLsDWLrE3GesEI1F5sKL89H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5ddf8911b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

POST haucawoug.com/custom

104.21.63.132

200 OK

39 B

URL POST HTTP/3
haucawoug.com/custom
IP
104.21.63.132:443
ASN
#13335 CLOUDFLARENET

Requested by
https://haucawoug.com/single-page/145/?z=5615727&var=841732872225169408
Certificate
IssuerGoogle Trust Services
Subjecthaucawoug.com
FingerprintF4:B5:84:D9:FB:92:D4:4D:34:8C:42:64:63:3C:46:6E:DC:28:61:FC
ValiditySat, 13 Jul 2024 11:44:49 GMT - Fri, 11 Oct 2024 11:44:48 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
39 B (39 bytes)
Hash
c16023891530fbce40f0a1244c3af01c
e15d9dff768d82673e5e797a8395d1fa7d9049b7
c7d0061f2d2b9eb7b65b547c4bdf03f5f332cf34021bc972f64b6ad58d3a121a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /custom HTTP/1.1
Host: haucawoug.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 352
Origin: null
DNT: 1
Connection: keep-alive
Cookie: OAID=ae2633d1e59440f0af6de977591f95d3
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/3 200 OK
date: Mon, 29 Jul 2024 10:18:45 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OSUmmDbn8OrFFG9gZ7vfx7d9PGevtbsc%2Bn6m4PxwsTAqXwxOognxRERrdz7I3RGskX%2BVupBI2Qo9pR4FsRy9zpIBQon7CbRnjsjCR5MyJC2P0YXnX4j3%2BzWcF%2F%2FSqPx3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8aac5de1ad2fb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by