Report - www.newnaughtyneighbors.com/landing110

Report Overview

Visited public
2025-03-23 22:16:55
Tags
URL
www.newnaughtyneighbors.com/landing110
Finishing URL
www.newnaughtyneighbors.com/landing110
IP / ASN
34.149.50.112
#396982 GOOGLE-CLOUD-PLATFORM
Title
Newnaughtyneighbors.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
api.promptagreement.com	unknown	2023-08-10	2023-08-10	2025-03-16	6.6 kB	16 kB	35.186.235.168
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-03-19	1.1 kB	33 kB	142.250.74.35
sync_events.atsptp.com	unknown	2020-02-13	2021-04-17	2025-03-18	515 B	722 B	66.254.114.220
promptagreement.com	unknown	2023-08-10	2023-08-10	2025-03-16	1.0 kB	145 kB	35.186.235.168
ad.twinrdengine.com	unknown	2023-06-07	2024-01-20	2025-03-17	934 B	344 B	34.111.67.216
sync.atsptp.com	149115	2020-02-13	2020-06-17	2025-03-20	1.6 kB	2.0 kB	66.254.114.220
tsyndicate.com	13042	2017-03-08	2017-03-16	2025-03-21	495 B	587 B	144.76.197.134
www.newnaughtyneighbors.com	unknown	2023-01-20	2023-01-24	2025-03-07	9.8 kB	1.5 MB	34.149.50.112
www.google.com	7	1997-09-15	2015-05-10	2025-03-19	1.9 kB	77 kB	142.250.74.68
hw-cdn2.adtng.com	11917	2018-07-20	2020-02-20	2025-03-19	447 B	55 kB	151.101.195.52
www.gstatic.com	unknown	2008-02-11	2012-05-29	2025-03-19	2.4 kB	1.8 MB	142.250.74.99
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-03-19	1.0 kB	643 kB	142.250.178.40

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed
2025-03-23	medium	newnaughtyneighbors.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (26)

	URL	From	Size	First Seen	Last Seen
	www.newnaughtyneighbors.com/landers/media-registry.js	ScriptElement	140 kB	2025-03-18	2025-03-29
Pretty URL www.newnaughtyneighbors.com/landers/media-registry.js IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-18 13:02 Last Seen2025-03-29 18:45 Times Seen5 Hash 66c14899b2a28f0b7fafbe62d8773716 231b37ae5fc3470c28f6edc70a48bd0d4e69a843 f23d8f82fb360c48e0e53ed8a3fc45ca105cb4fb4a0a0cda3b8e9ed0d8adde18 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe	ScriptElement	75 B	2023-03-07	2025-06-05
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe IP 142.250.74.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-06-05 18:32 Times Seen15735 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe	Eval	21 kB	2025-03-23	2025-03-23
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe IP 142.250.74.68 ASN #15169 GOOGLE Introduced by eval Embedded in HTML false Observations First Seen2025-03-23 22:16 Last Seen2025-03-23 22:16 Times Seen1 Hash 1aa1f056f3934dbcf0f806e168df49d3 dccd9b62709464f74c61a7a9d6198bb3bcbac150 5dac0964c547bb4b2ecac98136596138e144cc08e50dee467fef590dabb5b135 Loading...

	www.newnaughtyneighbors.com/landers/js/ad-provider.js	ScriptElement	1.0 kB	2025-02-06	2025-03-29
Pretty URL www.newnaughtyneighbors.com/landers/js/ad-provider.js IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-06 09:53 Last Seen2025-03-29 18:45 Times Seen34 Hash b68269b025edb9fa72e391aaa13d85d7 9e105918bef3ab13256ca98aa005aa93b71ea6ad b253733dc8d5cb9119ed8664de07d39856943f1274a33acec7f4d8717c8e5478 Loading...

	www.newnaughtyneighbors.com/landing110	ScriptElement	3.4 kB	2024-06-06	2025-04-03
Pretty URL www.newnaughtyneighbors.com/landing110 IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-06-06 19:28 Last Seen2025-04-03 09:41 Times Seen283 Hash 7d18835855854492d106bd3e7806d18c ac8b0c7e32dcdac3093b29923b00245ee8aa76b8 6d62c7c4d763af6d4088107d2523611f8d241d703c065aa8231df5730100eb10 Loading...

	www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s	ScriptElement	1.1 kB	2025-03-23	2025-03-26
Pretty URL www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s IP 142.250.74.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-23 22:16 Last Seen2025-03-26 08:55 Times Seen2 Hash 25aa1dfa8e6f82ec114626b6a9f511f4 9aa933f3fe3bfac7b3a56810e8fe34b9d8b5d4ba 8282178efc4ad19d9fde1c061abdfc948d506d5de6dfd809d3d6dfd6c5992641 Loading...

	www.newnaughtyneighbors.com/landing110	ScriptElement	214 B	2024-06-06	2025-06-05
Pretty URL www.newnaughtyneighbors.com/landing110 IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-06-06 19:28 Last Seen2025-06-05 17:13 Times Seen309 Hash 6fe51bf5bdf9cb4d47a750f9d341ca7a 8049673666fecc9b492f92676dfdf905fa8809ef 810adf302af0867a0b59481d32b448d138b915c8dc66e5628f9475ec70e27d04 Loading...

	www.newnaughtyneighbors.com/landing110	ScriptElement	147 B	2023-03-07	2025-04-11
Pretty URL www.newnaughtyneighbors.com/landing110 IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-04-11 13:51 Times Seen943 Hash b85aa80cb826211a36318337793411db e34920a6965fb7b9102be2dcde8ae363e4355686 e4de3377c03566f32b347f14973f5e998466e585c9bbd27f7dc9099ecf77e7a2 Loading...

	www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c&gtm=45He53j1h1v9103010110za200&tag_exp=102482433~102696397~102788824~102803279~102813109	ScriptElement	338 kB	2025-03-23	2025-03-23
Pretty URL www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c&gtm=45He53j1h1v9103010110za200&tag_exp=102482433~102696397~102788824~102803279~102813109 IP 142.250.178.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-23 22:16 Last Seen2025-03-23 22:16 Times Seen1 Hash c482ad756df40243f828651cdbf15fa5 60d3211dac85c80a94370dc88ac683954ed57acc 9c754b80fb024aaf6d21525ea0a3373f7b6cb934e09fd257c2e6d683944ab57e Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe	Eval	22 B	2025-03-23	2025-03-24
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe IP 142.250.74.68 ASN #15169 GOOGLE Introduced by eval Embedded in HTML false Observations First Seen2025-03-23 07:15 Last Seen2025-03-24 22:39 Times Seen301 Hash a67429d1521ec16fb0e33c11acbf7d9b c9bb402b78f61339f0a219e6e93a0bff07655a9b ec5ba870b03cd4d742739ecad4d957967cb5364b08857822b020c36a294f698c Loading...

	www.newnaughtyneighbors.com/landing110	ScriptElement	6.7 kB	2025-03-23	2025-03-23
Pretty URL www.newnaughtyneighbors.com/landing110 IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:16 Last Seen2025-03-23 22:16 Times Seen1 Hash 16b37c61b8c0b3d6ddd0e9bca6e98f0e 615f97399bf9f445e40ead663888d25b7fe3733b 58ccb3c166e17b9b33ead708cae604852923bd02212f48375ec98ea8f1e32b54 Loading...

	www.newnaughtyneighbors.com/landing110	ScriptElement	103 B	2023-03-07	2025-06-05
Pretty URL www.newnaughtyneighbors.com/landing110 IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-06-05 17:13 Times Seen545 Hash b375c74456053411ec5414e21ecf870f 00a6b32dd64dbf1470f439ce9fa89c712500eebc a200a9bc6b415237c4571f14eb0eaa8f0f0fcfcd7eeafa8860441a805e4a144f Loading...

	www.newnaughtyneighbors.com/landers/js/vendor.js	ScriptElement	124 kB	2025-03-14	2025-03-29
Pretty URL www.newnaughtyneighbors.com/landers/js/vendor.js IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-14 06:00 Last Seen2025-03-29 18:45 Times Seen12 Hash 716036632abed76fb0cd90c5a3ad6ebf a0e17b9de97ec4903e9f8391ce8b2ccc914bc6f6 4acfef58734e53f978d68aacce920bde56f7ec3fe34150f2bca44570bf183537 Loading...

	www.newnaughtyneighbors.com/landers/js/landing110.js	ScriptElement	67 kB	2025-03-23	2025-03-28
Pretty URL www.newnaughtyneighbors.com/landers/js/landing110.js IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-23 22:16 Last Seen2025-03-28 18:59 Times Seen2 Hash 15dd3ec06818f8a4bd75ed1886a7174e 98a8cf1a8aa9a5194be69993d882eac52dcb1f42 23b8d9136484718370ab07ce8a2727fa1cb51db512ffeae4030e2796b80a8fbe Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB	ScriptElement	303 kB	2025-03-23	2025-03-23
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB IP 142.250.178.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-23 22:16 Last Seen2025-03-23 22:16 Times Seen1 Hash 09bec7e4665c23b8f77b1b1b398b51a0 d0a15b6c4a834a9e4f63461e915d7fd02b1de5cc 49013feabb521b78314833032952f8dcc15ee4937d66c9e24c2292b99c383876 Loading...

	www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js	ScriptElement	561 kB	2025-03-21	2025-05-30
Pretty URL www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-21 08:51 Last Seen2025-05-30 08:13 Times Seen1895 Hash 9c6c8c06f33f695b719b0e47a8dd51bb 7fc1fefa8f38192b257e903331b731e5d931a579 e7fc4a5f9f016995a6440b6cea0bf78ad727eb72ed69c98787979275c1d676a1 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe	Eval	64 B	2025-03-23	2025-03-24
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe IP 142.250.74.68 ASN #15169 GOOGLE Introduced by eval Embedded in HTML false Observations First Seen2025-03-23 07:15 Last Seen2025-03-24 22:39 Times Seen301 Hash d2d9e3a18b59918683025f451badb2f3 e69151cd41c588df85a788f0b32e462b57713962 dff4ae8bbeb8147e5d5ead674137fe55579a3b8a10201772e20aedaebceeb05d Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe	Eval	22 B	2025-03-23	2025-03-24
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe IP 142.250.74.68 ASN #15169 GOOGLE Introduced by eval Embedded in HTML false Observations First Seen2025-03-23 07:15 Last Seen2025-03-24 22:39 Times Seen301 Hash c1f6ba9561f41de3ee29a4ae181d77d7 69a10d48951305958cd9bb2b8a75c90b738481d3 fe5057a309f6be07082678ee9ae064b1c65d02ff5acba3423ea5230e8d091469 Loading...

	www.newnaughtyneighbors.com/landing110	ScriptElement	922 B	2024-11-14	2025-06-04
Pretty URL www.newnaughtyneighbors.com/landing110 IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-11-14 14:17 Last Seen2025-06-04 16:43 Times Seen67 Hash 909426d7f34fa8bb06daf6761e618100 c0500ebe7822c34e1077091a8513855e65988e37 8ceb26fa784bec10e13dbfc9fab75aa73259695ae27162542095bdc2399b5931 Loading...

	www.newnaughtyneighbors.com/landing110	ScriptElement	308 B	2023-03-07	2025-06-05
Pretty URL www.newnaughtyneighbors.com/landing110 IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-06-05 17:13 Times Seen912 Hash 8a81377a647bdea836809865c62d171b dd72dda89aacfe74746d2c73421ea55a23ab313d 9c7aa944eeb31b5765d0c1674cdc445dff6dd572a6fe897f6d5137ce181d44a9 Loading...

	hw-cdn2.adtng.com/delivery/idsync/idsync.min.js	ScriptElement	54 kB	2024-09-12	2025-05-20
Pretty URL hw-cdn2.adtng.com/delivery/idsync/idsync.min.js IP 151.101.195.52 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-12 18:10 Last Seen2025-05-20 02:13 Times Seen268 Hash c399d8d55dff5d2dbf33ea7e45ea55a4 c3f1e35cb6c37a1a42268fe6cae3f1bcdd6d6ca4 8ff33c835b2be228b9292f1280f3bfa336a376cbf2903bf80b8f3142e56c44ae Loading...

	www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js	ScriptElement	561 kB	2025-03-21	2025-05-30
Pretty URL www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-21 08:51 Last Seen2025-05-30 08:13 Times Seen1895 Hash 9c6c8c06f33f695b719b0e47a8dd51bb 7fc1fefa8f38192b257e903331b731e5d931a579 e7fc4a5f9f016995a6440b6cea0bf78ad727eb72ed69c98787979275c1d676a1 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe	ScriptElement	64 kB	2025-03-23	2025-03-23
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe IP 142.250.74.68 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-23 22:16 Last Seen2025-03-23 22:16 Times Seen1 Hash 2640c948c3aaf68bf4a0cefcdc805643 4922b7e985e7bdf743f2bf4d73b007e0e7f5d513 f6240db1620e0de2ded7cfa08c4421c9828075785939eb4fa5fa027cee0255c4 Loading...

	www.newnaughtyneighbors.com/landing110	ScriptElement	210 B	2024-08-13	2025-06-05
Pretty URL www.newnaughtyneighbors.com/landing110 IP 34.149.50.112 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-13 18:45 Last Seen2025-06-05 17:13 Times Seen194 Hash 200bd03b464a4ae1fe383e8c16142d5c 2d34e27e72f22c64a622da1c7d102f33782b28b1 19bd20a3b29e26bd9b425415715dc9d02ca11b1f2cb9b42190a07994a35570d3 Loading...

	promptagreement.com/cc.js?wId=7GcdhlmZfQIMUuuqTNmIvo&domain=newnaughtyneighbors.com&languageCode=en&languageTerritory=US&sessionId=e5f72a6999cf41ee90cdd2731ac6d79d	ScriptElement	120 kB	2025-03-23	2025-03-23
Pretty URL promptagreement.com/cc.js?wId=7GcdhlmZfQIMUuuqTNmIvo&domain=newnaughtyneighbors.com&languageCode=en&languageTerritory=US&sessionId=e5f72a6999cf41ee90cdd2731ac6d79d IP 35.186.235.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-23 22:16 Last Seen2025-03-23 22:16 Times Seen1 Hash fd0eb2b619ad97e4005710e89bbe6860 b62e060314141602274d933dd8b56a13e9d02296 f588ffd0efd96c836beeefbe9b4f0b3352b2f6e3e6650d0a29b4a50f000ee161 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe	Eval	19 kB	2025-03-23	2025-03-24
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe IP 142.250.74.68 ASN #15169 GOOGLE Introduced by eval Embedded in HTML false Observations First Seen2025-03-23 07:15 Last Seen2025-03-24 22:39 Times Seen301 Hash 9da6228731b4a4065b7e3aca85723251 392008b22b16343697dc2ee8c77fbbc666ba06be 79054940273466276f2bb822357732ff6afbf9311453a09e31dfc161ab2e1fad Loading...

HTTP Transactions (53)

URL IP Response Size

www.newnaughtyneighbors.com/favicon/favicon.ico

34.149.50.112

200 OK

15 kB

URL GET
www.newnaughtyneighbors.com/favicon/favicon.ico
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15086 bytes)
Hash
aa38e8b1001c13573f535cd4ee400dcf
ed61ce9507707e48dae6d2b282c608ef2b7062f3
6b033a5d33e8db6c835578dff47cceec9eb3329a0bcf2f5b4f3251cb35beab74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon/favicon.ico HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:32 GMT
server: Apache/2.4.58 (Ubuntu)
vary: X-Forwarded-Proto
last-modified: Sun, 23 Mar 2025 12:12:17 GMT
etag: "3aee-63101660c6e23"
accept-ranges: bytes
content-length: 15086
x-ua-compatible: IE=edge,chrome=1
content-type: image/vnd.microsoft.icon
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.newnaughtyneighbors.com/landers/images/landing110/default/default/01.webp?geo=us

34.149.50.112

200 OK

83 kB

URL GET
www.newnaughtyneighbors.com/landers/images/landing110/default/default/01.webp?geo=us
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
RIFF (little-endian) data, Web/P image
Size
83 kB (82572 bytes)
Hash
cbf6154ba2a8af8f017cd1b4d8ee9b67
b9e4cb1574897c20a0affea2aeacd97b311be0d7
c0eb54455f396152f1e95b4ec1628c58cdefea416ff612797834cfed7c4505f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/images/landing110/default/default/01.webp?geo=us HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/landing110
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 20:27:21 GMT
server: nginx/1.14.2
content-type: image/webp
content-length: 82572
last-modified: Fri, 21 Mar 2025 09:18:35 GMT
etag: "67dd2eeb-1428c"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 32649428 32138515
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI

142.250.74.68

200 OK

102 B

URL GET
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2
ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
338d2b4b23bc8440059813e17edb4708
30edf24dfe0a845a566e1221d6770c6f8e4e04be
9be5fcdaabc32295abaa67c5565b9cab7bd8dcce77e59d84bdf8818683ba998e

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
expires: Sun, 23 Mar 2025 22:16:34 GMT
date: Sun, 23 Mar 2025 22:16:34 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: same-site
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.promptagreement.com/consent/confirmExplicit

35.186.235.168

200 OK

0 B

URL OPTIONS
api.promptagreement.com/consent/confirmExplicit
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/confirmExplicit HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.newnaughtyneighbors.com/
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:36 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
content-length: 0
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.newnaughtyneighbors.com/landers/images/landing110/default/default/slide02.webp?geo=us

34.149.50.112

200 OK

311 kB

URL GET
www.newnaughtyneighbors.com/landers/images/landing110/default/default/slide02.webp?geo=us
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1678x1049, Scaling: [none]x[none], YUV color, decoders should clamp
Size
311 kB (310912 bytes)
Hash
8ad56f094209e0eebc0a922ad78091c4
d032aeff6f7ee4ecb0c9949f5a957946254e5cff
591cd6b1091fd08df04f4099bb381cb0a729f89555df3e9836153dc622237cff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/images/landing110/default/default/slide02.webp?geo=us HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/landing110
Cookie: _ga_QXFHHE16V3=GS1.1.1742768194.1.0.1742768194.0.0.0; _ga=GA1.1.1044846413.1742768194; d_fs=1; d_uid=0296be31-cf86-a066-0a45-470c665af387; d_uidb=0296be31-cf86-a066-0a45-470c665af387
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:32 GMT
server: nginx/1.14.2
content-type: image/webp
content-length: 310912
last-modified: Fri, 21 Mar 2025 09:18:35 GMT
etag: "67dd2eeb-4be80"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 40459538 40864643
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

www.newnaughtyneighbors.com/landers/images/landing110/default/default/slide03.webp?geo=us

34.149.50.112

200 OK

126 kB

URL GET
www.newnaughtyneighbors.com/landers/images/landing110/default/default/slide03.webp?geo=us
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1678x1049, Scaling: [none]x[none], YUV color, decoders should clamp
Size
126 kB (125604 bytes)
Hash
44f61cac74912ab201b798195e08396f
53cc892db8b9fa032360dd1b4022873d89704ca1
f907f7f65b4515f83823641bfc25581ba90d933fdfdc6d35cf54eef67a3e6dc3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/images/landing110/default/default/slide03.webp?geo=us HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/landing110
Cookie: _ga_QXFHHE16V3=GS1.1.1742768194.1.0.1742768194.0.0.0; _ga=GA1.1.1044846413.1742768194; d_fs=1; d_uid=0296be31-cf86-a066-0a45-470c665af387; d_uidb=0296be31-cf86-a066-0a45-470c665af387
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:43 GMT
server: nginx/1.14.2
content-type: image/webp
content-length: 125604
last-modified: Fri, 21 Mar 2025 09:18:35 GMT
etag: "67dd2eeb-1eaa4"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 33230070
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

hw-cdn2.adtng.com/delivery/idsync/idsync.min.js

151.101.195.52

200 OK

54 kB

URL GET
hw-cdn2.adtng.com/delivery/idsync/idsync.min.js
IP
151.101.195.52:443
ASN
#54113 FASTLY

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerDigiCert Inc
Subject*.adtng.com
FingerprintA0:85:C8:44:12:04:52:CF:65:82:4D:57:C1:30:0B:3B:03:EA:95:44
ValidityTue, 25 Jun 2024 00:00:00 GMT - Sat, 26 Jul 2025 23:59:59 GMT

File type

Size
54 kB (54229 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /delivery/idsync/idsync.min.js HTTP/1.1
Host: hw-cdn2.adtng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty/1.19.9.1
content-type: application/javascript
last-modified: Thu, 12 Sep 2024 14:15:51 GMT
etag: "d3d5-621ecbe747e31"
expires: Fri, 25 Apr 2025 15:29:59 GMT
cache-control: max-age=10626767, stale-while-revalidate=86400, stale-if-error=86400
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 23 Mar 2025 22:16:32 GMT
age: 4738420
x-served-by: cache-ams2100142-AMS, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 63, 7578
x-timer: S1742768192.404847,VS0,VE0
access-control-allow-origin: *
content-length: 54229
X-Firefox-Spdy: h2

api.promptagreement.com/consent/collector

35.186.235.168

200 OK

5.0 kB

URL POST
api.promptagreement.com/consent/collector
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type
ASCII text, with very long lines (5496), with no line terminators
Size
5.0 kB (4956 bytes)
Hash
6f20277ee8fb211c7e4264dbab350f2e
19aab9baba32cebb089f6e503fa918982af57c59
7a6b1556856723a6a6bcf7f1e860c28bba95bf00e37a66acb7ead03a0533ad7c

HTTP Headers

POST /consent/collector HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 169
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:16:33 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
content-length: 4956
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.newnaughtyneighbors.com/img/logo.png

34.149.50.112

200 OK

14 kB

URL GET
www.newnaughtyneighbors.com/img/logo.png
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
PNG image data, 300 x 110, 8-bit/color RGBA, non-interlaced
Size
14 kB (13552 bytes)
Hash
4933fdac1233b779d8dd1e9a3631efab
9fe8f4ddc4566c7453f4bb7480bddc46839a327d
025a94f1dd028e39ec59fe168afcc749ef5b5737ade1b27a2ac38ed791379cda

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:32 GMT
server: Apache/2.4.58 (Ubuntu)
vary: X-Forwarded-Proto
last-modified: Sun, 23 Mar 2025 13:14:39 GMT
etag: "34f0-6310245224a6f"
accept-ranges: bytes
content-length: 13552
x-ua-compatible: IE=edge,chrome=1
content-type: image/png
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js

142.250.74.99

200 OK

561 kB

URL GET
www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type

Size
561 kB (560963 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220514
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Mar 2025 08:50:15 GMT
expires: Sun, 22 Mar 2026 08:50:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 17 Mar 2025 04:01:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 134778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL GET
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Mar 2025 09:35:39 GMT
expires: Fri, 20 Mar 2026 09:35:39 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 304855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.newnaughtyneighbors.com/landers/images/loader/loading.webp

34.149.50.112

200 OK

1.1 kB

URL GET
www.newnaughtyneighbors.com/landers/images/loader/loading.webp
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.1 kB (1054 bytes)
Hash
32e9921a6e2174afbf4451c49adf1d4d
f13214fa19e26a9210f0d237d39533c35eaa184d
6a3e1b9c1e7f8766d521750f974dc78fe5ae55174d54c2eebbbe510c5887250e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/images/loader/loading.webp HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 10:39:53 GMT
server: nginx/1.14.2
content-type: image/webp
content-length: 1054
last-modified: Fri, 21 Mar 2025 09:18:35 GMT
etag: "67dd2eeb-41e"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 33012685 31377549
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

api.promptagreement.com/consent/collector

35.186.235.168

200 OK

0 B

URL OPTIONS
api.promptagreement.com/consent/collector
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/collector HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.newnaughtyneighbors.com/
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:34 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
content-length: 0
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.promptagreement.com/consent/confirmExplicit

35.186.235.168

200 OK

0 B

URL POST
api.promptagreement.com/consent/confirmExplicit
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /consent/confirmExplicit HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 494
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:36 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
content-length: 0
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.newnaughtyneighbors.com/landers/images/landing110/default/default/02.webp?geo=us

34.149.50.112

200 OK

199 kB

URL GET
www.newnaughtyneighbors.com/landers/images/landing110/default/default/02.webp?geo=us
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
RIFF (little-endian) data, Web/P image
Size
199 kB (199128 bytes)
Hash
b3722b6b49163222ca80bd539bf54a30
fbd5478b3de3c8fb7bce4a35b45fe3c577caaca4
e84334c858b52fb05e8c69a0c2b4aab78a15ae725a497bafa8364583ab21f954

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/images/landing110/default/default/02.webp?geo=us HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/landing110
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:33 GMT
server: nginx/1.14.2
content-type: image/webp
content-length: 199128
last-modified: Fri, 21 Mar 2025 09:18:35 GMT
etag: "67dd2eeb-309d8"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 32521429
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

api.promptagreement.com/consent/load

35.186.235.168

200 OK

702 B

URL POST
api.promptagreement.com/consent/load
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (760), with no line terminators
Size
702 B (702 bytes)
Hash
1de8ed155778366086dfd3fa99897f4b
467465bf20010669461fc8d26dc24673e5a86267
4f2a63f87dd4d3dc87f14775a842f90235fe8928be06c744cf325813b083ca06

HTTP Headers

POST /consent/load HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 190
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:35 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
content-length: 702
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.newnaughtyneighbors.com/landers/css/fontawesome-all.min.css

34.149.50.112

200 OK

52 kB

URL GET
www.newnaughtyneighbors.com/landers/css/fontawesome-all.min.css
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
ASCII text, with very long lines (51425)
Size
52 kB (51568 bytes)
Hash
a954e78371616c5b3b924fc9e83aa9b4
14912f17e86aa3d4d12c94b91646ddaac2ae0862
5986f251d278ae72106ef1d7302798a2e14f69a4d35b80087b9e61905a15e75e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/css/fontawesome-all.min.css HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 10:40:34 GMT
server: nginx/1.14.2
last-modified: Fri, 21 Mar 2025 09:18:34 GMT
etag: "67dd2eea-c970"
content-type: text/css
content-encoding: gzip
vary: Accept-Encoding
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 40171361 39290549
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

sync_events.atsptp.com/p/e

66.254.114.220

200 OK

8 B

URL POST
sync_events.atsptp.com/p/e
IP
66.254.114.220:443
ASN
#29789 REFLECTED

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerLet's Encrypt
Subjectatsptp.com
Fingerprint24:58:9F:1F:B6:B5:0F:10:1F:7F:41:6F:ED:C7:64:47:AB:08:61:1C
ValidityFri, 07 Feb 2025 21:42:07 GMT - Thu, 08 May 2025 21:42:06 GMT

File type
ASCII text, with no line terminators
Size
8 B (8 bytes)
Hash
c5946eb9400717fd6f40e26e36cdb498
38428a698ab1222540680e7ab78e1d739e9afd1c
318c5ad51e9b36ff5924ae323dd59031245413a3e0f2aa3e03cc42902e9e7acc

HTTP Headers

POST /p/e HTTP/1.1
Host: sync_events.atsptp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 516
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-origin: https://www.newnaughtyneighbors.com
set-cookie: d_uidb=0296be31-cf86-a066-0a45-470c665af387
date: Sun, 23 Mar 2025 22:16:35 GMT
content-type: application/json
content-length: 8
x-trace: 2BA09CD5AD47212DB8AB7D37C74066DE492D23DB12000000000000000000
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/styles__ltr.css

142.250.74.99

200 OK

79 kB

URL GET
www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
79 kB (78627 bytes)
Hash
018091787dddee5a6875f94365cf788f
6067d5b8ab62b31fcaf4889de51c1d66e84c4ae7
ad13459d8bc3401ceb6e2ac3062fc1c48ea7ed6058e63f4e643f1a83b9d4c3cb

HTTP Headers

GET /recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 42056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Mar 2025 11:13:01 GMT
expires: Sat, 21 Mar 2026 11:13:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 17 Mar 2025 04:01:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 212612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.promptagreement.com/consent/load

35.186.235.168

200 OK

0 B

URL OPTIONS
api.promptagreement.com/consent/load
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/load HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.newnaughtyneighbors.com/
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:34 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
content-length: 0
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.promptagreement.com/consent/loadSegment

35.186.235.168

200 OK

377 B

URL POST
api.promptagreement.com/consent/loadSegment
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type
HTML document, ASCII text, with very long lines (405), with no line terminators
Size
377 B (377 bytes)
Hash
00b04fd7088d8501e0bac5a0028e0b8c
10c4e21728bab1cd60408514ae14e45227d6622e
a621de819140483949bd5a8e6f0d307d3c3a64cc2b628b035e8760fe9c1fd48b

HTTP Headers

POST /consent/loadSegment HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 225
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:35 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
content-length: 377
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.newnaughtyneighbors.com/landers/images/general/yahoo-logo.svg

34.149.50.112

200 OK

587 B

URL GET
www.newnaughtyneighbors.com/landers/images/general/yahoo-logo.svg
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
SVG Scalable Vector Graphics image
Size
587 B (587 bytes)
Hash
5041abcef1405ec6c45c3244b9aef599
749ac87399c8f3bdc18157c1d982a95ba0ba0116
6bc4e4b2cbb6e0e739a97b65ac5abbf8ddeb06c969539cdf7132529aabbc8f59

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/images/general/yahoo-logo.svg HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 10:46:23 GMT
server: nginx/1.14.2
last-modified: Fri, 21 Mar 2025 09:18:34 GMT
etag: "67dd2eea-24b"
content-type: image/svg+xml
content-length: 587
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 33230010 31563346
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

promptagreement.com/cc.css

35.186.235.168

200 OK

24 kB

URL GET
promptagreement.com/cc.css
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type
assembler source, ASCII text
Size
24 kB (24232 bytes)
Hash
ca886767d5395cccb7dfb8620b836994
bab0a8dbd834f41ee5f5c8f60611c1436a1bf631
609cd9b4c6bca52121089a59922f3cf45504d53ed82e4ad8144d403c3ac87359

HTTP Headers

GET /cc.css HTTP/1.1
Host: promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:34 GMT
server: Apache/2.4.18 (Ubuntu)
last-modified: Thu, 09 May 2019 11:16:28 GMT
etag: "5ea8-5887294d47067-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3808
content-type: text/css
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.promptagreement.com/consent/collector

35.186.235.168

200 OK

0 B

URL OPTIONS
api.promptagreement.com/consent/collector
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/collector HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.newnaughtyneighbors.com/
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:16:33 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
content-length: 0
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB

142.250.178.40

200 OK

303 kB

URL GET
www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB
IP
142.250.178.40:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D
ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT

File type
JavaScript source, ASCII text, with very long lines (4922)
Size
303 kB (303098 bytes)
Hash
09bec7e4665c23b8f77b1b1b398b51a0
d0a15b6c4a834a9e4f63461e915d7fd02b1de5cc
49013feabb521b78314833032952f8dcc15ee4937d66c9e24c2292b99c383876

HTTP Headers

GET /gtm.js?id=GTM-KBRH6NB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 23 Mar 2025 22:16:33 GMT
expires: Sun, 23 Mar 2025 22:16:33 GMT
cache-control: private, max-age=900
last-modified: Sun, 23 Mar 2025 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1262:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1262:0
report-to: {"group":"ascgcycc:1262:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1262:0"}],}
server: Google Tag Manager
content-length: 101993
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.newnaughtyneighbors.com/landers/images/landing110/default/default/slide01.webp?geo=us

34.149.50.112

200 OK

70 kB

URL GET
www.newnaughtyneighbors.com/landers/images/landing110/default/default/slide01.webp?geo=us
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1678x1049, Scaling: [none]x[none], YUV color, decoders should clamp
Size
70 kB (69718 bytes)
Hash
b62477b97394721323c67e508de81b86
8b68a455c9160d50c5c3d73db4c2b4b46b35a85b
a598b1c6fc5d15424aa161a55861b23543b9f18dca2c875ad5bf7c26621b0a30

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/images/landing110/default/default/slide01.webp?geo=us HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/landing110
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:33 GMT
server: nginx/1.14.2
content-type: image/webp
content-length: 69718
last-modified: Fri, 21 Mar 2025 09:18:35 GMT
etag: "67dd2eeb-11056"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 33263397
age: 0
x-cache: MISS
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

www.newnaughtyneighbors.com/landers/js/ad-provider.js

34.149.50.112

200 OK

1.0 kB

URL GET
www.newnaughtyneighbors.com/landers/js/ad-provider.js
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
ASCII text, with very long lines (1036), with no line terminators
Size
1.0 kB (1019 bytes)
Hash
d539cc425f8b724a898777fc541a6d11
d1de21f23bb6c4f21cca004a3e971c1e2a13f1e1
ff6f9a097fd3a1bed01606bdac56ba17627af33b7666dad0bb3484eb26be5aa1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/js/ad-provider.js HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 10:40:34 GMT
server: nginx/1.14.2
content-type: application/javascript
last-modified: Fri, 21 Mar 2025 09:18:45 GMT
etag: "67dd2ef5-3fb-gzip"
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 32499511 31168660
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-encoding: gzip
content-length: 513
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

api.promptagreement.com/consent/collector

35.186.235.168

200 OK

5.0 kB

URL POST
api.promptagreement.com/consent/collector
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type
ASCII text, with very long lines (5496), with no line terminators
Size
5.0 kB (4956 bytes)
Hash
6f20277ee8fb211c7e4264dbab350f2e
19aab9baba32cebb089f6e503fa918982af57c59
7a6b1556856723a6a6bcf7f1e860c28bba95bf00e37a66acb7ead03a0533ad7c

HTTP Headers

POST /consent/collector HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 169
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:34 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
content-length: 4956
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

api.promptagreement.com/consent/loadSegment

35.186.235.168

200 OK

0 B

URL OPTIONS
api.promptagreement.com/consent/loadSegment
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/loadSegment HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.newnaughtyneighbors.com/
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:35 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
content-length: 0
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.newnaughtyneighbors.com/landers/translations/en-us2.json

34.149.50.112

200 OK

180 kB

URL GET
www.newnaughtyneighbors.com/landers/translations/en-us2.json
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type

Size
180 kB (180546 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/translations/en-us2.json HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 21:27:48 GMT
server: nginx/1.14.2
content-length: 180546
x-guploader-uploadid: AKDAyIv0qpQfhZiQTkvRZ4EkOC05tbQeH4HpDeXImvPCuzTNFiWYNkkkLkIp09sGa-PmIVnA-yJSFv8
x-goog-generation: 1741856358351485
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 180546
x-goog-hash: crc32c=vmrbsw==, md5=XotiIS5hWFu+S80O5cCY3Q==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
age: 2925
last-modified: Thu, 13 Mar 2025 08:59:18 GMT
etag: "5e8b62212e61585bbe4bcd0ee5c098dd"
content-type: application/json
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google, 1.1 google

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.99

200 OK

2.2 kB

URL GET
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Mar 2025 09:12:16 GMT
expires: Thu, 27 Mar 2025 09:12:16 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 306258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js

142.250.74.99

200 OK

561 kB

URL GET
www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type

Size
561 kB (560963 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220514
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Mar 2025 08:50:15 GMT
expires: Sun, 22 Mar 2026 08:50:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 17 Mar 2025 04:01:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 134779
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s

142.250.74.68

200 OK

1.1 kB

URL GET
www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectwww.google.com
Fingerprint2F:CC:05:C5:14:C4:CD:A4:26:05:31:F9:67:40:7C:D3:39:74:34:0C
ValidityMon, 10 Mar 2025 08:37:46 GMT - Mon, 02 Jun 2025 08:37:45 GMT

File type
JavaScript source, ASCII text, with very long lines (1094), with no line terminators
Size
1.1 kB (1094 bytes)
Hash
25aa1dfa8e6f82ec114626b6a9f511f4
9aa933f3fe3bfac7b3a56810e8fe34b9d8b5d4ba
8282178efc4ad19d9fde1c061abdfc948d506d5de6dfd809d3d6dfd6c5992641

HTTP Headers

GET /recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 23 Mar 2025 22:16:32 GMT
date: Sun, 23 Mar 2025 22:16:32 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ad.twinrdengine.com/beh.engine?b=551&o=1&x=&s=

34.111.67.216

200 OK

0 B

URL GET
ad.twinrdengine.com/beh.engine?b=551&o=1&x=&s=
IP
34.111.67.216:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectad.twinrdengine.com
FingerprintDE:35:A7:C0:09:93:1C:9B:9B:78:65:01:E7:BF:62:EE:1D:22:6E:23
ValidityThu, 06 Mar 2025 06:53:18 GMT - Wed, 04 Jun 2025 07:49:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /beh.engine?b=551&o=1&x=&s= HTTP/1.1
Host: ad.twinrdengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
via: 1.1 google
date: Sun, 23 Mar 2025 22:16:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js

142.250.74.99

200 OK

561 kB

URL GET
www.gstatic.com/recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type

Size
561 kB (560963 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/bUO1BXI8H9PgjAPSW9hwuSeI/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
timing-allow-origin: *
content-length: 220514
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Mar 2025 08:50:15 GMT
expires: Sun, 22 Mar 2026 08:50:15 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 17 Mar 2025 04:01:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 134777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe

142.250.74.68

200 OK

73 kB

URL GET
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe
IP
142.250.74.68:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subject*.google.com
FingerprintB5:4D:C5:27:B4:49:22:F3:21:DF:88:3D:E6:05:D6:A1:02:98:C7:E2
ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT

File type
HTML document, ASCII text, with very long lines (56618)
Size
73 kB (73031 bytes)
Hash
02edd3e203c8c32e0e86573a11fd936c
6714da902cd6491d9801271ea0be6b60d475e7b0
4d3e3d732cb1071778d4b17feb2a6202b3decd6470cb45547ae8639d9598d903

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}, {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 23 Mar 2025 22:16:33 GMT
content-security-policy: script-src 'nonce-Mje0_nXqvs5AbMzh9-UnxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sync.atsptp.com/d/jsfp/554e85fb36c8bae39f4be57f5afc87e0

66.254.114.220

200 OK

36 B

URL GET
sync.atsptp.com/d/jsfp/554e85fb36c8bae39f4be57f5afc87e0
IP
66.254.114.220:443
ASN
#29789 REFLECTED

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerLet's Encrypt
Subjectatsptp.com
Fingerprint24:58:9F:1F:B6:B5:0F:10:1F:7F:41:6F:ED:C7:64:47:AB:08:61:1C
ValidityFri, 07 Feb 2025 21:42:07 GMT - Thu, 08 May 2025 21:42:06 GMT

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
8d24124f86de5b37e77855d4d4faa835
072a8aaca95c621014f4b83f3158f7217982aa2c
445bc0502c9777ce6b74e72b2b244dbf58aeceed6aff8982aadbbee4202d41a9

HTTP Headers

GET /d/jsfp/554e85fb36c8bae39f4be57f5afc87e0 HTTP/1.1
Host: sync.atsptp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
set-cookie: d_uidb=0296be31-cf86-a066-0a45-470c665af387; Max-Age=31536000; Expires=Mon, 23 Mar 2026 22:16:35 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax
date: Sun, 23 Mar 2025 22:16:35 GMT
access-control-allow-origin: https://www.newnaughtyneighbors.com
vary: Origin
access-control-allow-credentials: true
content-type: text/plain
content-length: 36
x-trace: 2B3A079A074AAEBD205751F0D5538952FBB4803A63000000000000000000
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

api.promptagreement.com/consent/loadSegment

35.186.235.168

200 OK

394 B

URL POST
api.promptagreement.com/consent/loadSegment
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (416), with no line terminators
Size
394 B (394 bytes)
Hash
4e5fc4ed7200e1b07e534e98c478b9f3
e7a62cf3140ecd2c3f517077faeeafb7ce07f444
d1aa00b273a8be337ec18147124ad3bae3834f3f54b9d1711dd0f4502b39d29d

HTTP Headers

POST /consent/loadSegment HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 224
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:35 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
content-length: 394
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.newnaughtyneighbors.com/landers/css/landing110.css

34.149.50.112

200 OK

30 kB

URL GET
www.newnaughtyneighbors.com/landers/css/landing110.css
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
ASCII text
Size
30 kB (30330 bytes)
Hash
aa954912f7fa368f8900592ad79225ab
504e059762dc33caf28ab4eb2103a638caee9867
ce864ee1b09375c721a59aec84958fd75a76719a943d66a99b1438b50c557e38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/css/landing110.css HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 12:35:18 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: newnaughtyneighbors.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 34625754 38987097
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

tsyndicate.com/api/v2/retargeting/set/bff23756-21d2-46e2-8261-55d262650959

144.76.197.134

200 OK

43 B

URL GET
tsyndicate.com/api/v2/retargeting/set/bff23756-21d2-46e2-8261-55d262650959
IP
144.76.197.134:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerLet's Encrypt
Subjecttsyndicate.com
FingerprintDD:F4:01:F5:4B:E9:C1:58:A8:6C:99:A8:32:23:75:72:3B:76:00:F4
ValiditySat, 25 Jan 2025 00:07:38 GMT - Fri, 25 Apr 2025 00:07:37 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ba036c43037cfe89320d1ef7b64cd43f
88c72d3e26047eb1e45e5564a76427734f120efe
42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb

HTTP Headers

GET /api/v2/retargeting/set/bff23756-21d2-46e2-8261-55d262650959 HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 23 Mar 2025 22:16:32 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
set-cookie: ts_rt_bff23756-21d2-46e2-8261-55d262650959=AAMC; expires=Mon, 23 Mar 2026 22:16:32 GMT; path=/; HttpOnly; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
X-Firefox-Spdy: h2

www.newnaughtyneighbors.com/landers/js/vendor.js

34.149.50.112

200 OK

124 kB

URL GET
www.newnaughtyneighbors.com/landers/js/vendor.js
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type

Size
124 kB (123566 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/js/vendor.js HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 10:39:50 GMT
server: nginx/1.14.2
content-type: application/javascript
last-modified: Fri, 21 Mar 2025 09:18:45 GMT
etag: W/"67dd2ef5-1e2ae"
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 34625755 38888135
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL GET
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s&co=aHR0cHM6Ly93d3cubmV3bmF1Z2h0eW5laWdoYm9ycy5jb206NDQz&hl=en&v=bUO1BXI8H9PgjAPSW9hwuSeI&size=invisible&cb=b50k9nrjxkpe
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint63:D6:50:6F:98:C5:59:D1:5A:FF:9D:8D:C3:C1:04:A1:B9:1A:3E:6B
ValidityMon, 10 Mar 2025 08:37:01 GMT - Mon, 02 Jun 2025 08:37:00 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Mar 2025 09:18:45 GMT
expires: Fri, 20 Mar 2026 09:18:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 305869
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c&gtm=45He53j1h1v9103010110za200&tag_exp=102482433~102696397~102788824~102803279~102813109

142.250.178.40

200 OK

338 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c&gtm=45He53j1h1v9103010110za200&tag_exp=102482433~102696397~102788824~102803279~102813109
IP
142.250.178.40:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint16:BA:A3:B5:22:51:BB:87:46:7F:17:3F:9D:14:B3:35:F0:FE:B1:8D
ValidityMon, 10 Mar 2025 08:35:59 GMT - Mon, 02 Jun 2025 08:35:58 GMT

File type
JavaScript source, ASCII text, with very long lines (6055)
Size
338 kB (338121 bytes)
Hash
c482ad756df40243f828651cdbf15fa5
60d3211dac85c80a94370dc88ac683954ed57acc
9c754b80fb024aaf6d21525ea0a3373f7b6cb934e09fd257c2e6d683944ab57e

HTTP Headers

GET /gtag/js?id=G-QXFHHE16V3&l=dataLayer&cx=c&gtm=45He53j1h1v9103010110za200&tag_exp=102482433~102696397~102788824~102803279~102813109 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 23 Mar 2025 22:16:34 GMT
expires: Sun, 23 Mar 2025 22:16:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 115521
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

sync.atsptp.com/link/0296be31-cf86-a066-0a45-470c665af387/origin/a/oldd/0296be31-cf86-a066-0a45-470c665af387

66.254.114.220

200 OK

36 B

URL POST
sync.atsptp.com/link/0296be31-cf86-a066-0a45-470c665af387/origin/a/oldd/0296be31-cf86-a066-0a45-470c665af387
IP
66.254.114.220:443
ASN
#29789 REFLECTED

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerLet's Encrypt
Subjectatsptp.com
Fingerprint24:58:9F:1F:B6:B5:0F:10:1F:7F:41:6F:ED:C7:64:47:AB:08:61:1C
ValidityFri, 07 Feb 2025 21:42:07 GMT - Thu, 08 May 2025 21:42:06 GMT

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
8d24124f86de5b37e77855d4d4faa835
072a8aaca95c621014f4b83f3158f7217982aa2c
445bc0502c9777ce6b74e72b2b244dbf58aeceed6aff8982aadbbee4202d41a9

HTTP Headers

POST /link/0296be31-cf86-a066-0a45-470c665af387/origin/a/oldd/0296be31-cf86-a066-0a45-470c665af387 HTTP/1.1
Host: sync.atsptp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Content-Length: 144
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
set-cookie: d_uidb=0296be31-cf86-a066-0a45-470c665af387; Max-Age=31536000; Expires=Mon, 23 Mar 2026 22:16:35 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax
date: Sun, 23 Mar 2025 22:16:35 GMT
access-control-allow-origin: https://www.newnaughtyneighbors.com
vary: Origin
access-control-allow-credentials: true
content-type: text/plain
content-length: 36
x-trace: 2B08394C3F2F08147DA9E5F6BED5CB62A7FC9C1887000000000000000000
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

www.newnaughtyneighbors.com/landers/css/theme/pornhub.css

34.149.50.112

200 OK

16 kB

URL GET
www.newnaughtyneighbors.com/landers/css/theme/pornhub.css
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
ASCII text
Size
16 kB (15971 bytes)
Hash
81c8183b932091d97dab5609d5e35d87
a50719f26eff1ac61114a7a425be122f34c4b62c
478c8d3a62ba9ab5861ba013abf752c80c0013d145f6765c85267a292f4e6298

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/css/theme/pornhub.css HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 10:39:50 GMT
server: nginx/1.14.2
content-type: text/css;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: newnaughtyneighbors.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 40705569 39290443
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

www.newnaughtyneighbors.com/landers/js/landing110.js

34.149.50.112

200 OK

67 kB

URL GET
www.newnaughtyneighbors.com/landers/js/landing110.js
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type

Size
67 kB (66995 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/js/landing110.js HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 11:04:43 GMT
server: nginx/1.14.2
last-modified: Fri, 21 Mar 2025 09:18:45 GMT
etag: "67dd2ef5-105b3"
content-type: application/javascript
content-encoding: gzip
vary: Accept-Encoding
x-cacheable: YES
cache-control: max-age=300
xkey: lander
x-varnish: 32649422 31200772
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google

sync.atsptp.com/d/jsfp/554e85fb36c8bae39f4be57f5afc87e0

66.254.114.220

200 OK

36 B

URL GET
sync.atsptp.com/d/jsfp/554e85fb36c8bae39f4be57f5afc87e0
IP
66.254.114.220:443
ASN
#29789 REFLECTED

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerLet's Encrypt
Subjectatsptp.com
Fingerprint24:58:9F:1F:B6:B5:0F:10:1F:7F:41:6F:ED:C7:64:47:AB:08:61:1C
ValidityFri, 07 Feb 2025 21:42:07 GMT - Thu, 08 May 2025 21:42:06 GMT

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
8d24124f86de5b37e77855d4d4faa835
072a8aaca95c621014f4b83f3158f7217982aa2c
445bc0502c9777ce6b74e72b2b244dbf58aeceed6aff8982aadbbee4202d41a9

HTTP Headers

GET /d/jsfp/554e85fb36c8bae39f4be57f5afc87e0 HTTP/1.1
Host: sync.atsptp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
set-cookie: d_uidb=0296be31-cf86-a066-0a45-470c665af387; Max-Age=31536000; Expires=Mon, 23 Mar 2026 22:16:35 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax
date: Sun, 23 Mar 2025 22:16:35 GMT
access-control-allow-origin: https://www.newnaughtyneighbors.com
vary: Origin
access-control-allow-credentials: true
content-type: text/plain
content-length: 36
x-trace: 2B298145BD048FB747757CA0F0AD1A985B29A0A20E000000000000000000
via: 1.1 google
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2

www.newnaughtyneighbors.com/landing110

34.149.50.112

200 OK

33 kB

URL User Request GET
www.newnaughtyneighbors.com/landing110
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
HTML document, ASCII text, with very long lines (3151)
Size
33 kB (33314 bytes)
Hash
0b65a6e9dea102a0e449655fe4928102
f1a1a7432dee1516e3f0ccb2f744f8b8b1eebf0d
cab03a59482eeb9e9da9df66adc57bdddc8512222c267455fb46e864f9647963

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landing110 HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 17:54:54 GMT
server: nginx/1.14.2
content-type: text/html;charset=UTF-8
x-powered-by: PHP/7.2.34
x-host: newnaughtyneighbors.com
content-encoding: gzip
x-cacheable: YES
cache-control: max-age=300
xkey: lander
vary: Accept-Encoding
x-varnish: 32599335 31649911
age: 0
x-cache: HIT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google
X-Firefox-Spdy: h2

ad.twinrdengine.com/beh.engine?b=551&o=1&x=&s=

34.111.67.216

200 OK

0 B

URL GET
ad.twinrdengine.com/beh.engine?b=551&o=1&x=&s=
IP
34.111.67.216:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectad.twinrdengine.com
FingerprintDE:35:A7:C0:09:93:1C:9B:9B:78:65:01:E7:BF:62:EE:1D:22:6E:23
ValidityThu, 06 Mar 2025 06:53:18 GMT - Wed, 04 Jun 2025 07:49:13 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /beh.engine?b=551&o=1&x=&s= HTTP/1.1
Host: ad.twinrdengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
via: 1.1 google
date: Sun, 23 Mar 2025 22:16:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

promptagreement.com/cc.js?wId=7GcdhlmZfQIMUuuqTNmIvo&domain=newnaughtyneighbors.com&languageCode=en&languageTerritory=US&sessionId=e5f72a6999cf41ee90cdd2731ac6d79d

35.186.235.168

200 OK

120 kB

URL GET
promptagreement.com/cc.js?wId=7GcdhlmZfQIMUuuqTNmIvo&domain=newnaughtyneighbors.com&languageCode=en&languageTerritory=US&sessionId=e5f72a6999cf41ee90cdd2731ac6d79d
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type
JavaScript source, ASCII text
Size
120 kB (120164 bytes)
Hash
fd0eb2b619ad97e4005710e89bbe6860
b62e060314141602274d933dd8b56a13e9d02296
f588ffd0efd96c836beeefbe9b4f0b3352b2f6e3e6650d0a29b4a50f000ee161

HTTP Headers

GET /cc.js?wId=7GcdhlmZfQIMUuuqTNmIvo&domain=newnaughtyneighbors.com&languageCode=en&languageTerritory=US&sessionId=e5f72a6999cf41ee90cdd2731ac6d79d HTTP/1.1
Host: promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.newnaughtyneighbors.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 23 Mar 2025 22:16:33 GMT
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-encoding: gzip
content-length: 14070
content-type: application/javascript
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.newnaughtyneighbors.com/favicon/apple-touch-icon-180x180.png

34.149.50.112

404 Not Found

289 B

URL GET
www.newnaughtyneighbors.com/favicon/apple-touch-icon-180x180.png
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
HTML document, ASCII text, with no line terminators
Size
289 B (289 bytes)
Hash
c7774dfc70dbbca46af6f8ffb0253e19
511d7c240300b1c8c144f1ca8856f0f9998d3b84
eaa105493d42b0de9437c197df7118a3ca0fec6c8953093184787e59150743b1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon/apple-touch-icon-180x180.png HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sun, 23 Mar 2025 22:16:32 GMT
server: Apache/2.4.58 (Ubuntu)
content-length: 289
content-type: text/html; charset=iso-8859-1
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.newnaughtyneighbors.com/landers/media-registry.js

34.149.50.112

200 OK

140 kB

URL GET
www.newnaughtyneighbors.com/landers/media-registry.js
IP
34.149.50.112:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectnewnaughtyneighbors.com
Fingerprint20:81:20:6F:61:D9:7B:BB:F6:B7:76:1A:B9:1D:72:5D:04:AC:BF:6E
ValiditySun, 02 Feb 2025 00:57:54 GMT - Sat, 03 May 2025 01:52:28 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
140 kB (139548 bytes)
Hash
66c14899b2a28f0b7fafbe62d8773716
231b37ae5fc3470c28f6edc70a48bd0d4e69a843
f23d8f82fb360c48e0e53ed8a3fc45ca105cb4fb4a0a0cda3b8e9ed0d8adde18

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /landers/media-registry.js HTTP/1.1
Host: www.newnaughtyneighbors.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.newnaughtyneighbors.com/landing110
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 21:53:30 GMT
server: nginx/1.14.2
x-guploader-uploadid: AKDAyIsC3M8xeIRyK08ttH-WpQKyp7qB-SeFrm7h6fGqye9fFeRXhEVQ84ZRcfZ71zpV1EtIUugvnL4
x-goog-generation: 1742552490682240
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 139548
x-goog-hash: crc32c=91ZNFA==, md5=ZsFImbKijwt/r75i2Hc3Fg==
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
last-modified: Fri, 21 Mar 2025 10:21:30 GMT
etag: "66c14899b2a28f0b7fafbe62d8773716-gzip"
content-type: application/javascript
age: 1382
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google, 1.1 google

api.promptagreement.com/consent/loadSegment

35.186.235.168

200 OK

0 B

URL OPTIONS
api.promptagreement.com/consent/loadSegment
IP
35.186.235.168:443
ASN
#15169 GOOGLE

Requested by
https://www.newnaughtyneighbors.com/landing110
Certificate
IssuerGoogle Trust Services
Subjectpromptagreement.com
Fingerprint47:F7:1B:DE:E3:E5:F4:D5:5F:DC:03:D9:85:58:54:20:61:AD:BB:35
ValidityThu, 27 Feb 2025 21:09:26 GMT - Wed, 28 May 2025 22:04:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /consent/loadSegment HTTP/1.1
Host: api.promptagreement.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.newnaughtyneighbors.com/
Origin: https://www.newnaughtyneighbors.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 23 Mar 2025 22:16:35 GMT
server: Apache/2.4.18 (Ubuntu)
access-control-allow-origin: https://www.newnaughtyneighbors.com
access-control-allow-credentials: true
access-control-allow-methods: POST
access-control-allow-headers: content-type
content-length: 0
content-type: application/vnd.api+json
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (26)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML