Report - fly.metozemoon.com/click?pid=2&offer_id=212&sub2=u336305&sub3=cl619448&sub7=rfhttps://fnget.com/&sub8=rdfnget.com&sub15=c20fc407e06e

Report Overview

Visited public
2025-04-22 19:35:17
Tags
Submit Tags
URL
fly.metozemoon.com/click?pid=2&offer_id=212&sub2=u336305&sub3=cl619448&sub7=rfhttps://fnget.com/&sub8=rdfnget.com&sub15=c20fc407e06e
Finishing URL
ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
IP / ASN
34.91.218.141
#396982 GOOGLE-CLOUD-PLATFORM
Title
(1) Notification participate to win the prize $$$

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

162

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fly.metozemoon.com	unknown	2025-04-02	2025-04-04	2025-04-19	1.3 kB	318 kB	35.204.100.195
phumsowoubsoag.net	unknown	2025-03-05	2025-03-06	2025-04-16	547 B	160 kB	172.67.164.195
save.svensnd.com	unknown	2025-02-21	2025-03-22	2025-04-16	560 B	159 kB	34.91.234.242
my.rtmark.net	9054	2014-10-29	2015-02-04	2025-04-16	440 B	834 B	104.18.41.22
ouraimonupt.com	unknown	2025-02-06	2025-02-23	2025-04-18	49 kB	505 kB	172.64.150.45
datatechonert.com	46154	2021-12-24	2021-12-24	2025-04-22	553 B	485 B	37.48.68.71
cdntechone.com	64371	2021-12-24	2021-12-24	2025-04-22	1.1 kB	51 kB	104.21.36.146

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	phumsowoubsoag.net	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed
2025-04-22	medium	ouraimonupt.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (73)

	URL	From	Size	First Seen	Last Seen
	ouraimonupt.com/_astro/j4c0d6231-CPY_kjfA.js	ImportedModule	3.5 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/j4c0d6231-CPY_kjfA.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash c837c12b4d7e3e4431ed433f2e9cb289 67d1f786c5949ff50d9bc85b4dfde4cae4d56692 ab72a8a9e4a2c468533587713dfd97c82d9227a92ef29434a5145d07dfaa09d2 Loading...

	ouraimonupt.com/_astro/j529e61-BHLhoRW5.js	ImportedModule	1.2 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/j529e61-BHLhoRW5.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash fd2e9b23a630e5ad2935a90d22ce2432 5aa7e9268a4e8a0b003b8d710042920f978fd65c 82ec6c4d44165a9e317f9e82052c7a1f9bd9811322822e73665def4c3febd570 Loading...

	cdntechone.com/stattag.js	ScriptElement	16 kB	2024-07-11	2025-06-30
Pretty URL cdntechone.com/stattag.js IP 104.21.36.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 14:08 Last Seen2025-06-30 05:07 Times Seen5801 Hash 80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251 Loading...

	ouraimonupt.com/_astro/h2a457c45-DRQq_tiD.js	ScriptElement	103 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/h2a457c45-DRQq_tiD.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash a7a2991bdd4205bdbbb91848333d0389 0565c3473809d95bebc3490774d1b5d82ed98d86 1bf5fb3c192ca91402e57ae64bf37490e0a4f16a7c3269ad86920a9a62d06158 Loading...

	ouraimonupt.com/_astro/x6d99cc98-2TMql6tG.js	ScriptElement	1.0 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/x6d99cc98-2TMql6tG.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 66f061239476a1361fee56481c798000 14049deba7dfea2ed2ac07154da260f888fde16a 1a3038b4f4600b1f5971313f85f34be859977fba51e75b8135cd6d530b9b9ded Loading...

	ouraimonupt.com/_astro/e8287326-B4-15ESz.js	ScriptElement	3.4 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/e8287326-B4-15ESz.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash d0bd4dfa4ac6a324407e5a9c56fdcd37 104f780fe3dce38c6a88215bb2d6facc75ff694a b59c924cac54815b2fc59a913489d04e8e4fc2001fcf98222779e88b510c0df8 Loading...

	ouraimonupt.com/_astro/ecc603486-D9n67L97.js	ScriptElement	1.3 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/ecc603486-D9n67L97.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 2def18eaed9bcabb83bfa1a3aea65e24 3484640e2d5a1fcf7152fe8fd1e5e5291fb74595 4b1b9289373e7f3914337526f88fc39730e9688ff3e916ae15d0f9119cc2dc73 Loading...

	ouraimonupt.com/_astro/l91dbf0b6e-beUTGtJR.js	ScriptElement	7.1 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/l91dbf0b6e-beUTGtJR.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 1879e85d4d9d12447447d32c34fc201d 83878fa0a7d998c1f559fc801adec431dcccccf0 7687ee9429c10dcffe374315a8652d5f92abaf797294d030d970a7ab4b0d6f9c Loading...

	ouraimonupt.com/_astro/p2b2156e-DCIyaCJ1.js	ScriptElement	173 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/p2b2156e-DCIyaCJ1.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 0a1a3a39af333741f2d3147d40f995eb 51209578817cb943f62b505aaaf6f6fb59f00849 19729b96300dc8aad6d1f933d35820764262e57f48c69af6eb5faa7380a1fd70 Loading...

	ouraimonupt.com/_astro/b818d61-DXLin6xJ.js	ImportedModule	1.0 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/b818d61-DXLin6xJ.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash ce52ad661e595b911287ce3f505ebe6b f5f2a584a7f9c8c86dc65b27b8c8a134cd5405c6 94bb451ea1d0fd5a585d406a962dc61ff85bd14759a0d09b5c9a26ea8f21aa08 Loading...

	ouraimonupt.com/_astro/t4a073d-DaBgxivg.js	ImportedModule	389 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/t4a073d-DaBgxivg.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 8469fb0a5bcb81f707aaf9c1a739f08d 2900d62af8c341b005a64b228ab81a8f57ce6cea 0238362dd3eea220a21d7d7e2c9bb2066fa680002d543fa6c5d633a51212016c Loading...

	ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b	Eval	17 B	2024-12-03	2025-06-30
Pretty URL ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-03 18:23 Last Seen2025-06-30 05:07 Times Seen2696 Hash 6c2875f1a9aa4e7aea000433b300f345 19ada7d0dfde6c8f5e91f79429fedb4c7c2c07e8 faff5a60a2c4aa315bd6d15ef5da1b81098a7b034d3a76acb8fcfffdce74153f Loading...

	ouraimonupt.com/_astro/u5095a34-BTtSEypr.js	ScriptElement	923 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/u5095a34-BTtSEypr.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 4746e19a46dfe5a35ce9dd78c3cf1bba ff7715af6009795dfcf49b54fc5bdc1b7af41f37 844cb42e886f1315a514c7b909549c868fab050ca744f18167209f3ab20a5f07 Loading...

	ouraimonupt.com/_astro/c107110c-Bz9whPi3.js	ImportedModule	2.5 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/c107110c-Bz9whPi3.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash b0b24465744b17acb68fd197216658df eebe590481711ac82b86cf29949624ce0c7a2664 9796207b2d97368e5d33f5c5c56481a996308be301231516abf9eee8d43c1103 Loading...

	ouraimonupt.com/_astro/a4d3be2-C_bzxKgi.js	ImportedModule	2.0 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/a4d3be2-C_bzxKgi.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash a783ed20a8eac890a952addd0f6235a8 a8eeff0e6cbbdc27c53940febcc3e1bc12f75384 2105a1e6029c312f5c053d9b5904fc6b56b0cfa868b04c91e185181770d4da9b Loading...

	ouraimonupt.com/_astro/s4b4b63cc3-DXfDKISJ.js	ImportedModule	1.4 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/s4b4b63cc3-DXfDKISJ.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash ba3950b7ba12a9f8f7a4157ed0467802 21a6a160cc8114b13b7eec2c114ad67858900277 a87d3033e60a69ee571a296fbe7e13688273b9f1bb27e94a8a8df17a4eb9c4c8 Loading...

	ouraimonupt.com/_astro/f766bcae2-DPBtFuIo.js	ScriptElement	1.2 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/f766bcae2-DPBtFuIo.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen4 Hash eb9fce3ba0be8890a91992dee36a3336 f4ae88ac44faccebee6138b19b8ba7edf759a528 a47495fb5b982dce9bfffd35ce83c56ed754f1751926299bc8c7e573c94cb960 Loading...

	ouraimonupt.com/_astro/l8a770d2ac-BHdAp8bM.js	ImportedModule	787 B	2025-03-26	2025-06-22
Pretty URL ouraimonupt.com/_astro/l8a770d2ac-BHdAp8bM.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-26 17:03 Last Seen2025-06-22 16:38 Times Seen243 Hash 658c73e01c6d06009ed7a4ee3caaf81e 1729ff9c7d0e4d02377c1213aaa2ab1548d16806 8f4003d9f46b4b7bf313f7631d119bc310f602bf9295d65cf6dd841d389d61e3 Loading...

	ouraimonupt.com/_astro/d97e2bf767-BJGTsJ2o.js	ScriptElement	3.5 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/d97e2bf767-BJGTsJ2o.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 46bf99dad3d39387fbd425308ef93028 cd09f544fea087f9e40143bf07d48d0e8d84f242 40aabdef18eb3e6926d548c5adf39689acc484f228ac49908f397796348264c0 Loading...

	ouraimonupt.com/_astro/e48bf762-DRdpELAP.js	ScriptElement	105 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/e48bf762-DRdpELAP.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 2b63f75b0580857236197bcbf382bbc2 895b6ad2a69067857dbc3a24b2e98705a60796db 2cd7efc5ec8b411faa394ecb4145860dc8d69fa2821bcc6e02230bdcba899be9 Loading...

	ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b	ScriptElement	636 B	2025-03-04	2025-06-30
Pretty URL ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-04 04:04 Last Seen2025-06-30 05:07 Times Seen306 Hash 0fbb7dbae3c20bc81da1b8bf41c13e8e f333d36b1dbecd026483e78eac843bdeb2dde04c eeeffffc79c48f4fbe510fc3fcdae29885a18a48ae121968e03fe502fb48fecc Loading...

	ouraimonupt.com/_astro/w5ccc582-DmYspdcS.js	ImportedModule	731 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/w5ccc582-DmYspdcS.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash ede8ba144ac3b89a8668bcbcd2d55882 06377241435de0f02ca5cf1d6c93bcf6802003be 6958ceacf8d99ecbc8916b89e1a1f34507f07b3658d2ab6fcb35750e1280993f Loading...

	ouraimonupt.com/_astro/a41131ada-8XphcrMl.js	ScriptElement	309 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/a41131ada-8XphcrMl.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 2e6975774e41ad4f9af4a980162444a9 28f0a67660dd60288edc6669680c01621e2ef961 d1590c5601e5ec139c8ff6909bec462dd0c3cbfad05ad9a051c453e36b40b165 Loading...

	ouraimonupt.com/_astro/s9db00a72-P5jCbDl2.js	ScriptElement	103 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/s9db00a72-P5jCbDl2.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash c2d5dffdec9995b6a143cc2cc4336321 3764f99fa8e81c8f2f0c856bf0ddaa80988f7b81 c56f6f70bb8120ad7e3935e480952dc43b7782d720430f1c760a1a8e76a83fae Loading...

	ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b	ScriptElement	56 B	2025-03-04	2025-05-12
Pretty URL ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-04 04:04 Last Seen2025-05-12 15:16 Times Seen235 Hash ed993dde189d62456a225ae7abc806ad 872f418853377f47c37630a97bebe4ccc33493e6 043f89dcc40dbbe61f89e73259dabf7e3327f9d99b70a6a489dde29b93e67da2 Loading...

	ouraimonupt.com/_astro/l0ef98cb-DATSOSwR.js	ImportedModule	2.8 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/l0ef98cb-DATSOSwR.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 2b0ca6c477211fa964b4a6385e6c1486 a56e080a1d68bb9cbaf2182bae765d25b5b32750 0bbe55140d373ac24486e90e1f828a7612126d2a1e564dcc8ec20c67a57a9a47 Loading...

	ouraimonupt.com/_astro/h7f2533-Cfv0wZPe.js	ImportedModule	1.9 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/h7f2533-Cfv0wZPe.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 7ff3665ca7854e2a95b24df8e4bdd828 a83d405eed5285a90f520cba2026b2b0d8944a36 79c6560b4c3196c414543f33fb6dd63970153c8b47c8e176c11cf85bb07c6f6f Loading...

	ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b	Eval	17 B	2024-12-03	2025-06-30
Pretty URL ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-03 18:23 Last Seen2025-06-30 05:07 Times Seen2696 Hash 6c2875f1a9aa4e7aea000433b300f345 19ada7d0dfde6c8f5e91f79429fedb4c7c2c07e8 faff5a60a2c4aa315bd6d15ef5da1b81098a7b034d3a76acb8fcfffdce74153f Loading...

	ouraimonupt.com/_astro/b2167158ac-BICImHOn.js	ScriptElement	105 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/b2167158ac-BICImHOn.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 77b70961eab4504d2496a3d14df4f490 ffbe4f997643a9139f5dc4251eaabc2f4df47df0 43a31c3044f8732fef76442688e7a17021620088dda9c26921d1c01ae0d9413a Loading...

	ouraimonupt.com/_astro/cc747b-Ba86QhfC.js	ScriptElement	103 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/cc747b-Ba86QhfC.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 1358d9f42c64adf11615e5e2c22741d7 9ca5f6cade8a23051fc11a2694b1d39eed9bbb5e 70754ac2728a1944f8d9b9f970fecf5fba77c21f9eda5bf0e2b4125b8b907536 Loading...

	ouraimonupt.com/_astro/f0909b71e4-k0-2Hpcn.js	ScriptElement	102 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/f0909b71e4-k0-2Hpcn.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 15949c5266f4fe9e53a4c83b3b2df70b 19720b74a0952a99d110a9a5937c23064119a1fc 8d10af3bdc114107fc9970b01b4e4878bb05aaa0fd8479e96f58695379fdfb1d Loading...

	ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b	ScriptElement	118 B	2025-04-19	2025-04-22
Pretty URL ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-04-19 06:05 Last Seen2025-04-22 19:35 Times Seen11 Hash 8bd2b183c61c35f495e938858474ff57 1b97c16aa4936bba462db7faefa1f2ef4b3accfb cfafd075c482f16e1692c22e1cee57d2de79095dc42d597aae8abf2013465c97 Loading...

	ouraimonupt.com/_astro/h1664d761-CshqJcBP.js	ImportedModule	189 B	2025-04-22	2025-05-02
Pretty URL ouraimonupt.com/_astro/h1664d761-CshqJcBP.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-05-02 09:29 Times Seen38 Hash 05ee45da5dac65bda4c02b0c9218aec9 128d5614fd997866be182f993e7fe5ca948e0e93 b600e24f22d54b13bbc71f081afe7b535ab997e86da056bf3dc70be753ce976f Loading...

	ouraimonupt.com/_astro/h389e0b053-tkKUks8l.js	ImportedModule	2.8 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/h389e0b053-tkKUks8l.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 8514a63c8f2e6b08fa1b9dc4f3478fd4 0bb158024146384b9074c2998efffb343c4fb6d1 990d5e306c4781e7171f2a7ac9394704572a05940c8b953d11f9683bc96d80e5 Loading...

	ouraimonupt.com/_astro/b91b8da-CaIFFUCf.js	ImportedModule	365 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/b91b8da-CaIFFUCf.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 3f03fce51384b97e195bcfda87ccb183 496124b60356ae564c5cf887f19b78630b688c5e 49d0356ef9c88618ac0fdcaa4a97a293309e41259bd3138a66443bc014e4cd4e Loading...

	ouraimonupt.com/_astro/dd98f4e3-CG5Aa3zw.js	ImportedModule	67 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/dd98f4e3-CG5Aa3zw.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 0fcd5555dd87f7013b2644334f89f947 cd8245009d3d48ec0d955762a684bbfdc92c634c 82c9e05b38870ae0a44444d4dcb3580fb83d204a20e198e85e3891d83f263e79 Loading...

	ouraimonupt.com/_astro/x9eea5ac5f-CMxuAt-0.js	ImportedModule	284 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/x9eea5ac5f-CMxuAt-0.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 2bd986020ada07aecfbf829958299ea3 3e17192dde87c4b7882ec9857ee41701903296da 594bf3a8ba71c7aacd5e4926b59ef7349acf2e84e47123e7b82ee6d1b93ba1eb Loading...

	ouraimonupt.com/_astro/fd0815-Bk7JblOE.js	ScriptElement	104 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/fd0815-Bk7JblOE.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 2f89686e5328c2780a659da99ea7bd77 0269c4b84ce10d38cc249b71bed2f35294590e92 8df354a7a409ca19661829241a1c94ebf941d0f5f7ae9b53cfbb0240d56144b7 Loading...

	ouraimonupt.com/_astro/g9aad8703a-lbDJYatH.js	ScriptElement	104 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/g9aad8703a-lbDJYatH.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash a568f98eacdd0cbe4b57259022f91406 11ab30509cb70a4ebb5b0f7dbb572d34d75ae611 cfe1901f0ccee2096a9f4b215ae5f15d1e9016b20f2e78ea2b56ef8571ab42ce Loading...

	ouraimonupt.com/_astro/e5e30ef8-BBU97REQ.js	ImportedModule	119 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/e5e30ef8-BBU97REQ.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash c6e9bc7692c51dbe7cae27ce00e833db 631cd431a65414d4b56821a16cb64d951d885ecd a2f8d341c5bce19de51258d2007cfef1c066cd691b9cf41c379b3a95e2a42895 Loading...

	ouraimonupt.com/_astro/b162b853-CFJyckt-.js	ImportedModule	692 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/b162b853-CFJyckt-.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 8bd76fdf88433457f91b49c017c15cec 18266962a6450bff9d5257703ba4327526fa3006 9a5773c9d75a2d0bfa6693704839edb47fde1368af68001a396d2bff23d8ff28 Loading...

	ouraimonupt.com/_astro/l1cf30356-moGCk_WM.js	ImportedModule	49 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/l1cf30356-moGCk_WM.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 5be4c8fb69fdeea85b4d74acf6e42150 f55d4a279fb6d215de2ef9ae7052195172292d4e 3999a50f9687e3485d92df9167a5233e17c15e37d15f1fb762d1d5d136e75823 Loading...

	ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b	Eval	17 B	2024-12-03	2025-06-30
Pretty URL ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by eval Embedded in HTML false Observations First Seen2024-12-03 18:23 Last Seen2025-06-30 05:07 Times Seen2696 Hash 6c2875f1a9aa4e7aea000433b300f345 19ada7d0dfde6c8f5e91f79429fedb4c7c2c07e8 faff5a60a2c4aa315bd6d15ef5da1b81098a7b034d3a76acb8fcfffdce74153f Loading...

	ouraimonupt.com/_astro/f385706c7-DwQG9I-5.js	ImportedModule	1.5 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/f385706c7-DwQG9I-5.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen4 Hash 956d7e2d60d4574b490f3933115ccc0c 717d318acbae15f1c745a0ee95290e9a3871382d b693960a3639f7e28d5ea0153bbbf0be2b1f2620cf3e7fe0a325d0416104183b Loading...

	ouraimonupt.com/_astro/d0e0b3f-CSrn5I-g.js	ScriptElement	104 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/d0e0b3f-CSrn5I-g.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 5991f885b0881b21e1df47373f1eeac6 9507a7e09bb5e59473789029daa31ec557be0483 05b39d95c90ba3b6ac0ae028c016ea273a184a58a48b48d490f24f7cfbd67435 Loading...

	ouraimonupt.com/_astro/z2188bd805-BIAIvrgF.js	ImportedModule	1.6 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/z2188bd805-BIAIvrgF.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 4f62210225f4bbb7e1895beadc03dfe8 28576301d6e77ca6a76f0d89f8fa37d53aba76a9 7f4966ca46d405d1cd45d3060370dbd9f2afa71d8b5eff741f79b2556e0355d6 Loading...

	ouraimonupt.com/_astro/a14fc2ee-C7_oNhAY.js	ImportedModule	2.8 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/a14fc2ee-C7_oNhAY.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 17604888df98e7c87d50734b24bbedc2 60f5f1526734d8bc24df49ca2b37f2f9f51a42a6 b00f1847e7dbff8cd6961cd0f0c759ee94c57b74b2d2c561098a40a9ca4c9763 Loading...

	ouraimonupt.com/_astro/i33f8637-DoAnNVHb.js	ImportedModule	1.5 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/i33f8637-DoAnNVHb.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash ee178ba4781761c7186d522fee7b7c33 0fa4e5dd29bb8f8e26bc31eee39b3de3aad17e1e 882d2966a9158cd7f2f5b0b99f8f845287916f442cd589288264e3a9f3b4bd64 Loading...

	ouraimonupt.com/_astro/c67a7f16-CKZqHJxU.js	ScriptElement	102 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/c67a7f16-CKZqHJxU.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 7a381638534793adefdcecfcb0bb6756 3cf92d99196a2f68ee16728bb9a837d0eae79e37 b7cf134fc251ccf28a106d186534f7b5bb2efb368ff16726ae11a7b72f7ffac2 Loading...

	ouraimonupt.com/_astro/d209ad4-BWduRDVq.js	ScriptElement	103 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/d209ad4-BWduRDVq.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 9b1cfdb2108d46ee65b2e9e99207ac25 1298f84edb214fe4fb1e4496d16bb9144730c21e 1bb827ee71e98f88da1ce3d85cbdc2c6a9ead8fb4bb5e7af9e55deeb4a89c1b8 Loading...

	ouraimonupt.com/_astro/ef640c569-GOE7dSqj.js	ImportedModule	331 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/ef640c569-GOE7dSqj.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 8eaf419844360ea609b73020d4f4619c f0b9bfc21389abf2bbaaf574f784e6c9f4e01673 a1fbc5649bd3c80bb80100311b460a841ca7c98abb85b81e1c0f02670181c749 Loading...

	ouraimonupt.com/_astro/j289ade9c-sjUUCrJS.js	ScriptElement	2.1 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/j289ade9c-sjUUCrJS.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 963089802559ccc2b9c4c8308fc6dbd2 2f5e5bffa45eebc4982d2b2edf1b2c9fdadd2ef3 59122c24a6fe03e148baffa42120ed05285b3384390395ca8e1cc259d6840086 Loading...

	ouraimonupt.com/_astro/f1d6892837-C5FhhrhK.js	ScriptElement	612 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/f1d6892837-C5FhhrhK.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen4 Hash 63cdd8cd7f34dae90ef362b99692701a 35e1e4cef1352191bfe281c95c066dacd0e25080 e4419b424f07b48380cf21931123f36e2b763feb8f6ea6f6673b34f65ef97b93 Loading...

	ouraimonupt.com/_astro/w5b80256f-BiNzXDrT.js	ScriptElement	5.7 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/w5b80256f-BiNzXDrT.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 5bd38cd1c1a5d67dc2b089c466129ea0 0b9418e2e6cdaaeb369d2edadf1317d5f8aa186c 6b6b06a6500c04a6f55448c0d5fd02cf069716862bb14f603c473d48e36cfa0f Loading...

	ouraimonupt.com/_astro/i8e7c2c0e-BwvGrg9N.js	ImportedModule	955 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/i8e7c2c0e-BwvGrg9N.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 2efe3bd4f4d9e0150d3602849960b4cf 223bae0982f2024132d8ee1511f2538a5becdd02 7a9c32a60e571bde61ca0e73e62ae1eefc63b9acbd18224fdea00dd2f638f4ff Loading...

	ouraimonupt.com/_astro/z38d195-C6YkR2y6.js	ImportedModule	4.7 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/z38d195-C6YkR2y6.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash f6ebc35af3bc7c6b61a7f7948621d0fa 988de3b30068cdee4d68febfca9dc0b0329cd0df e4fd487a5b4284266df8d505a51f89733591c7c2c65476e5a9b15ff224eff08a Loading...

	ouraimonupt.com/_astro/x22a7e6ae-CVAMu2T7.js	ImportedModule	199 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/x22a7e6ae-CVAMu2T7.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash c4c96c0374fa03a67984d546dd4cc7d7 797b4510efe5940668f6982aa5948530e495f580 01730517f3343990f21fa3a62b9893f567ec83e0128e3d6f9341360915927865 Loading...

	ouraimonupt.com/_astro/w26c05c7a-B9QxexN0.js	ScriptElement	612 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/w26c05c7a-B9QxexN0.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash ce3ddcd9f87ea2a9b22669baa1471776 6291b0afbc5f5f91a5ab21401e26d8bfaf15e248 bc6f4021d8805a90073c87579fa70baef19156ae8edc4028408aab3358590082 Loading...

	cdntechone.com/stattag.js	ScriptElement	16 kB	2024-07-11	2025-06-30
Pretty URL cdntechone.com/stattag.js IP 104.21.36.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 14:08 Last Seen2025-06-30 05:07 Times Seen5801 Hash 80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251 Loading...

	ouraimonupt.com/_astro/a583e5cc5-my9Z9eTM.js	ScriptElement	30 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/a583e5cc5-my9Z9eTM.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash c4c3c73605c86628996f0ce297cad07b cd9912ed844873a73fdb5bffb28c4e63ab615c4f bb7c1a785eaa25d5eb63de6c2ad53c42d00af807f3f56330125e4cb78b13075e Loading...

	ouraimonupt.com/_astro/e198b70f-v4ziPWwt.js	ScriptElement	105 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/e198b70f-v4ziPWwt.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash e8ab21af7b29378610a4fde87c6f5e13 99c18b0da5ecc704d2b8b95ebf5701cf15b9af1a cf02e340399981ae307b3674c4a56bf61deb58edf14574e3a4b48c3185dbdd33 Loading...

	ouraimonupt.com/_astro/b51a92fe-C5jsHIzb.js	ScriptElement	267 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/b51a92fe-C5jsHIzb.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 6a6a577a97a82a7ab7d7d3b9de26d49d afb62b0dd000265f3f15921426536d01fbf70754 b3d57c0804f62843157bdcb3a1b44965f6cdf0e33b70dc5953f6d81756220298 Loading...

	ouraimonupt.com/_astro/f21d30d3d-Byn9Iu8w.js	ImportedModule	37 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/f21d30d3d-Byn9Iu8w.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 08baf69905ec0b662bdca9707f68cfa0 40a0a5e9eaf5e26615f702a67a7056afb760bebd b9cd1a63e1bf7e4bca05d63413f997833c2b2f34b16a4e7e324850ee1e731c3d Loading...

	ouraimonupt.com/_astro/x3566e2e9f-BzNbjw7a.js	ScriptElement	5.0 kB	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/x3566e2e9f-BzNbjw7a.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 63bcea3055e9e0a067834ff1915bf8ad eae3b333aadb9670677a93594f980dec26ce4551 258c1c282f83e5112b15d0e425d66740907db8231d9489f857ee54d05ca7bc95 Loading...

	ouraimonupt.com/_astro/c306cad1-CXZMlOeV.js	ImportedModule	766 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/c306cad1-CXZMlOeV.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 32856bf112dc8705c697880dc2617b09 dff3c4cda0d1f2c99670984ce76901996a26646d 85b5e853a66a88909ed7776399cb597ca54af0188d2e65007c7434ef594f29ef Loading...

	ouraimonupt.com/_astro/s399cfd7f-6c3O4Cr-.js	ScriptElement	104 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/s399cfd7f-6c3O4Cr-.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 9684c3c03468dfcbc4ef4934c6f8d1f9 d8165492eb15ab42fa219768d85dc2ffd68888a6 6e849cacd20f30440173fedf8abfabe8cb958df9efd8c3e5cb8261c0667591fc Loading...

	ouraimonupt.com/_astro/l2261a5f1-DMy3KDJc.js	ScriptElement	103 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/l2261a5f1-DMy3KDJc.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash b2e8ddff132c4002af247e5cc1758544 5873746b807fac4e53a05b9c0befab2dcbcacad7 754e9b0678d2d1844693e9d31c3021af9b493961e1e58db61b84aa8469077a26 Loading...

	ouraimonupt.com/_astro/b83671d5-Dp4vwJgB.js	ScriptElement	476 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/b83671d5-Dp4vwJgB.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash d5bea112b79834980ef2f4c9efee6b60 39b58dc9be9db8fd1c2f527bd504a00360f95397 7dfba9183f955c9ae364a2176c7a06541ed477791c550b665b29177e928fe15d Loading...

	ouraimonupt.com/_astro/p2ce02d4a-Bm7tABT_.js	ImportedModule	73 B	2025-03-18	2025-06-15
Pretty URL ouraimonupt.com/_astro/p2ce02d4a-Bm7tABT_.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-03-18 19:32 Last Seen2025-06-15 11:41 Times Seen253 Hash 41782e192d6e714b886e20dfe76c1bc9 16edbb13768eab6c97619a38b7d15e161d0d88d8 4b58f84fb12e4acc744f9764edcdd40efc0df8ac1f516e7f3c508887736e5a95 Loading...

	ouraimonupt.com/_astro/z4d16435d3-DA-ufnh7.js	ScriptElement	103 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/z4d16435d3-DA-ufnh7.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 850ebe58e0bfbe71cc4325b02c6f13a5 9bba0b4a4960b969933ee2fc4c4f48b860bba6c4 65d3521008ad849aa53a6bf7824f77956e9b665a846fcde19ad250e9a85374db Loading...

	ouraimonupt.com/_astro/h8af6db-ByufMmLt.js	ScriptElement	104 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/h8af6db-ByufMmLt.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 0050cac044195969a4254f9f9171f17e 99d2fc86f170f526a0f89be7e6ad976d161856df fffbe06eca240b618a67b2dea58aacbd11c4f1021690be9eed97f05332b13232 Loading...

	cdntechone.com/stattag.js	ScriptElement	16 kB	2024-07-11	2025-06-30
Pretty URL cdntechone.com/stattag.js IP 104.21.36.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-07-11 14:08 Last Seen2025-06-30 05:07 Times Seen5801 Hash 80d7433dbc2b7708f2fa4e6a9943a116 350c6e2bb1cbd07de260856f918f4ececcd96894 54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251 Loading...

	ouraimonupt.com/_astro/c5fef33e-DZN9DhNi.js	ImportedModule	919 B	2025-04-22	2025-04-23
Pretty URL ouraimonupt.com/_astro/c5fef33e-DZN9DhNi.js IP 172.64.150.45 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2025-04-22 18:08 Last Seen2025-04-23 07:43 Times Seen5 Hash 463f26d00912d7ace5cd23429e7eb0c1 c869ff99690ba387511211d4615cb940096b0457 eb43cc539777b2a652336de3d987deec2529b269aa2f288e251fd7fe3410f71f Loading...

HTTP Transactions (89)

URL IP Response Size

GET ouraimonupt.com/_astro/w5b80256f-BiNzXDrT.js

172.64.150.45

200 OK

5.7 kB

URL GET
ouraimonupt.com/_astro/w5b80256f-BiNzXDrT.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (5722)
Size
5.7 kB (5723 bytes)
Hash
5bd38cd1c1a5d67dc2b089c466129ea0
0b9418e2e6cdaaeb369d2edadf1317d5f8aa186c
6b6b06a6500c04a6f55448c0d5fd02cf069716862bb14f603c473d48e36cfa0f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/w5b80256f-BiNzXDrT.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-165b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f86395eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/h389e0b053-tkKUks8l.js

172.64.150.45

200 OK

2.8 kB

URL GET
ouraimonupt.com/_astro/h389e0b053-tkKUks8l.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Unicode text, UTF-8 text, with very long lines (2786), with no line terminators
Size
2.8 kB (2791 bytes)
Hash
8514a63c8f2e6b08fa1b9dc4f3478fd4
0bb158024146384b9074c2998efffb343c4fb6d1
990d5e306c4781e7171f2a7ac9394704572a05940c8b953d11f9683bc96d80e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/h389e0b053-tkKUks8l.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-ae7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f88cd76b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

POST datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=845a5bf6-a322-4458-ab50-b2e2ca127685

37.48.68.71

200 OK

12 B

URL POST
datatechonert.com/log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=845a5bf6-a322-4458-ab50-b2e2ca127685
IP
37.48.68.71:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerSectigo Limited
Subjectdatatechonert.com
FingerprintED:87:7A:7D:70:58:7C:01:53:C0:A9:07:3B:14:A3:60:48:86:04:72
ValidityWed, 11 Dec 2024 00:00:00 GMT - Tue, 23 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

HTTP Headers

POST /log/add?cid=eacf36da-c06d-4d71-90cc-88e30cd4240a&ruid=845a5bf6-a322-4458-ab50-b2e2ca127685 HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1560
Origin: https://ouraimonupt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 22 Apr 2025 19:34:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://ouraimonupt.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

GET ouraimonupt.com/_astro/j289ade9c-sjUUCrJS.js

172.64.150.45

200 OK

2.1 kB

URL GET
ouraimonupt.com/_astro/j289ade9c-sjUUCrJS.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (2061), with no line terminators
Size
2.1 kB (2061 bytes)
Hash
963089802559ccc2b9c4c8308fc6dbd2
2f5e5bffa45eebc4982d2b2edf1b2c9fdadd2ef3
59122c24a6fe03e148baffa42120ed05285b3384390395ca8e1cc259d6840086

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/j289ade9c-sjUUCrJS.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-80d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f4bacb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET cdntechone.com/stattag.js

104.21.36.146

200 OK

16 kB

URL GET
cdntechone.com/stattag.js
IP
104.21.36.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
Fingerprint97:E9:A0:32:A7:A0:07:E5:5E:9E:00:7A:0F:03:79:58:24:44:09:38
ValidityFri, 11 Apr 2025 06:42:40 GMT - Thu, 10 Jul 2025 07:40:25 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
16 kB (16490 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3305
etag: W/"668fb2b6-406a"
content-encoding: br
cf-ray: 93478f86cbe66da5-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ouraimonupt.com/_astro/a583e5cc5-my9Z9eTM.js

172.64.150.45

200 OK

30 kB

URL GET
ouraimonupt.com/_astro/a583e5cc5-my9Z9eTM.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (26786)
Size
30 kB (29926 bytes)
Hash
c4c3c73605c86628996f0ce297cad07b
cd9912ed844873a73fdb5bffb28c4e63ab615c4f
bb7c1a785eaa25d5eb63de6c2ad53c42d00af807f3f56330125e4cb78b13075e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/a583e5cc5-my9Z9eTM.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-74e6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f863959b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/f766bcae2-DPBtFuIo.js

172.64.150.45

200 OK

1.2 kB

URL GET
ouraimonupt.com/_astro/f766bcae2-DPBtFuIo.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (1202)
Size
1.2 kB (1203 bytes)
Hash
eb9fce3ba0be8890a91992dee36a3336
f4ae88ac44faccebee6138b19b8ba7edf759a528
a47495fb5b982dce9bfffd35ce83c56ed754f1751926299bc8c7e573c94cb960

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/f766bcae2-DPBtFuIo.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-4b3"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f863960b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/h8af6db-ByufMmLt.js

172.64.150.45

200 OK

104 B

URL GET
ouraimonupt.com/_astro/h8af6db-ByufMmLt.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
0050cac044195969a4254f9f9171f17e
99d2fc86f170f526a0f89be7e6ad976d161856df
fffbe06eca240b618a67b2dea58aacbd11c4f1021690be9eed97f05332b13232

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/h8af6db-ByufMmLt.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-68"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e1dbdb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/d8e0c7a8f-CFX5WsIv.webp

172.64.150.45

200 OK

4.3 kB

URL GET
ouraimonupt.com/_astro/d8e0c7a8f-CFX5WsIv.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
4.3 kB (4258 bytes)
Hash
483d298f3477d9b9a9ed85e2997eb888
52e1956082c558621f102ba813e7bdcee3fcb31d
24763cff62c7e5d6aa028e7bc528010333a062aef7c5682c2dfdc7bfbcece822

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/d8e0c7a8f-CFX5WsIv.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: image/webp
content-length: 4258
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: "6807c980-10a2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 454
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f804deeb50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/x6d99cc98-2TMql6tG.js

172.64.150.45

200 OK

1.0 kB

URL GET
ouraimonupt.com/_astro/x6d99cc98-2TMql6tG.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, Unicode text, UTF-8 text, with very long lines (1000)
Size
1.0 kB (1002 bytes)
Hash
66f061239476a1361fee56481c798000
14049deba7dfea2ed2ac07154da260f888fde16a
1a3038b4f4600b1f5971313f85f34be859977fba51e75b8135cd6d530b9b9ded

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/x6d99cc98-2TMql6tG.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-3ea"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f86395bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/e198b70f-v4ziPWwt.js

172.64.150.45

200 OK

105 B

URL GET
ouraimonupt.com/_astro/e198b70f-v4ziPWwt.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
105 B (105 bytes)
Hash
e8ab21af7b29378610a4fde87c6f5e13
99c18b0da5ecc704d2b8b95ebf5701cf15b9af1a
cf02e340399981ae307b3674c4a56bf61deb58edf14574e3a4b48c3185dbdd33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/e198b70f-v4ziPWwt.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-69"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8dbd36b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/h2a457c45-DRQq_tiD.js

172.64.150.45

200 OK

103 B

URL GET
ouraimonupt.com/_astro/h2a457c45-DRQq_tiD.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
a7a2991bdd4205bdbbb91848333d0389
0565c3473809d95bebc3490774d1b5d82ed98d86
1bf5fb3c192ca91402e57ae64bf37490e0a4f16a7c3269ad86920a9a62d06158

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/h2a457c45-DRQq_tiD.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-67"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e1db8b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/b2167158ac-BICImHOn.js

172.64.150.45

200 OK

105 B

URL GET
ouraimonupt.com/_astro/b2167158ac-BICImHOn.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
105 B (105 bytes)
Hash
77b70961eab4504d2496a3d14df4f490
ffbe4f997643a9139f5dc4251eaabc2f4df47df0
43a31c3044f8732fef76442688e7a17021620088dda9c26921d1c01ae0d9413a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/b2167158ac-BICImHOn.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-69"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e4e1eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/b8038d-CtHQVcrt.webp

172.64.150.45

200 OK

7.4 kB

URL GET
ouraimonupt.com/_astro/b8038d-CtHQVcrt.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
7.4 kB (7428 bytes)
Hash
6ffe537f32b7be06a870808ee94dadc5
598b8776ac199d0d8737969255c81da7c2cf16f2
e0ddaa01c812e3cdc7963b53edf9a53867a1930a7a566edeb872a0f36da94f7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/b8038d-CtHQVcrt.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: image/webp
content-length: 7428
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: "6807c980-1d04"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 454
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f805e01b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/w5ccc582-DmYspdcS.js

172.64.150.45

200 OK

731 B

URL GET
ouraimonupt.com/_astro/w5ccc582-DmYspdcS.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (730)
Size
731 B (731 bytes)
Hash
ede8ba144ac3b89a8668bcbcd2d55882
06377241435de0f02ca5cf1d6c93bcf6802003be
6958ceacf8d99ecbc8916b89e1a1f34507f07b3658d2ab6fcb35750e1280993f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/w5ccc582-DmYspdcS.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-2db"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f813fecb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/favicon.svg

172.64.150.45

200 OK

644 B

URL GET
ouraimonupt.com/favicon.svg
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
SVG Scalable Vector Graphics image
Size
644 B (644 bytes)
Hash
b3c891342e3c1a3e169ecf83c62cfb02
fb259a9e1c8e43cb0d08c74f6fc3b623e15e95c3
c98ef972cd0a097ef32ad0f6d17e08d8e015a630a43b87be015e70d6d329dc32

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.svg HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-284"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 454
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=6,i=?0
server: cloudflare
cf-ray: 93478f858fd9b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/s399cfd7f-6c3O4Cr-.js

172.64.150.45

200 OK

104 B

URL GET
ouraimonupt.com/_astro/s399cfd7f-6c3O4Cr-.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
9684c3c03468dfcbc4ef4934c6f8d1f9
d8165492eb15ab42fa219768d85dc2ffd68888a6
6e849cacd20f30440173fedf8abfabe8cb958df9efd8c3e5cb8261c0667591fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/s399cfd7f-6c3O4Cr-.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-68"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e2de6b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/e48bf762-DRdpELAP.js

172.64.150.45

200 OK

105 B

URL GET
ouraimonupt.com/_astro/e48bf762-DRdpELAP.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
105 B (105 bytes)
Hash
2b63f75b0580857236197bcbf382bbc2
895b6ad2a69067857dbc3a24b2e98705a60796db
2cd7efc5ec8b411faa394ecb4145860dc8d69fa2821bcc6e02230bdcba899be9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/e48bf762-DRdpELAP.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-69"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e3e07b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET cdntechone.com/stattag.js

104.21.36.146

200 OK

16 kB

URL GET
cdntechone.com/stattag.js
IP
104.21.36.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
Fingerprint97:E9:A0:32:A7:A0:07:E5:5E:9E:00:7A:0F:03:79:58:24:44:09:38
ValidityFri, 11 Apr 2025 06:42:40 GMT - Thu, 10 Jul 2025 07:40:25 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
16 kB (16490 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2xlHO7KitMPj2lbJWU%2Ft86uVwIGJFXFlwy4KsS9AAVuEHaM6W4YlH8X6AepEqwrzvf0%2Fmk2hvRVuFhAw6AfPsUbAyg5j4SRdgn3tbdcAiENlDzmATlKWKj9YamBM0fMsA%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
etag: W/"668fb2b6-406a"
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6396
content-encoding: br
cf-ray: 93478f8f7db1c7eb-TLL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21279&min_rtt=19842&rtt_var=8287&sent=18&recv=18&lost=0&retrans=0&sent_bytes=4051&recv_bytes=1654&delivery_rate=1504&cwnd=12000&unsent_bytes=0&cid=7440ea9394754879&ts=1366&x=16"

GET ouraimonupt.com/_astro/b162b853-CFJyckt-.js

172.64.150.45

200 OK

692 B

URL GET
ouraimonupt.com/_astro/b162b853-CFJyckt-.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (692), with no line terminators
Size
692 B (692 bytes)
Hash
8bd76fdf88433457f91b49c017c15cec
18266962a6450bff9d5257703ba4327526fa3006
9a5773c9d75a2d0bfa6693704839edb47fde1368af68001a396d2bff23d8ff28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/b162b853-CFJyckt-.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-2b4"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80bf0cb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/i33f8637-DoAnNVHb.js

172.64.150.45

200 OK

1.5 kB

URL GET
ouraimonupt.com/_astro/i33f8637-DoAnNVHb.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
JavaScript source, ASCII text, with very long lines (1488), with no line terminators
Size
1.5 kB (1488 bytes)
Hash
ee178ba4781761c7186d522fee7b7c33
0fa4e5dd29bb8f8e26bc31eee39b3de3aad17e1e
882d2966a9158cd7f2f5b0b99f8f845287916f442cd589288264e3a9f3b4bd64

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/i33f8637-DoAnNVHb.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-5d0"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80df47b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/c306cad1-CXZMlOeV.js

172.64.150.45

200 OK

766 B

URL GET
ouraimonupt.com/_astro/c306cad1-CXZMlOeV.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (765)
Size
766 B (766 bytes)
Hash
32856bf112dc8705c697880dc2617b09
dff3c4cda0d1f2c99670984ce76901996a26646d
85b5e853a66a88909ed7776399cb597ca54af0188d2e65007c7434ef594f29ef

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/c306cad1-CXZMlOeV.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-2fe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f88ad4bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/f0909b71e4-k0-2Hpcn.js

172.64.150.45

200 OK

102 B

URL GET
ouraimonupt.com/_astro/f0909b71e4-k0-2Hpcn.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
15949c5266f4fe9e53a4c83b3b2df70b
19720b74a0952a99d110a9a5937c23064119a1fc
8d10af3bdc114107fc9970b01b4e4878bb05aaa0fd8479e96f58695379fdfb1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/f0909b71e4-k0-2Hpcn.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-66"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e1dbcb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/h1664d761-CshqJcBP.js

172.64.150.45

200 OK

189 B

URL GET
ouraimonupt.com/_astro/h1664d761-CshqJcBP.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
189 B (189 bytes)
Hash
05ee45da5dac65bda4c02b0c9218aec9
128d5614fd997866be182f993e7fe5ca948e0e93
b600e24f22d54b13bbc71f081afe7b535ab997e86da056bf3dc70be753ce976f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/h1664d761-CshqJcBP.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-bd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80df50b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/g9aad8703a-lbDJYatH.js

172.64.150.45

200 OK

104 B

URL GET
ouraimonupt.com/_astro/g9aad8703a-lbDJYatH.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
a568f98eacdd0cbe4b57259022f91406
11ab30509cb70a4ebb5b0f7dbb572d34d75ae611
cfe1901f0ccee2096a9f4b215ae5f15d1e9016b20f2e78ea2b56ef8571ab42ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/g9aad8703a-lbDJYatH.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-68"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8dcd4eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/z4d16435d3-DA-ufnh7.js

172.64.150.45

200 OK

103 B

URL GET
ouraimonupt.com/_astro/z4d16435d3-DA-ufnh7.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
850ebe58e0bfbe71cc4325b02c6f13a5
9bba0b4a4960b969933ee2fc4c4f48b860bba6c4
65d3521008ad849aa53a6bf7824f77956e9b665a846fcde19ad250e9a85374db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/z4d16435d3-DA-ufnh7.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-67"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e1dd7b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/u5095a34-BTtSEypr.js

172.64.150.45

200 OK

923 B

URL GET
ouraimonupt.com/_astro/u5095a34-BTtSEypr.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (922)
Size
923 B (923 bytes)
Hash
4746e19a46dfe5a35ce9dd78c3cf1bba
ff7715af6009795dfcf49b54fc5bdc1b7af41f37
844cb42e886f1315a514c7b909549c868fab050ca744f18167209f3ab20a5f07

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/u5095a34-BTtSEypr.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-39b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f2b5eb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/e8287326-B4-15ESz.js

172.64.150.45

200 OK

3.4 kB

URL GET
ouraimonupt.com/_astro/e8287326-B4-15ESz.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
JavaScript source, ASCII text, with very long lines (3416), with no line terminators
Size
3.4 kB (3416 bytes)
Hash
d0bd4dfa4ac6a324407e5a9c56fdcd37
104f780fe3dce38c6a88215bb2d6facc75ff694a
b59c924cac54815b2fc59a913489d04e8e4fc2001fcf98222779e88b510c0df8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/e8287326-B4-15ESz.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-d58"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f4ba6b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/t4a073d-DaBgxivg.js

172.64.150.45

200 OK

389 B

URL GET
ouraimonupt.com/_astro/t4a073d-DaBgxivg.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (389), with no line terminators
Size
389 B (389 bytes)
Hash
8469fb0a5bcb81f707aaf9c1a739f08d
2900d62af8c341b005a64b228ab81a8f57ce6cea
0238362dd3eea220a21d7d7e2c9bb2066fa680002d543fa6c5d633a51212016c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/t4a073d-DaBgxivg.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-185"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80bf05b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/b818d61-DXLin6xJ.js

172.64.150.45

200 OK

1.0 kB

URL GET
ouraimonupt.com/_astro/b818d61-DXLin6xJ.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (1014), with no line terminators
Size
1.0 kB (1014 bytes)
Hash
ce52ad661e595b911287ce3f505ebe6b
f5f2a584a7f9c8c86dc65b27b8c8a134cd5405c6
94bb451ea1d0fd5a585d406a962dc61ff85bd14759a0d09b5c9a26ea8f21aa08

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/b818d61-DXLin6xJ.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-3f6"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80cf1cb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/f385706c7-DwQG9I-5.js

172.64.150.45

200 OK

1.5 kB

URL GET
ouraimonupt.com/_astro/f385706c7-DwQG9I-5.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (1538), with no line terminators
Size
1.5 kB (1538 bytes)
Hash
956d7e2d60d4574b490f3933115ccc0c
717d318acbae15f1c745a0ee95290e9a3871382d
b693960a3639f7e28d5ea0153bbbf0be2b1f2620cf3e7fe0a325d0416104183b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/f385706c7-DwQG9I-5.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-602"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f889d2db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/cc747b-Ba86QhfC.js

172.64.150.45

200 OK

103 B

URL GET
ouraimonupt.com/_astro/cc747b-Ba86QhfC.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
1358d9f42c64adf11615e5e2c22741d7
9ca5f6cade8a23051fc11a2694b1d39eed9bbb5e
70754ac2728a1944f8d9b9f970fecf5fba77c21f9eda5bf0e2b4125b8b907536

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/cc747b-Ba86QhfC.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-67"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e4e20b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/d0e0b3f-CSrn5I-g.js

172.64.150.45

200 OK

104 B

URL GET
ouraimonupt.com/_astro/d0e0b3f-CSrn5I-g.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
5991f885b0881b21e1df47373f1eeac6
9507a7e09bb5e59473789029daa31ec557be0483
05b39d95c90ba3b6ac0ae028c016ea273a184a58a48b48d490f24f7cfbd67435

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/d0e0b3f-CSrn5I-g.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-68"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e4e25b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET fly.metozemoon.com/click?pid=2&offer_id=212&sub2=u336305&sub3=cl619448&sub7=rfhttps://fnget.com/&sub8=rdfnget.com&sub15=c20fc407e06e

35.204.100.195

302 Found

159 kB

URL User Request GET
fly.metozemoon.com/click?pid=2&offer_id=212&sub2=u336305&sub3=cl619448&sub7=rfhttps://fnget.com/&sub8=rdfnget.com&sub15=c20fc407e06e
IP
35.204.100.195:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerSectigo Limited
Subjectmetozemoon.com
FingerprintCE:7A:79:16:46:B9:7F:C9:85:F1:3E:5C:9C:05:77:81:31:47:FC:0A
ValidityWed, 02 Apr 2025 00:00:00 GMT - Thu, 02 Apr 2026 23:59:59 GMT

File type

Size
159 kB (158616 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=2&offer_id=212&sub2=u336305&sub3=cl619448&sub7=rfhttps://fnget.com/&sub8=rdfnget.com&sub15=c20fc407e06e HTTP/1.1
Host: fly.metozemoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 22 Apr 2025 19:34:45 GMT
content-length: 0
location: https://fly.metozemoon.com/sl?id=66fda0ddbb23f2139d89e989&pid=2&sub2=u336305&sub3=cl619448&sub4=&sub5=&sub6=&sub7=rfhttps://fnget.com/&sub8=rdfnget.com&sub15=c20fc407e06e&sub14=212&sub13=trafficback
x-adjust-use-original-forwarded-for: 1
access-control-allow-credentials: true
X-Firefox-Spdy: h2

GET phumsowoubsoag.net/link?z=8805346&var=434_u336305&ymid=6807ef55627a3600018c97c7

172.67.164.195

302 Found

159 kB

URL User Request GET
phumsowoubsoag.net/link?z=8805346&var=434_u336305&ymid=6807ef55627a3600018c97c7
IP
172.67.164.195:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectphumsowoubsoag.net
FingerprintFB:92:C4:A4:E4:08:EF:E6:79:24:0D:9C:1F:F0:48:5A:B8:C6:96:3E
ValidityWed, 05 Mar 2025 16:57:01 GMT - Tue, 03 Jun 2025 17:49:11 GMT

File type

Size
159 kB (158616 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /link?z=8805346&var=434_u336305&ymid=6807ef55627a3600018c97c7 HTTP/1.1
Host: phumsowoubsoag.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 22 Apr 2025 19:34:45 GMT
content-length: 0
location: https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
server: cloudflare
access-control-allow-credentials: true
access-control-allow-origin: 
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
link: <https://ouraimonupt.com>; rel="dns-prefetch preconnect"
referrer-policy: no-referrer
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
set-cookie: OAID=0481b371acaa433de2b30165f65d7e73; Expires=Wed, 22 Apr 2026 19:34:45 GMT
oaidts=1745350485; Expires=Wed, 22 Apr 2026 19:34:45 GMT
OXCCLK=9051085.1; Expires=Wed, 22 Apr 2026 19:34:45 GMT
allcnt=1; Expires=Wed, 22 Apr 2026 19:34:45 GMT
cf-ray: 93478f795a55f5ee-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ouraimonupt.com/_astro/a41131ada-8XphcrMl.js

172.64.150.45

200 OK

309 B

URL GET
ouraimonupt.com/_astro/a41131ada-8XphcrMl.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (308)
Size
309 B (309 bytes)
Hash
2e6975774e41ad4f9af4a980162444a9
28f0a67660dd60288edc6669680c01621e2ef961
d1590c5601e5ec139c8ff6909bec462dd0c3cbfad05ad9a051c453e36b40b165

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/a41131ada-8XphcrMl.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-135"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f3b8db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/ecc603486-D9n67L97.js

172.64.150.45

200 OK

1.3 kB

URL GET
ouraimonupt.com/_astro/ecc603486-D9n67L97.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (1261)
Size
1.3 kB (1262 bytes)
Hash
2def18eaed9bcabb83bfa1a3aea65e24
3484640e2d5a1fcf7152fe8fd1e5e5291fb74595
4b1b9289373e7f3914337526f88fc39730e9688ff3e916ae15d0f9119cc2dc73

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/ecc603486-D9n67L97.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-4ee"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f4bb0b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/c0a459fb-Dzxtndzf.webp

172.64.150.45

200 OK

3.3 kB

URL GET
ouraimonupt.com/_astro/c0a459fb-Dzxtndzf.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.3 kB (3342 bytes)
Hash
493a8bc5ee16e54e62892df5aa14b219
b1dc6e8e6a6384f3f4a878c02d117ebae7cc3c62
619b0b3512138a42972fa24f0d6d9cdb6f8b79ddf79c23374d3f411075b3988b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/c0a459fb-Dzxtndzf.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 3342
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: "6807c980-d0e"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 456
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f920c1bb50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/s4b4b63cc3-DXfDKISJ.js

172.64.150.45

200 OK

1.4 kB

URL GET
ouraimonupt.com/_astro/s4b4b63cc3-DXfDKISJ.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
JavaScript source, ASCII text, with very long lines (1402)
Size
1.4 kB (1403 bytes)
Hash
ba3950b7ba12a9f8f7a4157ed0467802
21a6a160cc8114b13b7eec2c114ad67858900277
a87d3033e60a69ee571a296fbe7e13688273b9f1bb27e94a8a8df17a4eb9c4c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/s4b4b63cc3-DXfDKISJ.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-57b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80bf01b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/z38d195-C6YkR2y6.js

172.64.150.45

200 OK

4.7 kB

URL GET
ouraimonupt.com/_astro/z38d195-C6YkR2y6.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
JavaScript source, ASCII text, with very long lines (4736)
Size
4.7 kB (4737 bytes)
Hash
f6ebc35af3bc7c6b61a7f7948621d0fa
988de3b30068cdee4d68febfca9dc0b0329cd0df
e4fd487a5b4284266df8d505a51f89733591c7c2c65476e5a9b15ff224eff08a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/z38d195-C6YkR2y6.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-1281"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80ff7bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/c107110c-Bz9whPi3.js

172.64.150.45

200 OK

2.5 kB

URL GET
ouraimonupt.com/_astro/c107110c-Bz9whPi3.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (2539)
Size
2.5 kB (2540 bytes)
Hash
b0b24465744b17acb68fd197216658df
eebe590481711ac82b86cf29949624ce0c7a2664
9796207b2d97368e5d33f5c5c56481a996308be301231516abf9eee8d43c1103

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/c107110c-Bz9whPi3.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-9ec"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f811fbfb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/x9c0334-DOW4vgMK.webp

172.64.150.45

200 OK

264 B

URL GET
ouraimonupt.com/_astro/x9c0334-DOW4vgMK.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
264 B (264 bytes)
Hash
606085e7a74fd169da34f9fcb43ad12d
77226a50488fb48256d36f1810a136b69d635f74
df20f4c1d87cb10514a6d526dde70759334705d90a909df0e6cb130061ce1ea5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/x9c0334-DOW4vgMK.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 264
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: "6807c981-108"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 456
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f8e5e37b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/a4d3be2-C_bzxKgi.js

172.64.150.45

200 OK

2.0 kB

URL GET
ouraimonupt.com/_astro/a4d3be2-C_bzxKgi.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (1980)
Size
2.0 kB (1981 bytes)
Hash
a783ed20a8eac890a952addd0f6235a8
a8eeff0e6cbbdc27c53940febcc3e1bc12f75384
2105a1e6029c312f5c053d9b5904fc6b56b0cfa868b04c91e185181770d4da9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/a4d3be2-C_bzxKgi.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-7bd"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80df4bb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/f1d6892837-C5FhhrhK.js

172.64.150.45

200 OK

612 B

URL GET
ouraimonupt.com/_astro/f1d6892837-C5FhhrhK.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (612), with no line terminators
Size
612 B (612 bytes)
Hash
63cdd8cd7f34dae90ef362b99692701a
35e1e4cef1352191bfe281c95c066dacd0e25080
e4419b424f07b48380cf21931123f36e2b763feb8f6ea6f6673b34f65ef97b93

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/f1d6892837-C5FhhrhK.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-264"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f863953b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/x3566e2e9f-BzNbjw7a.js

172.64.150.45

200 OK

5.0 kB

URL GET
ouraimonupt.com/_astro/x3566e2e9f-BzNbjw7a.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (4808)
Size
5.0 kB (5010 bytes)
Hash
63bcea3055e9e0a067834ff1915bf8ad
eae3b333aadb9670677a93594f980dec26ce4551
258c1c282f83e5112b15d0e425d66740907db8231d9489f857ee54d05ca7bc95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/x3566e2e9f-BzNbjw7a.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-1392"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f863956b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/a5737f21-BtBIVxPd.webp

172.64.150.45

200 OK

1.1 kB

URL GET
ouraimonupt.com/_astro/a5737f21-BtBIVxPd.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
1.1 kB (1074 bytes)
Hash
e97abf6f136d9497fc14cb9e72b2c636
51f062d0abe008f75f96ad377deea587d47c381c
b462d5f38bf4519ff8232bcaa8c7e7420ed95c2a5e0d180565013aa7f3437776

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/a5737f21-BtBIVxPd.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 1074
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: "6807c980-432"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 456
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f8e5e32b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/p2b2156e-DCIyaCJ1.js

172.64.150.45

200 OK

173 B

URL GET
ouraimonupt.com/_astro/p2b2156e-DCIyaCJ1.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text
Size
173 B (173 bytes)
Hash
0a1a3a39af333741f2d3147d40f995eb
51209578817cb943f62b505aaaf6f6fb59f00849
19729b96300dc8aad6d1f933d35820764262e57f48c69af6eb5faa7380a1fd70

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/p2b2156e-DCIyaCJ1.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-ad"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f2b60b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/b51a92fe-C5jsHIzb.js

172.64.150.45

200 OK

267 B

URL GET
ouraimonupt.com/_astro/b51a92fe-C5jsHIzb.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text
Size
267 B (267 bytes)
Hash
6a6a577a97a82a7ab7d7d3b9de26d49d
afb62b0dd000265f3f15921426536d01fbf70754
b3d57c0804f62843157bdcb3a1b44965f6cdf0e33b70dc5953f6d81756220298

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/b51a92fe-C5jsHIzb.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-10b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f3b7cb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/l91dbf0b6e-beUTGtJR.js

172.64.150.45

200 OK

7.1 kB

URL GET
ouraimonupt.com/_astro/l91dbf0b6e-beUTGtJR.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, Unicode text, UTF-8 text, with very long lines (6582)
Size
7.1 kB (7128 bytes)
Hash
1879e85d4d9d12447447d32c34fc201d
83878fa0a7d998c1f559fc801adec431dcccccf0
7687ee9429c10dcffe374315a8652d5f92abaf797294d030d970a7ab4b0d6f9c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/l91dbf0b6e-beUTGtJR.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-1bd8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f4bb9b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/dd98f4e3-CG5Aa3zw.js

172.64.150.45

200 OK

67 kB

URL GET
ouraimonupt.com/_astro/dd98f4e3-CG5Aa3zw.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
67 kB (67282 bytes)
Hash
0fcd5555dd87f7013b2644334f89f947
cd8245009d3d48ec0d955762a684bbfdc92c634c
82c9e05b38870ae0a44444d4dcb3580fb83d204a20e198e85e3891d83f263e79

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/dd98f4e3-CG5Aa3zw.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-106d2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80aef3b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/u332b36699-BEXalUiX.webp

172.64.150.45

200 OK

2.7 kB

URL GET
ouraimonupt.com/_astro/u332b36699-BEXalUiX.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.7 kB (2650 bytes)
Hash
588ec8375786f1eca8d929945e56ce3c
776a27723c235d2ae8d59985c8c9e679effe6498
94e7731534edf0b837ca2d0df13c89976d94cf63e4b603396f08128962c6e90e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/u332b36699-BEXalUiX.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 2650
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: "6807c981-a5a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 411
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f922c51b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/b83671d5-Dp4vwJgB.js

172.64.150.45

200 OK

476 B

URL GET
ouraimonupt.com/_astro/b83671d5-Dp4vwJgB.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (475)
Size
476 B (476 bytes)
Hash
d5bea112b79834980ef2f4c9efee6b60
39b58dc9be9db8fd1c2f527bd504a00360f95397
7dfba9183f955c9ae364a2176c7a06541ed477791c550b665b29177e928fe15d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/b83671d5-Dp4vwJgB.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-1dc"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f2b66b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/w26c05c7a-B9QxexN0.js

172.64.150.45

200 OK

612 B

URL GET
ouraimonupt.com/_astro/w26c05c7a-B9QxexN0.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (611)
Size
612 B (612 bytes)
Hash
ce3ddcd9f87ea2a9b22669baa1471776
6291b0afbc5f5f91a5ab21401e26d8bfaf15e248
bc6f4021d8805a90073c87579fa70baef19156ae8edc4028408aab3358590082

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/w26c05c7a-B9QxexN0.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-264"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:46 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f7f3b83b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/f21d30d3d-Byn9Iu8w.js

172.64.150.45

200 OK

37 kB

URL GET
ouraimonupt.com/_astro/f21d30d3d-Byn9Iu8w.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (35780)
Size
37 kB (37225 bytes)
Hash
08baf69905ec0b662bdca9707f68cfa0
40a0a5e9eaf5e26615f702a67a7056afb760bebd
b9cd1a63e1bf7e4bca05d63413f997833c2b2f34b16a4e7e324850ee1e731c3d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/f21d30d3d-Byn9Iu8w.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-9169"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80aef0b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/j4c0d6231-CPY_kjfA.js

172.64.150.45

200 OK

3.5 kB

URL GET
ouraimonupt.com/_astro/j4c0d6231-CPY_kjfA.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
JavaScript source, ASCII text, with very long lines (3540), with no line terminators
Size
3.5 kB (3540 bytes)
Hash
c837c12b4d7e3e4431ed433f2e9cb289
67d1f786c5949ff50d9bc85b4dfde4cae4d56692
ab72a8a9e4a2c468533587713dfd97c82d9227a92ef29434a5145d07dfaa09d2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/j4c0d6231-CPY_kjfA.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-dd4"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80df43b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/c67a7f16-CKZqHJxU.js

172.64.150.45

200 OK

102 B

URL GET
ouraimonupt.com/_astro/c67a7f16-CKZqHJxU.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
7a381638534793adefdcecfcb0bb6756
3cf92d99196a2f68ee16728bb9a837d0eae79e37
b7cf134fc251ccf28a106d186534f7b5bb2efb368ff16726ae11a7b72f7ffac2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/c67a7f16-CKZqHJxU.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-66"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e1dbeb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/b28c5f21f-D7tDqOEQ.webp

172.64.150.45

200 OK

3.8 kB

URL GET
ouraimonupt.com/_astro/b28c5f21f-D7tDqOEQ.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.8 kB (3816 bytes)
Hash
994b3a71a57969afe8d521fd99a21516
b1514932a55c1f324b7fb7796ed129af08d3e419
b5b6aded70b2da4c2e3a2245b6540765e9b9e89f425051523a060d1a6da4f28a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/b28c5f21f-D7tDqOEQ.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 3816
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: "6807c980-ee8"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 418
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f920c15b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/g8e2ae5-Akoqqf11.webp

172.64.150.45

200 OK

3.0 kB

URL GET
ouraimonupt.com/_astro/g8e2ae5-Akoqqf11.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
3.0 kB (2950 bytes)
Hash
1f78bc57129ea9b186a1e5188365a659
8ba65af5977878c8d3e73ea05530dc00fbe8cc96
76bf9c644dcfca01fa95f7a64d7338cb1088dc4ae45fbfc852718cc9bc9b226e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/g8e2ae5-Akoqqf11.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 2950
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: "6807c981-b86"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 408
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f923c86b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/fbb58f02-Bey6XMsF.webp

172.64.150.45

200 OK

2.7 kB

URL GET
ouraimonupt.com/_astro/fbb58f02-Bey6XMsF.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.7 kB (2712 bytes)
Hash
b74c9fa59f2d0405ec351240c503dcb8
6e9522c102f8b78f9fbd2ff8f81fd32e6f615a7b
a9af5e537bf204b98e8adb21c130e2bd71a30bb1808da53e043de6ae203fa979

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/fbb58f02-Bey6XMsF.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 2712
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: "6807c981-a98"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 406
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f921c49b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET fly.metozemoon.com/sl?id=66fda0ddbb23f2139d89e989&pid=2&sub2=u336305&sub3=cl619448&sub4=&sub5=&sub6=&sub7=rfhttps://fnget.com/&sub8=rdfnget.com&sub15=c20fc407e06e&sub14=212&sub13=trafficback

35.204.100.195

302 Found

159 kB

URL User Request GET
fly.metozemoon.com/sl?id=66fda0ddbb23f2139d89e989&pid=2&sub2=u336305&sub3=cl619448&sub4=&sub5=&sub6=&sub7=rfhttps://fnget.com/&sub8=rdfnget.com&sub15=c20fc407e06e&sub14=212&sub13=trafficback
IP
35.204.100.195:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerSectigo Limited
Subjectmetozemoon.com
FingerprintCE:7A:79:16:46:B9:7F:C9:85:F1:3E:5C:9C:05:77:81:31:47:FC:0A
ValidityWed, 02 Apr 2025 00:00:00 GMT - Thu, 02 Apr 2026 23:59:59 GMT

File type

Size
159 kB (158616 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sl?id=66fda0ddbb23f2139d89e989&pid=2&sub2=u336305&sub3=cl619448&sub4=&sub5=&sub6=&sub7=rfhttps://fnget.com/&sub8=rdfnget.com&sub15=c20fc407e06e&sub14=212&sub13=trafficback HTTP/1.1
Host: fly.metozemoon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 22 Apr 2025 19:34:45 GMT
content-length: 0
location: https://save.svensnd.com/click?pid=434&offer_id=25516&sub2=434_u336305&sub6=6807ef555dec4f000194c42b
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6807ef555dec4f000194c42b; expires=Wed, 22 Apr 2026 19:34:45 GMT; secure; SameSite=None
access-control-allow-credentials: true
X-Firefox-Spdy: h2

GET ouraimonupt.com/_astro/x22a7e6ae-CVAMu2T7.js

172.64.150.45

200 OK

199 B

URL GET
ouraimonupt.com/_astro/x22a7e6ae-CVAMu2T7.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text
Size
199 B (199 bytes)
Hash
c4c96c0374fa03a67984d546dd4cc7d7
797b4510efe5940668f6982aa5948530e495f580
01730517f3343990f21fa3a62b9893f567ec83e0128e3d6f9341360915927865

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/x22a7e6ae-CVAMu2T7.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-c7"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80ff76b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/x9eea5ac5f-CMxuAt-0.js

172.64.150.45

200 OK

284 B

URL GET
ouraimonupt.com/_astro/x9eea5ac5f-CMxuAt-0.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text
Size
284 B (284 bytes)
Hash
2bd986020ada07aecfbf829958299ea3
3e17192dde87c4b7882ec9857ee41701903296da
594bf3a8ba71c7aacd5e4926b59ef7349acf2e84e47123e7b82ee6d1b93ba1eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/x9eea5ac5f-CMxuAt-0.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-11c"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8a582fb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/d209ad4-BWduRDVq.js

172.64.150.45

200 OK

103 B

URL GET
ouraimonupt.com/_astro/d209ad4-BWduRDVq.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
9b1cfdb2108d46ee65b2e9e99207ac25
1298f84edb214fe4fb1e4496d16bb9144730c21e
1bb827ee71e98f88da1ce3d85cbdc2c6a9ead8fb4bb5e7af9e55deeb4a89c1b8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/d209ad4-BWduRDVq.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-67"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8ddd70b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/q7ec6ab05-CcVPJspU.webp

172.64.150.45

200 OK

12 kB

URL GET
ouraimonupt.com/_astro/q7ec6ab05-CcVPJspU.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
12 kB (11774 bytes)
Hash
eb224b5a86e8c9f478bd6f2a8c3c53ac
0bdc5a91bb1c87fe55b023ee6cef886edb64967e
e910f36c92776b4e4a415316307a6cbb4d4f039bb8d66dd094c7b90d76f6fa1c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/q7ec6ab05-CcVPJspU.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: image/webp
content-length: 11774
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: "6807c981-2dfe"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 454
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f803de1b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/p2ce02d4a-Bm7tABT_.js

172.64.150.45

200 OK

73 B

URL GET
ouraimonupt.com/_astro/p2ce02d4a-Bm7tABT_.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
73 B (73 bytes)
Hash
41782e192d6e714b886e20dfe76c1bc9
16edbb13768eab6c97619a38b7d15e161d0d88d8
4b58f84fb12e4acc744f9764edcdd40efc0df8ac1f516e7f3c508887736e5a95

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/p2ce02d4a-Bm7tABT_.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-49"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f813fe5b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/l0ef98cb-DATSOSwR.js

172.64.150.45

200 OK

2.8 kB

URL GET
ouraimonupt.com/_astro/l0ef98cb-DATSOSwR.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (2647)
Size
2.8 kB (2789 bytes)
Hash
2b0ca6c477211fa964b4a6385e6c1486
a56e080a1d68bb9cbaf2182bae765d25b5b32750
0bbe55140d373ac24486e90e1f828a7612126d2a1e564dcc8ec20c67a57a9a47

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/l0ef98cb-DATSOSwR.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-ae5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f814ff8b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/d97e2bf767-BJGTsJ2o.js

172.64.150.45

200 OK

3.5 kB

URL GET
ouraimonupt.com/_astro/d97e2bf767-BJGTsJ2o.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (3476)
Size
3.5 kB (3477 bytes)
Hash
46bf99dad3d39387fbd425308ef93028
cd09f544fea087f9e40143bf07d48d0e8d84f242
40aabdef18eb3e6926d548c5adf39689acc484f228ac49908f397796348264c0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/d97e2bf767-BJGTsJ2o.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-d95"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f888d1ab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/h7f2533-Cfv0wZPe.js

172.64.150.45

200 OK

1.9 kB

URL GET
ouraimonupt.com/_astro/h7f2533-Cfv0wZPe.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (1922)
Size
1.9 kB (1923 bytes)
Hash
7ff3665ca7854e2a95b24df8e4bdd828
a83d405eed5285a90f520cba2026b2b0d8944a36
79c6560b4c3196c414543f33fb6dd63970153c8b47c8e176c11cf85bb07c6f6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/h7f2533-Cfv0wZPe.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-783"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80df56b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/s9db00a72-P5jCbDl2.js

172.64.150.45

200 OK

103 B

URL GET
ouraimonupt.com/_astro/s9db00a72-P5jCbDl2.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
c2d5dffdec9995b6a143cc2cc4336321
3764f99fa8e81c8f2f0c856bf0ddaa80988f7b81
c56f6f70bb8120ad7e3935e480952dc43b7782d720430f1c760a1a8e76a83fae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/s9db00a72-P5jCbDl2.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-67"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8dbd3fb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/fd0815-Bk7JblOE.js

172.64.150.45

200 OK

104 B

URL GET
ouraimonupt.com/_astro/fd0815-Bk7JblOE.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
2f89686e5328c2780a659da99ea7bd77
0269c4b84ce10d38cc249b71bed2f35294590e92
8df354a7a409ca19661829241a1c94ebf941d0f5f7ae9b53cfbb0240d56144b7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/fd0815-Bk7JblOE.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-68"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8e3e10b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET save.svensnd.com/click?pid=434&offer_id=25516&sub2=434_u336305&sub6=6807ef555dec4f000194c42b

34.91.234.242

302 Found

159 kB

URL User Request GET
save.svensnd.com/click?pid=434&offer_id=25516&sub2=434_u336305&sub6=6807ef555dec4f000194c42b
IP
34.91.234.242:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerSectigo Limited
Subjectsave.svensnd.com
FingerprintF9:34:8B:4C:20:2B:F9:CB:59:38:B9:2D:4D:C1:02:4E:D1:30:D3:7D
ValidityFri, 21 Feb 2025 00:00:00 GMT - Sat, 21 Feb 2026 23:59:59 GMT

File type

Size
159 kB (158616 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click?pid=434&offer_id=25516&sub2=434_u336305&sub6=6807ef555dec4f000194c42b HTTP/1.1
Host: save.svensnd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Tue, 22 Apr 2025 19:34:45 GMT
content-length: 0
location: https://phumsowoubsoag.net/link?z=8805346&var=434_u336305&ymid=6807ef55627a3600018c97c7
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=6807ef55627a3600018c97c7; expires=Wed, 22 Apr 2026 19:34:45 GMT; secure; SameSite=None
afoffers={"25516":1745350485}; expires=Wed, 22 Apr 2026 19:34:45 GMT; secure; SameSite=None
access-control-allow-credentials: true
X-Firefox-Spdy: h2

GET ouraimonupt.com/_astro/a14fc2ee-C7_oNhAY.js

172.64.150.45

200 OK

2.8 kB

URL GET
ouraimonupt.com/_astro/a14fc2ee-C7_oNhAY.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (2788)
Size
2.8 kB (2789 bytes)
Hash
17604888df98e7c87d50734b24bbedc2
60f5f1526734d8bc24df49ca2b37f2f9f51a42a6
b00f1847e7dbff8cd6961cd0f0c759ee94c57b74b2d2c561098a40a9ca4c9763

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/a14fc2ee-C7_oNhAY.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-ae5"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80aef5b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/l1cf30356-moGCk_WM.js

172.64.150.45

200 OK

49 kB

URL GET
ouraimonupt.com/_astro/l1cf30356-moGCk_WM.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
JavaScript source, ASCII text, with very long lines (49282), with no line terminators
Size
49 kB (49282 bytes)
Hash
5be4c8fb69fdeea85b4d74acf6e42150
f55d4a279fb6d215de2ef9ae7052195172292d4e
3999a50f9687e3485d92df9167a5233e17c15e37d15f1fb762d1d5d136e75823

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/l1cf30356-moGCk_WM.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-c082"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80bef7b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/z2188bd805-BIAIvrgF.js

172.64.150.45

200 OK

1.6 kB

URL GET
ouraimonupt.com/_astro/z2188bd805-BIAIvrgF.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (1555)
Size
1.6 kB (1556 bytes)
Hash
4f62210225f4bbb7e1895beadc03dfe8
28576301d6e77ca6a76f0d89f8fa37d53aba76a9
7f4966ca46d405d1cd45d3060370dbd9f2afa71d8b5eff741f79b2556e0355d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/z2188bd805-BIAIvrgF.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-614"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80df39b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/g717fdbe-BffaBK3K.webp

172.64.150.45

200 OK

2.8 kB

URL GET
ouraimonupt.com/_astro/g717fdbe-BffaBK3K.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.8 kB (2770 bytes)
Hash
92f52185fbc77ce09c20007c4ac9e1d5
c6e1b2d98b2a1ebbcde91939dcc429c096ed562a
3a53dce3130d0ad7622466ffa9d9537e33f77c8c45bd27a2b69b1e818177de9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/g717fdbe-BffaBK3K.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 2770
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: "6807c981-ad2"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 406
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f923c75b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b

172.64.150.45

200 OK

159 kB

URL User Request GET
ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
159 kB (158616 bytes)
Hash
fb9fda8b78b1ea99740c9df1eaa5bc41
47f6bd52421c930fcc016ef4fe0d76720ea1b10f
cebf5cbf2ab5eea91bab7257e192587ac730a54b416594e2c74495df20ecd949

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 22 Apr 2025 19:34:46 GMT
content-type: text/html
cf-ray: 93478f7abfe81c16-OSL
cf-cache-status: HIT
cache-control: public, max-age=3600
expires: Tue, 22 Apr 2025 20:34:46 GMT
last-modified: Tue, 22 Apr 2025 16:53:26 GMT
strict-transport-security: max-age=1
vary: Accept-Encoding
x-content-type-options: nosniff
set-cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; path=/; expires=Tue, 22-Apr-25 20:04:46 GMT; domain=.ouraimonupt.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ouraimonupt.com/_astro/i8e7c2c0e-BwvGrg9N.js

172.64.150.45

200 OK

955 B

URL GET
ouraimonupt.com/_astro/i8e7c2c0e-BwvGrg9N.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (954)
Size
955 B (955 bytes)
Hash
2efe3bd4f4d9e0150d3602849960b4cf
223bae0982f2024132d8ee1511f2538a5becdd02
7a9c32a60e571bde61ca0e73e62ae1eefc63b9acbd18224fdea00dd2f638f4ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/i8e7c2c0e-BwvGrg9N.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-3bb"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80ff7db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/c5fef33e-DZN9DhNi.js

172.64.150.45

200 OK

919 B

URL GET
ouraimonupt.com/_astro/c5fef33e-DZN9DhNi.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (919), with no line terminators
Size
919 B (919 bytes)
Hash
463f26d00912d7ace5cd23429e7eb0c1
c869ff99690ba387511211d4615cb940096b0457
eb43cc539777b2a652336de3d987deec2529b269aa2f288e251fd7fe3410f71f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/c5fef33e-DZN9DhNi.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-397"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f813feab50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/f4d7fa93-BkMqrgpW.webp

172.64.150.45

200 OK

2.6 kB

URL GET
ouraimonupt.com/_astro/f4d7fa93-BkMqrgpW.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
2.6 kB (2586 bytes)
Hash
18ddd923ca7dcba65552e8acb3e1a6f4
a9ae6a64cd5346ffe09caa44cff68c83a423ac6b
e2af5013cbd1a4d10232f2e6e702362461e611de2c4981e423b1e483e1ac74fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/f4d7fa93-BkMqrgpW.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 2586
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: "6807c980-a1a"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 418
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f921c39b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET my.rtmark.net/gid.js?userId=dlntdkb9ev2gpvnm3rm626wf5bstar

104.18.41.22

200 OK

63 B

URL GET
my.rtmark.net/gid.js?userId=dlntdkb9ev2gpvnm3rm626wf5bstar
IP
104.18.41.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectmy.rtmark.net
Fingerprint03:52:6A:BD:35:83:43:81:AF:25:BB:A3:26:97:D1:78:25:73:A4:C9
ValidityTue, 04 Mar 2025 10:39:32 GMT - Mon, 02 Jun 2025 11:39:29 GMT

File type
JSON text data
Size
63 B (63 bytes)
Hash
4d9890ed5e81c92d9d2983cf1c320382
fa6ad0f7f4837bdc0b557d94aeeacff77b5e164c
52bb19f6d2b160a52a28c6eac5e7c9c3f222bc0e1b7c8ba6e899af06b8c1adcc

HTTP Headers

GET /gid.js?userId=dlntdkb9ev2gpvnm3rm626wf5bstar HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ouraimonupt.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ouraimonupt.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=dlntdkb9ev2gpvnm3rm626wf5bstar; expires=Wed, 22 Apr 2026 19:34:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 93478f88ea83b517-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ouraimonupt.com/_astro/m5729eef-BcxLYXM1.webp

172.64.150.45

200 OK

866 B

URL GET
ouraimonupt.com/_astro/m5729eef-BcxLYXM1.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
866 B (866 bytes)
Hash
5ccd0e0b546c18b101aee4ddd519981d
9713e1200e35c8c3f682fa792fda89b898cf7aca
b489e2b31ce3037d8e68aa8acb36df8d726f489ea28a0aa2bb107487cf371348

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/m5729eef-BcxLYXM1.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 866
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: "6807c981-362"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 456
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f8e5e3fb50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/ef640c569-GOE7dSqj.js

172.64.150.45

200 OK

331 B

URL GET
ouraimonupt.com/_astro/ef640c569-GOE7dSqj.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (331), with no line terminators
Size
331 B (331 bytes)
Hash
8eaf419844360ea609b73020d4f4619c
f0b9bfc21389abf2bbaaf574f784e6c9f4e01673
a1fbc5649bd3c80bb80100311b460a841ca7c98abb85b81e1c0f02670181c749

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/ef640c569-GOE7dSqj.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-14b"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f811fc0b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/b91b8da-CaIFFUCf.js

172.64.150.45

200 OK

365 B

URL GET
ouraimonupt.com/_astro/b91b8da-CaIFFUCf.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
Java source, ASCII text, with very long lines (364)
Size
365 B (365 bytes)
Hash
3f03fce51384b97e195bcfda87ccb183
496124b60356ae564c5cf887f19b78630b688c5e
49d0356ef9c88618ac0fdcaa4a97a293309e41259bd3138a66443bc014e4cd4e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/b91b8da-CaIFFUCf.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-16d"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f88cd75b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/l2261a5f1-DMy3KDJc.js

172.64.150.45

200 OK

103 B

URL GET
ouraimonupt.com/_astro/l2261a5f1-DMy3KDJc.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
103 B (103 bytes)
Hash
b2e8ddff132c4002af247e5cc1758544
5873746b807fac4e53a05b9c0befab2dcbcacad7
754e9b0678d2d1844693e9d31c3021af9b493961e1e58db61b84aa8469077a26

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/l2261a5f1-DMy3KDJc.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-67"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8dcd5fb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/b7557f-BiZc4OO6.webp

172.64.150.45

200 OK

770 B

URL GET
ouraimonupt.com/_astro/b7557f-BiZc4OO6.webp
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
RIFF (little-endian) data, Web/P image
Size
770 B (770 bytes)
Hash
66a5e8404b4514c579de67193ceae684
f41725c0b728ace6b8a7a328104ab25ae12eb778
71550ce5c0583f2db91a7644ae869cb122cbc76f5718915e789243d6297d5f89

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/b7557f-BiZc4OO6.webp HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo; OAID=dlntdkb9ev2gpvnm3rm626wf5bstar; syncedCookie=true; oaidts=1745350488
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:49 GMT
content-type: image/webp
content-length: 770
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: "6807c980-302"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 456
expires: Tue, 22 Apr 2025 20:34:49 GMT
cache-control: public, max-age=3600
accept-ranges: bytes
priority: u=4,i=?0
server: cloudflare
cf-ray: 93478f8e5e2db50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/e5e30ef8-BBU97REQ.js

172.64.150.45

200 OK

119 B

URL GET
ouraimonupt.com/_astro/e5e30ef8-BBU97REQ.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with no line terminators
Size
119 B (119 bytes)
Hash
c6e9bc7692c51dbe7cae27ce00e833db
631cd431a65414d4b56821a16cb64d951d885ecd
a2f8d341c5bce19de51258d2007cfef1c066cd691b9cf41c379b3a95e2a42895

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/e5e30ef8-BBU97REQ.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:20 GMT
vary: Accept-Encoding
etag: W/"6807c980-77"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f80cf25b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET ouraimonupt.com/_astro/j529e61-BHLhoRW5.js

172.64.150.45

200 OK

1.2 kB

URL GET
ouraimonupt.com/_astro/j529e61-BHLhoRW5.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (1231), with no line terminators
Size
1.2 kB (1231 bytes)
Hash
fd2e9b23a630e5ad2935a90d22ce2432
5aa7e9268a4e8a0b003b8d710042920f978fd65c
82ec6c4d44165a9e317f9e82052c7a1f9bd9811322822e73665def4c3febd570

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/j529e61-BHLhoRW5.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:47 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-4cf"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5186
expires: Tue, 22 Apr 2025 20:34:47 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f811fc2b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET cdntechone.com/stattag.js

104.21.36.146

200 OK

16 kB

URL GET
cdntechone.com/stattag.js
IP
104.21.36.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectcdntechone.com
Fingerprint97:E9:A0:32:A7:A0:07:E5:5E:9E:00:7A:0F:03:79:58:24:44:09:38
ValidityFri, 11 Apr 2025 06:42:40 GMT - Thu, 10 Jul 2025 07:40:25 GMT

File type
JavaScript source, ASCII text, with very long lines (15840)
Size
16 kB (16490 bytes)
Hash
80d7433dbc2b7708f2fa4e6a9943a116
350c6e2bb1cbd07de260856f918f4ececcd96894
54862ebdcfa23c67d6de25543e0b22014de8fd8d3d3aed09d615981bbdd76251

HTTP Headers

GET /stattag.js HTTP/1.1
Host: cdntechone.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
server: cloudflare
last-modified: Thu, 11 Jul 2024 10:23:50 GMT
link: <https://datatechone.com/>; rel=preconnect; crossorigin, <https://datatechonert.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 3305
etag: W/"668fb2b6-406a"
content-encoding: br
cf-ray: 93478f8868196da5-AMS
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET ouraimonupt.com/_astro/l8a770d2ac-BHdAp8bM.js

172.64.150.45

200 OK

787 B

URL GET
ouraimonupt.com/_astro/l8a770d2ac-BHdAp8bM.js
IP
172.64.150.45:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ouraimonupt.com/sweeps-survey/1383/?s=938630542640029837&z=8805346&var=434_u336305&campaignid=9051085&b=22951561&ymid=938630542640029837&city=oslo&svar=1745350485&ssk=676855aacd3acb809d963cb8d187b43b
Certificate
IssuerGoogle Trust Services
Subjectouraimonupt.com
FingerprintB5:D5:06:2A:93:04:40:70:6A:EE:05:81:68:48:A4:9E:7A:7B:26:B1
ValiditySun, 06 Apr 2025 15:14:38 GMT - Sat, 05 Jul 2025 16:14:36 GMT

File type
ASCII text, with very long lines (787), with no line terminators
Size
787 B (787 bytes)
Hash
658c73e01c6d06009ed7a4ee3caaf81e
1729ff9c7d0e4d02377c1213aaa2ab1548d16806
8f4003d9f46b4b7bf313f7631d119bc310f602bf9295d65cf6dd841d389d61e3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /_astro/l8a770d2ac-BHdAp8bM.js HTTP/1.1
Host: ouraimonupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=Fu0Js05IbwQzpRhHKK4hW_rVaP5ncsgDsmu3vWXaWOU-1745350486-1.0.1.1-WIOLkujxmpJen8AsKF2Sg9Tje5phNXrjQ9nr9qd.LPg5QqGUIcuNEzJNENVNopCWQAewzPnyktFVzYcx6vOlj2PtVHhYWdzSv1w5yBA47Zo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 22 Apr 2025 19:34:48 GMT
content-type: application/javascript
last-modified: Tue, 22 Apr 2025 16:53:21 GMT
vary: Accept-Encoding
etag: W/"6807c981-313"
strict-transport-security: max-age=1
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5187
expires: Tue, 22 Apr 2025 20:34:48 GMT
cache-control: public, max-age=3600
priority: u=3,i=?0
server: cloudflare
cf-ray: 93478f8a5835b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (73)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML