| peeglauwa.com/img/rain/dollars-1.webp | 104.21.92.42 | 200 OK | 10 kB |
URL GET HTTP/3peeglauwa.com/img/rain/dollars-1.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image Hasha5bef813a0113d018592091106451c8b 59365e96c4abca5eb98a0c56db0af0bb5cbffebb 036beb7de9c9d450e1442d593ff70ad392ca4be6754e7feaec249c0009e1bd83
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-1.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/webp
content-length: 10546
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-2932"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HkF9KB8kERUHxn3A4mYd5u%2FEpvPSKAfAU3lgrHTiIMl33oOanTdd%2BbzwN0wIdRrki%2Bm11akuX5W1evirKudPgRWGeBxzeUCqvOjDfuhB8aiOBRXhDDwKxoUtLc0vgjNj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb27b57b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/rain/dollars-2.webp | 104.21.92.42 | 200 OK | 8.1 kB |
URL GET HTTP/3peeglauwa.com/img/rain/dollars-2.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image Hash8b4203d496c3f52b116af082a0cd4017 de5369e9459e240950bb7eb5261eaac1db26907f 8dd1f04088c25e20d15e1bc23129604830aab2b4d3d0a408a5f047f9768f39a4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-2.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/webp
content-length: 8140
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-1fcc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BKh712CJ389F9Q65YaYqz9g53mDPDv5JJ7da0mnD6Q9YZhqoEAKF%2FRW3j0uFcWwStVe7gxleSIC9dJnOvgBzfp7JdbOPYRmO7%2B0JIY3XKdnEfMJFOdPvt7CwVBlnzWsR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb27b5bb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/rain/dollars-3.webp | 104.21.92.42 | 200 OK | 5.9 kB |
URL GET HTTP/3peeglauwa.com/img/rain/dollars-3.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image Hash51ea76ff382bff8ef58a9943f7fd21d1 5c3d6ad6620fbde5ce3dddc88604e6d54621eba2 0240f30fc542fb5c2d532f33bc793b797199adaea75e22a7d9f04674b80d9a32
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/rain/dollars-3.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/webp
content-length: 5938
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-1732"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BpfsDTn%2B5SgQAwy776gzoQz4mIOliuCeBtUEkwI5oNd1JSQ91MA1BaeO3j5%2BF7Vn5Id%2BJe1bgEYw%2FZ2dvHU9zlmEF%2FypZqwavpsMG3qr4IDT3Yg1fUnmAH2PdkqR4pW9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb27b60b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js | 104.21.92.42 | 200 OK | 721 B |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/5356.cd117ab77e87aa94.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1298), with no line terminators Hash48bc38caebc09f278d740e9a8302bf56 b687105616511f0eb1f493a5ff7cb35e6b445b5e d558e0466151e37fdefda1944ca4860ea0f63fc583e36ed00e2516d52774caa3
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5356.cd117ab77e87aa94.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-512"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5BNlBanLQUGTYbpvyD1wdIGD2GkPNpmq8avwCHTyOdEdLb89Nw%2BioxMC2neAdiv8NfhBGw%2FWHAfGvlrd9pIFPWLxf3VVeXXbLsEU7PydhjzzBiM2fKiTY7ZAdvJIHntq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb30c50b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js | 104.21.92.42 | 200 OK | 2.3 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/3978.f48a53d50c258a97.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (2955), with no line terminators Hash0c60c4b03a77633fc4177d0ffaa530e1 61f40dca0463045927e933959e5f16280db6403c 2f592be0eab537bef0500f89410df1783c7cccef79e8586ba30e53e63c78247e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3978.f48a53d50c258a97.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-b8b"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BZSOGGfik%2BTkgizkKrP8c1AZtRceIrxu%2BhTq8FRAZgFJ2OApxZGzoioVP6NDMMlfYuDc83k2V%2BhlBW9liIK4ZVDfc%2FLy2cY46BFqPuHoIkoO13qV3Or4Om8cZMIey7c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb2cbfeb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectarleavannya.com FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: application/json
Content-Length: 422
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 2b0a96afb03ed1e88830585e96e81b30
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/_next/static/css/0bc0cde260d08b97.css | 104.21.92.42 | 200 OK | 2.9 kB |
URL GET HTTP/3peeglauwa.com/_next/static/css/0bc0cde260d08b97.css IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with very long lines (1841), with no line terminators Hashff1d3d5d24ca0172d59b02e7505ddaa1 41e83ee08e21f369886b0fdad0ba01d8b20897b6 939b17f98d9d3585510edafa70c73c6619ea20d9b401b4396041272bed67ecf6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/css/0bc0cde260d08b97.css HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=1843
etag: W/"6620e908-733"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2076
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DR4qzkvROr0u9zqXBDf03WBW7FCLwrbUb1sj7dqT8VMaoU1J3f8pZsMOxRtov7zNelWMLaGflSbxzwU7%2BrBF9Hw8AAl5IeGknN%2BKMTi79IlC35q9CXXwdGGXpsckqtRp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1a975b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-6.webp | 104.21.92.42 | 200 OK | 2.4 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-6.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash7be25941ac032fcec25b1bb4ede296d2 cfc4fb3733844326076b6d7632087204c0bea34d 0ff9d28c4ab7516d2790e8df4d325cf602bc8f9eb787a7cd9b6554edd9530e4e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-6.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/webp
content-length: 2440
last-modified: Wed, 17 Apr 2024 15:36:42 GMT
vary: Accept-Encoding
etag: "661fec8a-988"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 6486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TfVGoIawLHPoznRG2eC7CSE%2F1jylEfYFYl1TG7JWk1HF5DnLmdHUl1WQ5CCeSNvQCRHou95nks%2FZM7QEd9oyqgbF1dXZuYEZ9tvFafc0fWLolxlVF47waNVe%2FUv7y%2Fdd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb4afb8b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-3.webp | 104.21.92.42 | 200 OK | 1.5 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-3.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hasha747d227c2e10b5178fd942484301d7a b3c5cf90dd5fd2c26c7b17dcb2d35b6dd47065be 9f4fb1281b7141b9dd48925953f7b039b6c411ea0e6e5b158d3e000d75316e9f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-3.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/webp
content-length: 1454
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-5ae"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1830
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SL5vX9%2F1BRgvPWrgEBbUxzVd1wHLIAZ9uk3kswINQ6CAfTKx1%2Frfs%2BHIiEO%2Fx%2ByRCqKN5EFV3VWTUvIEYB5MDyporBJ7tC%2F%2B8Ks3zVOamNoCdGoAuq%2FC3268JTX5pBs%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb4afb6b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-4.webp | 104.21.92.42 | 200 OK | 1.8 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-4.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash5dc160f6b521dc8f6c670b140b354fed 22e15cda82b532067b99932ec28f86ea2cc1ecbc 09c6c6de57458ec0c4e7a3d2375e0c7b9c037de9366b63e3685cc0ca94d838b4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-4.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/webp
content-length: 1798
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-706"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1830
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M3gm0U2pA3KkhdZwk7KR3AvpO8Ubp6he7gHx3q21FUD%2BAiFwzReKfvhwmrzpacob41AyvsOLlQn38g6mZSo2mdNO9lE8WZ6R0%2B8w4zh%2Fxf2Si3J%2B%2FY%2BtiU2oyRH62db9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb4bfc0b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/2610.2a580cd9dee822b9.js | 104.21.92.42 | 200 OK | 4.7 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/2610.2a580cd9dee822b9.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (13011), with no line terminators Hash0c59730d5535c83c311c485073a9e98a 09881fb1526e5ab2f1520bc64599d6a62eb49ac0 96f5c1af97875fe47b041806f2dcf51ec427ec1e50e94c4d2406418ec71e9dd2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2610.2a580cd9dee822b9.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-32d3"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2076
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=apzKLCR6m6Pot%2BK3Njf3sshCctKbhjTIwwcohAmuEc4bLg%2BmH%2BIGhLBPaDKP0NOIhJkQxmXgXPGe%2FEN%2F3%2FKul93tp92sNyG4Yj23EOX4De64exciuZNKl02MXBFXfiP%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1b984b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-1.webp | 104.21.92.42 | 200 OK | 1.4 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-1.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hashc5da2ea294623650bae71fc84401cf60 f1f62ea011cf81953cefe28254c134e992453b91 09a846c5b1af2c6100ff3193789be1e0e21ba9fc45c268f76f2007c78f1e4ac1
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-1.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/webp
content-length: 1402
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-57a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1830
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bgjaC7531kSoh2k6XRZoXbN79Yxt2gDhJWkAutrFvVrple24CaZMQ%2Fe0ZIQvrIclKWtovd%2BLWo%2FQWULdJSHjZCGz%2FVt1YfVn1QyXOa9zmJCe4V42EL47xUccPXyecoOl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb4bfcab4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 0 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectarleavannya.com FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:04 GMT
content-length: 0
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 0 B |
IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectarleavannya.com FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:04 GMT
content-length: 0
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-metrics | 139.45.197.248 | 200 OK | 17 B |
URL POST HTTP/2arleavannya.com/sync-metrics IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectarleavannya.com FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT
Hash5b64e8b89092b2e3dfd448b10700627f 484b3032619fa1acd135d114565b0a5166281c22 f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /sync-metrics HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: application/json
Content-Length: 442
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:04 GMT
content-type: application/json; charset=utf-8
content-length: 17
x-trace-id: 6803ae0d5a742639bba89795e2002afb
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| arleavannya.com/sync-do | 139.45.197.248 | 200 OK | 179 B |
IP139.45.197.248:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectarleavannya.com FingerprintA4:8A:3B:44:4D:C2:D4:BD:92:AC:E7:B8:3A:C3:C9:4B:85:17:24:1F ValidityMon, 22 Jan 2024 17:53:34 GMT - Sun, 21 Apr 2024 17:53:33 GMT
Hash081142aa1c9267422ee7fd25ac457579 cf8a223610da412aab4cc9aec68f6f304258b3ce 58084d495376ed2e41f026c352cabb187129c58109f2b15caeb1a539deb2cd19
POST /sync-do HTTP/1.1
Host: arleavannya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: application/json
Content-Length: 161
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:04 GMT
content-type: application/json; charset=utf-8
content-length: 179
x-trace-id: 069730ce57cc8fedf176c9be8649b6b2
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=2e9e271d-a8f6-4a1a-b515-65488f01cd20 | 37.48.68.71 | 200 OK | 12 B |
URL POST HTTP/1.1datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=2e9e271d-a8f6-4a1a-b515-65488f01cd20 IP37.48.68.71:443 ASN#60781 LeaseWeb Netherlands B.V.
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerSectigo Limited Subjectdatatechonert.com Fingerprint3F:E1:50:2C:9F:FC:F9:37:03:E3:B6:34:00:06:89:69:01:E7:C3:27 ValiditySun, 10 Dec 2023 00:00:00 GMT - Mon, 23 Dec 2024 23:59:59 GMT
Hashadb4650bfc9d2a73d4dd69583b0ceb14 1ce399d6e936232aaf2192cd7903a279c5015f22 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=2e9e271d-a8f6-4a1a-b515-65488f01cd20 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1501
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Thu, 18 Apr 2024 10:44:04 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://peeglauwa.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
|
|
| peeglauwa.com/_next/static/chunks/1754.901479ebfced8b6a.js | 104.21.92.42 | 200 OK | 80 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/1754.901479ebfced8b6a.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (11527), with no line terminators Hash56134729452ad2f059b72b7ca69c3c46 39357808d2372e366c0562f7a89957d26f89929b f138deeabff5ca5314a2d2a7b892a288eaf820b1e8332dd4ac4efe62a4ae6c45
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1754.901479ebfced8b6a.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-2d07"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mTDjzorF5daFO82zUZu3S6c%2FSSlinOnRIHU4J8bd1CLRiLr2UQLSMMmx8jtAawIqV%2B8saQrzE%2FDoPtE0eVY3DFOwZkdMBrujBdNA8EZTmetLoSqsUHQE%2FN2pEPbBi5%2BJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb4bfd6b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| o24257.ingest.sentry.io/api/4506297820381184/envelope/?sentry_key=846ab6d1b9297a0036310793eb8dd024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.108.0 | 34.120.195.249 | 200 OK | 2 B |
URL POST HTTP/2o24257.ingest.sentry.io/api/4506297820381184/envelope/?sentry_key=846ab6d1b9297a0036310793eb8dd024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.108.0 IP34.120.195.249:443 ASN#396982 GOOGLE-CLOUD-PLATFORM
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerDigiCert Inc Subjectingest.sentry.io Fingerprint60:82:0B:58:64:CD:37:FD:3F:C0:84:4F:0B:69:CF:58:05:15:97:9A ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash99914b932bd37a50b983c5e7c90ae93b bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/4506297820381184/envelope/?sentry_key=846ab6d1b9297a0036310793eb8dd024&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.108.0 HTTP/1.1
Host: o24257.ingest.sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 422
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:04 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
vary: origin,access-control-request-method,access-control-request-headers
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ofklefkian.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=6534631&ymid=7oVVjR81kD&var_3=8052819&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest | 139.45.197.251 | 200 OK | 0 B |
URL POST HTTP/2ofklefkian.com/zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=6534631&ymid=7oVVjR81kD&var_3=8052819&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest IP139.45.197.251:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectofklefkian.com Fingerprint04:A9:FE:8D:C9:B9:EE:6F:3A:C4:29:EA:19:AD:C3:1D:7D:3E:14:02 ValiditySun, 14 Apr 2024 05:38:05 GMT - Sat, 13 Jul 2024 05:38:04 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /zone?&pub=0&zone_id=7085340&is_mobile=false&domain=peeglauwa.com&var=6534631&ymid=7oVVjR81kD&var_3=8052819&var_4=&dsig=&tg=1&sw=3.1.473&action=prerequest HTTP/1.1
Host: ofklefkian.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:04 GMT
content-length: 0
x-trace-id: c3ed4570e336c800513f8c4576bffae4
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, X-Oaid, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/favicon.ico | 104.21.92.42 | 204 No Content | 0 B |
URL GET HTTP/3peeglauwa.com/favicon.ico IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Cookie: OAID=beve8ljlzvpj4qoz76ixfr68vues5hzs; syncedCookie=true; oaidts=1713437043
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Thu, 18 Apr 2024 10:44:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tKZZLHxnp7%2BpMhahRborIKS%2FKqfxmnfWpB2Nplnpz3FOvc%2FUC2xnXPo4X66%2Flw6Oa5O4YeqSYVJ5i92F0j7QqKhjhiTPbFoQ2WXOsjc3qyU5cRwqesLW3IzS6QuPPCkX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87640eb88f6ab4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/sw/universal.js?var=6534631&var_3=8052819&ymid=7oVVjR81kD&ab2_ttl=5184000&zoneId=7085340 | 104.21.92.42 | 200 OK | 1.5 kB |
URL GET HTTP/3peeglauwa.com/sw/universal.js?var=6534631&var_3=8052819&ymid=7oVVjR81kD&ab2_ttl=5184000&zoneId=7085340 IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with very long lines (1543), with no line terminators Hash4bd2fe598ecbcc8dba6fdf2d51bff9c3 2f4b48bf87709adb3388793e49a5ca447d52596c e0ba8d9941feb88f29063503c5e603249e5ee708e8f41a4c8100d6f514b14347
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sw/universal.js?var=6534631&var_3=8052819&ymid=7oVVjR81kD&ab2_ttl=5184000&zoneId=7085340 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Cookie: OAID=beve8ljlzvpj4qoz76ixfr68vues5hzs; syncedCookie=true; oaidts=1713437043
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:04 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: W/"6620e908-5b5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jUGCazpkIcTBYvuZQDBnAxirrx4DNT%2FaE%2B71vKICa%2BN7sHTfjLQBKoTvojMZov46OydokrtfeBbn2sr1YOdzkngFUcDj9xM9F8QCtvYwq4XUWfFY%2F38IF8%2FbyfifNq9y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb6bb83b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/webpack-d9f7c6f2541e6f8d.js | 104.21.92.42 | 200 OK | 5.9 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/webpack-d9f7c6f2541e6f8d.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (6150), with no line terminators Hash30cbeace9ffeb0d4a3137aef14134882 7d39427e87fb24751056504160bb0fa22aee4e20 2698106815779ddad98c3eefb0b2f0a2a03f437603ebd58a668ea48feb43ed97
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/webpack-d9f7c6f2541e6f8d.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-172c"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TPTPOduft73BneacJS0LRlv30lTVc7HyB924MS3kFBnwK4DSnIZdhY0ASBXV5fmGyR1xWzlmlxo6TA%2FxFHcqvRvhwzw12zqst6iGlitMJ2umgoAZGYEeOWvydJJ%2FHdHM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1b992b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js | 104.21.92.42 | 200 OK | 109 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/main-beb6af9e60a8e042.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Size109 kB (108886 bytes) Hash49c6f57370e917bd37dc7d4d4d0bdb56 f5b56f5b9498f3500055c5614808903d85303991 0409ec519061477c75738733ce598796a11cd445e95df1cd3e72d0ef58136fd4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/main-beb6af9e60a8e042.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=108887
etag: W/"6620e908-1a957"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PVuBCV2hUidL3fW0AGPzi9CEv1qxjQ%2FHkoe5hO%2BwhrG6fM8G%2Bg%2FkAH2kVZv0jyT7j%2FQsyDgu6CeeV97Romg%2BzkpHfCFpCr%2BjWiYVlaQFgSHBLt9WmzmIgSN4wzrn0YXP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1b99ab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js | 104.21.92.42 | 200 OK | 182 B |
URL GET HTTP/3peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with no line terminators Hashca6aa05f78eb6859347a61db067f16dc 444e70f53eb809f0920de921925d854baccdd251 11ca6f5cc9bc3b5e4021fe0fdad57091b6e8b54a5018672cf9d8b6a7e4f0e229
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/vMdnFVEwZ-cHDVJwGyakD/_ssgManifest.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-b6"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i2PpAHGu26MTuHoun7Qdxv9QiBjyXq2yRXFG8%2Fz1S7p8KXSdIC9x%2BsAW7tAe5ZpZCzY%2Bx36LZnUvP3odpi9LAaLqZJ25E8IFBmaZFUnFGzSjPv%2FB2DBW7owRMROA3RQg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1d9b3b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js | 104.21.92.42 | 200 OK | 22 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/4981.3c1daeeee82e08ea.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (21617), with no line terminators Hashe5a18eccb2797e5391d6ce697f63eaba fd0cfa9d1d8af22b690973928c5d65b6be83389b 865d0997740868b6c2804f1949e997d55baffc23023235d8af966f8b999c2b84
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4981.3c1daeeee82e08ea.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-5471"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2076
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EUQJHCT%2F8UFrDb3pDRpIkoA0encimuIs3%2BVaRPFZH3Hg7G%2FnTeOX0H2c3gMW9lS9AqUc325N8Iz%2BJWi9RRsLCsLaWPfPGr3%2FaNRHKmBlWeXiU5iSp8nFyRoI1pFEeo%2BB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1a977b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js | 104.21.92.42 | 200 OK | 1.6 kB |
URL GET HTTP/3peeglauwa.com/_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeASCII text, with very long lines (1697), with no line terminators Hash7d602569e63835def3109d2e56e3d3bd 6674ec283e7b4c7333d6ae8ea79d39408f7c8627 2a0cc093a4d8d1da3bf50a7dc6cae86d076598761d116c47ee1cdaf9719790ef
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/vMdnFVEwZ-cHDVJwGyakD/_buildManifest.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-645"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rt7yjYi0tw9Z79IE7qniRQl96Kh22mXjKq%2B9U1E5uBa0x%2BqBeyq3u1myH%2FrfQX5RbwugCYHldKhu1ctjlu5HQrrYI1QOvbwZ0zmgKBxsDlTxI2PMqbpxyOfDxpdybann"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1d9b2b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js | 104.21.92.42 | 200 OK | 925 B |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/8904.6fbc0cfd51623cbf.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (939), with no line terminators Hashe370c58940efd9305daf2c9601a7da0d ac6f3895617e4817d7bf86b7c637a231b13a12b7 acba948084ac297d876a066617c1a4c6d9f5a664d43514af605a4c6d1fe37315
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/8904.6fbc0cfd51623cbf.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-39d"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A16NEkrlfmdbZatmQ112wZV3lCJmMo3XFMAsSpnIWYlL%2BwSAQPDdX8q3sZc%2BHXMhZ0lwWwWEhPxNqjxJlJ1yfNTUc0%2FM%2Bn7WU80kTR0LmsRTmLBAXP5H7nxg6Pi%2FQe%2Fg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb2fc37b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/track?dry=true&request_var=7oVVjR81kD&oaid=beve8ljlzvpj4qoz76ixfr68vues5hzs&os_version=&var=6534631&var_3=8052819&var_4=&variable2=804479556009340928&ymid=7oVVjR81kD&z=6534631 | 104.21.92.42 | 200 OK | 182 B |
URL GET HTTP/3peeglauwa.com/track?dry=true&request_var=7oVVjR81kD&oaid=beve8ljlzvpj4qoz76ixfr68vues5hzs&os_version=&var=6534631&var_3=8052819&var_4=&variable2=804479556009340928&ymid=7oVVjR81kD&z=6534631 IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashe6246b04b7d99b675f7086e756e1f242 9f3b5f5cb9b34830dc20448a0acc83bcce5d2727 5ecadcf1c19edd16643f48e47f530b024c97a5653f98a47e14c61d5270dd7881
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /track?dry=true&request_var=7oVVjR81kD&oaid=beve8ljlzvpj4qoz76ixfr68vues5hzs&os_version=&var=6534631&var_3=8052819&var_4=&variable2=804479556009340928&ymid=7oVVjR81kD&z=6534631 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
DNT: 1
Connection: keep-alive
Cookie: OAID=beve8ljlzvpj4qoz76ixfr68vues5hzs; syncedCookie=true; oaidts=1713437043
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:04 GMT
content-type: application/json
vary: Accept-Encoding
x-trace-id: 2234d711904579d22babb845d1f8e6c9
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-origin: https://peeglauwa.com/
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1ll3uP%2FUwLzKGOnnNMbB7AGi84VuHBU27fT5GjBjjUkhOx060nGFNywna1RFt2iF7%2BFAV7LZB6MEmEeJoJAhEOaZASBLGFkUBBEs2y%2FGBhzCSerk8Go2FUHO5ODq%2FD7b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb548a3b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdntechone.com/stattag.js | 172.67.195.28 | 200 OK | 19 kB |
URL GET HTTP/2cdntechone.com/stattag.js IP172.67.195.28:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerGoogle Trust Services LLC Subjectcdntechone.com FingerprintC0:94:F3:BC:8E:7A:FB:B0:2A:C5:0A:53:D3:08:2E:63:6B:02:E8:70 ValidityFri, 23 Feb 2024 02:35:13 GMT - Thu, 23 May 2024 02:35:12 GMT
File typeJavaScript source, ASCII text, with very long lines (18452) Hashbec2755dff94190fec0365b0db53807b f98c36e7e9e06325d03fe39c3b98879062fc2704 ccb15ff22ece6946136f1501ab3ae74155399187c8e85beb10399d56bb8e149a
GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
last-modified: Wed, 07 Feb 2024 12:51:04 GMT
etag: W/"65c37cb8-4a9e"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qr3Oq9%2BWDcgzqOPpYxqGLACmfPvPwpq0lh5jZMbGLIIwq6GvXGIE9P0O9WBWqZaALfk8YloBP70QwNoD2KfGs0w9Ryvaah8RYKqNuRERRIXWaIMZzNzbIrul%2Bo5cOYjuNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87640eb4cd12568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| browser.sentry-cdn.com/7.108.0/bundle.min.js | 151.101.2.217 | 200 OK | 78 kB |
URL GET HTTP/2browser.sentry-cdn.com/7.108.0/bundle.min.js IP151.101.2.217:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerGlobalSign nv-sa Subject*.sentry-cdn.com FingerprintF4:BF:96:D1:20:5D:BA:52:63:EB:1F:F7:56:39:FA:81:01:A3:64:DE ValidityTue, 01 Aug 2023 14:42:24 GMT - Sun, 01 Sep 2024 14:42:23 GMT
File typeJavaScript source, ASCII text, with very long lines (65446) Hashe8b9b14c26da487b1f60b6d83de21679 baf0e15e8a66d5f9a3941c795c879966d46b7394 ea656e60afb1837bad760edf51698f5f3d763875dad7342fba8b079acc0a980e
GET /7.108.0/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-response-body-transformations: gunzipped
expires: Sun, 06 Apr 2025 09:03:45 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 22 Mar 2024 08:50:10 GMT
etag: W/"31b0198dce84c8fb94a01597ce4fd852"
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
date: Thu, 18 Apr 2024 10:44:04 GMT
age: 1042818
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 77924
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/_next/static/chunks/825.139a404f62101162.js | 104.21.92.42 | 200 OK | 40 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/825.139a404f62101162.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (39900), with no line terminators Hashe1671f1b840e49e5da86e2e21f0bca2b 9592694997a1984d3a66befb9f923ca6d5fd14cd 6cc2879d30de99804094429e23561b77ac38fcbef7c71f769129d10f65eb32f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/825.139a404f62101162.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-9bdc"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pe3ZvZ6xtkhI%2FboWrB8rSYhbiDSYbOdyPC0UlQKgBbKVb%2BNymOqxhyVxmsKY0T3Yk1EH%2FKcosdv39FDWT2vJuYfixntt44sZh0CjEu6UqUWxXAWkX8P%2FxSvfWTm0Zb6v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1b98db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js | 104.21.92.42 | 200 OK | 2.2 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/3091.c8175d9042cf8d52.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (2203), with no line terminators Hash1ed18362d677042a624f3bc202896366 fc2e55c96b3a6c990e940d2311cb48cdc0674a1f d67a66a1cd76d834cd5fd7b0007519596d3defc938b6ea3e6749c0cec336fa99
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/3091.c8175d9042cf8d52.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-871"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YpX5b5M%2F3qVUfivWVaERSjtyftf9xxKekMGeVYgtBfXaNfxRiltsghxhum3GvM9ZY2fNwwJHlUyGDGTfvrYI9BkVALW3PxRQ2iSK1PPIBZhHBiswh8FGA9aVqKzsp%2Bk0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb2fc4db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-5.webp | 104.21.92.42 | 200 OK | 2.4 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-5.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash188dfcdf19da1d86ed162d54ed03536d 98b1baefbb803548b2894547091b4c7773406524 4f8251665e3cc796f127ea6cbdc00a9ec450adff16acb4ec74463c446b6f4ba6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-5.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/webp
content-length: 2384
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-950"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1341
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wFS49FHD7%2Bg%2FsE6ELxI3R59UDv%2BDnlpLxNqiYceguA9Zv5lXwu69to%2BW6zkE9zuA7mMTtj4aHYQx4AEJbzi4OqewMajBOBTDdKDyB3%2FLm%2Bj0WjTJcPpZ0lik81%2BMPzEL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb4afbeb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 | 104.21.92.42 | 200 OK | 39 kB |
URL User Request GET HTTP/2peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 IP104.21.92.42:443
CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: text/html
last-modified: Thu, 18 Apr 2024 09:34:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1tVZpLnoFggfTra5xA81y8y9UoKGIF09yUNOlmOE5351NvP8bqnIayCzxCfztWUoPIUowaNf2AkzZ4n6EtWkKTxuYQmYE%2F1ENi2b8W1MJFWV8ihB8o6iWqQbSZQuJcgB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eaf9c5ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js | 104.21.92.42 | 200 OK | 26 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/framework-3281cb961088a9a3.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (26042), with no line terminators Hash499fb17b15c09c2d76681f27dde9a031 5564d317c33112db56918ec372d392caabec70f2 9350c53e2fe847ec629962106d01d6af28a0d9c69feb57e7609b3c096935cdb2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/framework-3281cb961088a9a3.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-65ba"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s3NA3s9a0iKmM12KBlo%2FpnWiG3UxDi8X0igh76HCuZKJGr6uOH4AiM%2FLD9g4NO9eIwA%2FrUloxZm369sjoxQGoWT0KxmBql5l7HShhsOoQGIJK9e0IBjI4d018QGvZc1y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1b996b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/5927.5b9e15850e6ed19a.js | 104.21.92.42 | 200 OK | 18 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/5927.5b9e15850e6ed19a.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (18363), with no line terminators Hash5bb517e08d6010f7e31b0f17b36459a9 260ee8a6737b10a939374d464312509c4630dfe7 615040639aee9f5314f7cb5119026b1a754621ea88e74ac1e5e2e7a144715320
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/5927.5b9e15850e6ed19a.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-47bb"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iJwNlWCTy8eyOIj08kHBHca8oLTZOnAI6HyYTS7KekjO%2Fw%2Bdn3cWPyAeogw1HSyBnlktpabLaXGzZAAFkH6CfKzl0s%2B6jD0qyUlEjsoijhY9ngOLEsophWwXtYHYrVgr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb2cc02b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/img/comments/finance-survey-people/person-2.webp | 104.21.92.42 | 200 OK | 2.2 kB |
URL GET HTTP/3peeglauwa.com/img/comments/finance-survey-people/person-2.webp IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp Hash8f8ffbb278de1342e5cf44cd0c677c23 1b4b4428e409479cc8a8acfce6f537c2aeea7556 ac4284ed6941963c4fa0db306537f42f3a0b1fa18710bc7b9e1e62188961d83a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /img/comments/finance-survey-people/person-2.webp HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/webp
content-length: 2220
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: "6620e908-8ac"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1830
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qFZTG%2FhSHMaSKLb5%2FI%2FaS6lrJZDvmpxgqE0Ixd9LQMdSfVJ3H6aGt4WlwCalHIV3DaHC3WKFcjeq%2BJ123UzknKjL3x3qMWCN1KccSmtCEV3TMxGnVJxq5PLOyJcpI6ZY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb47f6bb4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=beve8ljlzvpj4qoz76ixfr68vues5hzs&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 | 104.21.92.42 | 200 OK | 27 kB |
URL GET HTTP/3peeglauwa.com/pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=beve8ljlzvpj4qoz76ixfr68vues5hzs&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (27012) Hash4d5fdbf5a5eaf9b73b515e58aaea8ab1 af206657baadc54af340d9b32738e9797934eaff 05b026bb4f34d6fd3b5db29bffb1ba5be6f9b11d954fa44fd4d57acd997ecb2d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pfe/current/micro.tag.min.js?sw=/sw/universal.js&var=6534631&ymid=7oVVjR81kD&b=20647553&campaignid=8052819&click_id=804479556009340928&ab2r=&rhd=1&var_3=8052819&oaid=beve8ljlzvpj4qoz76ixfr68vues5hzs&os_version=&btz=UTC&bto=0&z=7085340&cdn=1&domain=ofklefkian.com&ab2=&ab2_ttl=5184000 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Cookie: OAID=beve8ljlzvpj4qoz76ixfr68vues5hzs; syncedCookie=true; oaidts=1713437043
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:04 GMT
content-type: application/javascript
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: W/"6620e908-6985"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uXwOVZE1KmJPS9T5rV5NukP8vevPoCL7A%2FMBWp%2B4hlfDWtcgomnh%2BTKxu9xGNcbIhVbnvro4TVGPllpKzfHIEYFfndNKtvCL%2BSfltU8euiwuSgBB%2B%2B51R9fLe%2BAd6ux"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb5c98bb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/1155-a288f72f1c5f84cb.js | 104.21.92.42 | 200 OK | 74 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/1155-a288f72f1c5f84cb.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashf4fbc4cb97025f97e7202a6eecfdf059 4469a7e10b19d667a2c6b6a3ecd08c4dcb358749 1883fc82a08b36e731e0a3a0e49a42d12c70599b64fcf9607ee2905b74c43b70
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/1155-a288f72f1c5f84cb.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-11f4b"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 4144
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUPdHC5zsHrGgCcD5qki%2F32xVfEkXz0LWrNDQRN%2F%2FU%2FRHMTXJMnfccF3dR6Flg4%2FP%2BuKfDV7w3wJZwyoTCfKEDfC3igPlT0kGphK%2FqbMthlpjQ18aPyd1ZKHnxWx7bRn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1c9a7b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js | 104.21.92.42 | 200 OK | 3.8 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/6223.36a8be3b6724c1ee.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (3870), with no line terminators Hash1d892f4ab084b8290d79dcf9ec65b79a 17b0c18b7201dd8eb4bbd3db5be2f1d784000948 77e68c0c19f773bcf939398361c922509f29268cea7afe93f3f7050183115e14
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/6223.36a8be3b6724c1ee.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-eee"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bEO2pIIGOLYnNirNKCX7SyHtBP8OVRARJjcCKe3jLxzeD3xZakdTk7kjTEy%2FXtyRa3Oqt4HEEbAJLtsUMnL6Rve3EP%2BjskCnnUbnRpjHclE1hK4h7nmCqqNzhw9aA8tS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb2fc49b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js | 104.21.92.42 | 200 OK | 32 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/7903-dd238946c7924507.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (31896), with no line terminators Hashb5dd343db67bd22544d11da18268f5c3 069b5b221dd75af58d93192460778b3d07835e74 6347f1d4083f7a0a2ac3d8b12aae8832d9ea6914aa6e137d16a4d41869d14ea5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/7903-dd238946c7924507.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-7c98"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtMNZTn3XY%2BhQ0wQAl6idoLZtc2WTXbpbT6pZf6R4WWQyWTo%2B8NnUOpYYZz5O1WecX34UxsTn3iWKB%2Fd77mWE0Zcp%2BNH8q6an%2FNOzOAG42CyApdaJsDimvu3obKUdptP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1c9a1b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js | 104.21.92.42 | 200 OK | 662 B |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (666), with no line terminators Hash49f9c13e383477050c867416e60b3222 eeb57b5af30601d21511ff1eb94001b86d0c6465 1430b1cd7eaade1b7ba5b3a245f9221c0f6067efd03fc812821d0762b5d10ad4
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/%5BlandingName%5D/%5BconfigId%5D/%5B%5B...slug%5D%5D-eaddf0428a16426c.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-296"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Erp8y2Y4sZCmV5beBGNigshzyqM%2BPjnLfOv8DQJyrQZUQAoI61XAoRBLAsiK4b%2FFnkqQ6tTTXP1%2BwD%2BNck0It5OQ2WeiPPM0gAfw9qqKFK%2BIw9vSmpC590ytOS4NY1mG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1c9a9b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/2090-d895fd689d39c729.js | 104.21.92.42 | 200 OK | 11 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/2090-d895fd689d39c729.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (10720), with no line terminators Hash9dfcf70490a58a9922807765131a36dd 74a2103f2772dcbb021e6d7ed80a46505532efa1 64aa44a6c998566700666c1e4bf0abd78fe219197efb3229d6d9ffa7040926b6
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/2090-d895fd689d39c729.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-29e0"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q0r0xI%2BYV1MpMuY4yWuMW6xxVPxtna3mcQ45ZrBoviK7NYVuK%2FRBOQT96LjSM44Xzcu2d8jEwRXJPG7eRWzmF6H2L0eDT0c%2BDVYPXWdx8yNqkP%2BIKkmt9W8H921ODaWc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1c9a3b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js?userId=beve8ljlzvpj4qoz76ixfr68vues5hzs | 139.45.195.8 | 200 OK | 65 B |
URL GET HTTP/2my.rtmark.net/gid.js?userId=beve8ljlzvpj4qoz76ixfr68vues5hzs IP139.45.195.8:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hashbf0a253a0110d73ea03b05c7bad7e467 1efe2252ef0e90b37ab6cad748cdc6e5d7ca10ce 8d987490e9b780f11f6c81a51ed706856de770107bad896cde42b2201a3df7ef
GET /gid.js?userId=beve8ljlzvpj4qoz76ixfr68vues5hzs HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/
Origin: https://peeglauwa.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://peeglauwa.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=beve8ljlzvpj4qoz76ixfr68vues5hzs; expires=Fri, 18 Apr 2025 10:44:03 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=6534631&ymid=7oVVjR81kD&ab2r=&var_3=8052819&var_4=&os_version=&uid=beve8ljlzvpj4qoz76ixfr68vues5hzs | 104.21.92.42 | 200 OK | 6.0 kB |
URL GET HTTP/3peeglauwa.com/rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=6534631&ymid=7oVVjR81kD&ab2r=&var_3=8052819&var_4=&os_version=&uid=beve8ljlzvpj4qoz76ixfr68vues5hzs IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (6007), with no line terminators Hash9093ec1fc15ec497c938fdf3b5435738 d0299318dc56dc786f43b20f06a983a8cbc5fb03 f49ad844e3215540b5c5d1e626c0f2c9556b44e4541d2a7f43a457e522272fdc
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /rotate?zz=7085113%3B7085151%3B7085226%3B7085233%3B7085190%3B7085194%3B7085163%3B7085178&var=6534631&ymid=7oVVjR81kD&ab2r=&var_3=8052819&var_4=&os_version=&uid=beve8ljlzvpj4qoz76ixfr68vues5hzs HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
DNT: 1
Connection: keep-alive
Cookie: OAID=beve8ljlzvpj4qoz76ixfr68vues5hzs; syncedCookie=true; oaidts=1713437043
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:04 GMT
content-type: application/javascript
vary: Accept-Encoding, Origin
x-trace-id: d0aab4888ecae950193c154f7f99c932
timing-allow-origin: *
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
set-cookie: OAID=beve8ljlzvpj4qoz76ixfr68vues5hzs; expires=Fri, 18 Apr 2025 10:44:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ubuyfjRmP%2BEGe%2F%2FsX%2F86%2BNiJHmQ9az1kkQuI9qCo9wKjFmxLRz3hB4prdLrKNWZ9hTUrV%2BO%2BOEYQ06pwVxf%2FpQjK2FFby57Mk4PkeAzhhVQ%2FtMjA1Ij0yQR%2FSq9VRwt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb548a5b4f3-OSL
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/finance-survey/icon-survey.svg | 104.21.92.42 | 200 OK | 2.7 kB |
URL GET HTTP/3peeglauwa.com/finance-survey/icon-survey.svg IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeSVG Scalable Vector Graphics image Hasha000ba4d0e7570d810feafb22bc50bef af8fce44a683d3dfebe69cbe856e747739c9a666 9ae848c180201d8ae5c59ce118b0b7ef395a01295fb04d57e81cfe0566100679
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/icon-survey.svg HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
vary: Accept-Encoding
etag: W/"6620e908-a72"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 1919
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=my2SGJVSU2eZgj%2FNSq6Car0WR%2BP5mljw2tVTdBfwaragW6%2FSv5I3%2BRibzO4hO86BLUODGZt7WprH0m4jPvjUxA87W4fjuUkob1zioslpu3Lmmb5QLgT7zn%2FP%2FEhnZsKx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb4bfd1b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 | 104.21.92.42 | 301 Moved Permanently | 39 kB |
URL User Request GET HTTP/2peeglauwa.com/finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 IP104.21.92.42:443
CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /finance-survey/33?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: text/html
location: http://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
vary: Accept-Encoding
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KkBtCkVYa%2B%2BW9hQeYk3klqnk3XIqm%2FgEy%2Bf%2B0yCYftdnGTtNC4G5AQ9nhXAEmeTKIDt%2FXOTaJ954hvwIDN2NfaWbG6BBiuu0KOcSEjAAk5DZl4UxX9ONjzXd6g8oOaCx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eaedb55b523-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| peeglauwa.com/_next/static/chunks/4089.c7e0200d08c5ecd6.js | 104.21.92.42 | 200 OK | 22 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/4089.c7e0200d08c5ecd6.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (22013), with no line terminators Hash9c0754fee41afd53afb451593c7f69a1 911154ad0d3b7e5a968fb52f694867741f8fd798 abb0b63445a71170a0f1d9279397560c6c5446e20aea075e3f245240186a683b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/4089.c7e0200d08c5ecd6.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-55fd"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LO9PhHURDLRFqhnWJ1IqDFHrzCvlLgm4dqwoGcGHq3YFRgM%2F7ZnP54wK8ZkO9vN3JZNTCsemBt%2BXztWNo6f2pSrxl4dKeOmdvHMCwJP2DPPaxq%2FPnJExBGGHAr3GPsN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1b98ab4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js | 104.21.92.42 | 200 OK | 1.8 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/9787.32846937d0160cf7.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (1771), with no line terminators Hashd269bc24ab428864c8a5d9fd90d791ae ff1943ecbdb21dd40483e22778b0826bce974cde 086e81568c991bb4f9d7f9bcb854f1f2bf66b7397b1eef5b0753889ccb86cb30
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/9787.32846937d0160cf7.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-6e1"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2060
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hBQUPLK5bneIbRBv9xWMtDUwrzeYb4FyE%2B5gEN3KzVe4GfPV2qKmlgdlpjsM%2BlziVlO80byu4zboHvBlOht1OFe1EiLuQT0gHzKEYZI%2BnzO6U36CCWcx66%2FeZ322QHrl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb30c55b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js | 104.21.92.42 | 200 OK | 39 kB |
URL GET HTTP/3peeglauwa.com/_next/static/chunks/pages/_app-0755fe53a86fd6ab.js IP104.21.92.42:443
Requested byhttps://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819 CertificateIssuerLet's Encrypt Subjectpeeglauwa.com FingerprintB1:FD:40:08:D8:90:EC:A4:61:50:ED:50:F0:21:38:4C:F6:FB:F8:91 ValidityTue, 02 Apr 2024 14:05:38 GMT - Mon, 01 Jul 2024 14:05:37 GMT
File typeJavaScript source, ASCII text, with very long lines (39394), with no line terminators Hash78af260e6345bb993cf649622f4d7ecf bcad2770feaa6e0df7dbb92c24da90c56da29559 cca988f276fd684064d3ff252d813ca24f18f73cb16e18a1edece86f25f60e87
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /_next/static/chunks/pages/_app-0755fe53a86fd6ab.js HTTP/1.1
Host: peeglauwa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://peeglauwa.com/finance-survey/33/?s=804479556009340928&z=6534631&var=7oVVjR81kD&campaignid=8052819&b=20647553&ymid=804479556009340928&designId=[1,2]&var_3=8052819
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 10:44:03 GMT
content-type: application/javascript
cf-bgj: minify
etag: W/"6620e908-99e2"
last-modified: Thu, 18 Apr 2024 09:34:00 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
cache-control: max-age=1800
cf-cache-status: HIT
age: 2075
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2FVU51SKNHH%2BZJEJkA3Lz20yLuF20WHAsbF7L50aF3J3tHfkZhO9HAed%2BffRkKJBRXZ7yOZIjK3dwT6MrtSiEiEbqHpwS1dEHgZuecw1%2FiH%2FaFQMZo%2Fym0Uikm%2BOnNgY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87640eb1c99eb4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|