{"report_id":"084237c3-0899-4a9d-bb11-65968619ca2a","version":6,"status":"done","tags":[],"date":"2025-09-14T09:23:08Z","url":{"schema":"http","addr":"waptrick.net/en/free/mp3/Manaiki","fqdn":"waptrick.net","domain":"waptrick.net","tld":"net"},"ip":{"addr":"162.255.119.7","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"title":"Waptrick - Free downloads for your phone"},"submit":{"url":{"schema":"http","addr":"waptrick.net/en/free/mp3/Manaiki","fqdn":"waptrick.net","domain":"waptrick.net","tld":"net"},"ip":{"addr":"162.255.119.7","port":0,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-19T09:23:08Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":2,"urlquery":0,"analyzer":8}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-14T09:22:59Z","timestamp":1757841779,"ip_dst":{"addr":"172.18.0.24","port":49204,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"162.255.119.7","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Namecheap URL Forward","source":"{\"timestamp\":\"2025-09-14T09:22:59.518173+0000\",\"flow_id\":1394410682587717,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"162.255.119.7\",\"src_port\":80,\"dest_ip\":\"172.18.0.24\",\"dest_port\":49204,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2035208,\"rev\":2,\"signature\":\"ET INFO Namecheap URL Forward\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_02_16\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_02_16\"]}},\"http\":{\"hostname\":\"waptrick.net\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"http://waptrick.com\",\"length\":42},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":42,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":567,\"bytes_toclient\":505,\"start\":\"2025-09-14T09:22:48.989765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-14T09:23:00Z","timestamp":1757841780,"ip_dst":{"addr":"172.18.0.24","port":49220,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"162.255.119.7","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Namecheap URL Forward","source":"{\"timestamp\":\"2025-09-14T09:23:00.642361+0000\",\"flow_id\":1322315361708335,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"162.255.119.7\",\"src_port\":80,\"dest_ip\":\"172.18.0.24\",\"dest_port\":49220,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2035208,\"rev\":2,\"signature\":\"ET INFO Namecheap URL Forward\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_02_16\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_02_16\"]}},\"http\":{\"hostname\":\"waptrick.net\",\"url\":\"/en/free/mp3/Manaiki\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"http://waptrick.com\",\"length\":42},\"files\":[{\"filename\":\"/en/free/mp3/Manaiki\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":42,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":706,\"bytes_toclient\":505,\"start\":\"2025-09-14T09:22:50.157999+0000\"}}"}],"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"effluveputting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"az.isoamidtrusion.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"elegantimpose.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"adaptunemployed.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"creative-sb1.com","ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-09-12T12:20:34.839934Z","alert_count":0,"request_count":5,"received_data":171863,"sent_data":2264,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-09-09T22:05:04.72512Z","alert_count":0,"request_count":2,"received_data":171926,"sent_data":820,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"waptrick.net","ip":{"addr":"162.255.119.7","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"domain_registered":"2006-08-25","domain_rank":0,"first_seen":"2013-01-06T20:21:27Z","last_seen":"2025-09-14T01:25:42.07486Z","alert_count":2,"request_count":2,"received_data":13215,"sent_data":916,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-09-10T05:27:22.464069Z","alert_count":1,"request_count":1,"received_data":377,"sent_data":415,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"adaptunemployed.com","ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-11-06","domain_rank":1653212,"first_seen":"2024-12-03T06:53:15.851589Z","last_seen":"2025-09-14T01:02:53.569336Z","alert_count":1,"request_count":1,"received_data":77429,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"torchfriendlypay.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":191479,"first_seen":"2025-07-30T13:31:49.539518Z","last_seen":"2025-09-10T16:56:51.518632Z","alert_count":5,"request_count":5,"received_data":8001,"sent_data":2687,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-09-11T01:12:37.180085Z","alert_count":1,"request_count":1,"received_data":520,"sent_data":499,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-09-10T15:14:38.264059Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-09-09T22:05:04.732379Z","alert_count":0,"request_count":2,"received_data":992,"sent_data":1526,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-09-13T13:45:06.417621Z","alert_count":0,"request_count":1,"received_data":2069,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"waptrick.com","ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"domain_registered":"2006-05-25","domain_rank":95473,"first_seen":"2012-05-24T15:11:52Z","last_seen":"2025-09-14T01:02:54.306508Z","alert_count":0,"request_count":23,"received_data":110225,"sent_data":11514,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.profitabledisplaycontent.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2020-10-14","domain_rank":2021852,"first_seen":"2020-10-16T02:07:47Z","last_seen":"2025-09-08T15:43:31.662834Z","alert_count":0,"request_count":4,"received_data":125071,"sent_data":5925,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"elegantimpose.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-08-01","domain_rank":5682615,"first_seen":"2024-12-07T17:31:23.955743Z","last_seen":"2025-09-14T01:02:53.514938Z","alert_count":1,"request_count":1,"received_data":38517,"sent_data":445,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"effluveputting.com","ip":{"addr":"23.109.170.134","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-10-28","domain_rank":596886,"first_seen":"2024-12-07T19:08:03.413397Z","last_seen":"2025-09-14T01:02:53.556208Z","alert_count":1,"request_count":1,"received_data":1419,"sent_data":425,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"az.isoamidtrusion.com","ip":{"addr":"23.109.170.198","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"domain_registered":"2024-12-23","domain_rank":6949153,"first_seen":"2025-01-19T14:52:25.642701Z","last_seen":"2025-09-14T01:25:41.80356Z","alert_count":1,"request_count":1,"received_data":1418,"sent_data":429,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-09-12T07:36:01.738236Z","alert_count":0,"request_count":2,"received_data":106652,"sent_data":955,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"rashcolonizeexpand.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":31106,"first_seen":"2025-06-27T17:12:36.133274Z","last_seen":"2025-09-14T04:26:49.673169Z","alert_count":4,"request_count":4,"received_data":10221,"sent_data":4868,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-09-10T15:11:19.040403Z","alert_count":0,"request_count":2,"received_data":81926,"sent_data":1094,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-14T09:22:59Z","timestamp":1757841779,"ip_dst":{"addr":"172.18.0.24","port":49204,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"162.255.119.7","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Namecheap URL Forward","source":"{\"timestamp\":\"2025-09-14T09:22:59.518173+0000\",\"flow_id\":1394410682587717,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"162.255.119.7\",\"src_port\":80,\"dest_ip\":\"172.18.0.24\",\"dest_port\":49204,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2035208,\"rev\":2,\"signature\":\"ET INFO Namecheap URL Forward\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_02_16\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_02_16\"]}},\"http\":{\"hostname\":\"waptrick.net\",\"url\":\"/\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"http://waptrick.com\",\"length\":42},\"files\":[{\"filename\":\"/\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":42,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":567,\"bytes_toclient\":505,\"start\":\"2025-09-14T09:22:48.989765+0000\"}}"},{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-14T09:23:00Z","timestamp":1757841780,"ip_dst":{"addr":"172.18.0.24","port":49220,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"162.255.119.7","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Namecheap URL Forward","source":"{\"timestamp\":\"2025-09-14T09:23:00.642361+0000\",\"flow_id\":1322315361708335,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"162.255.119.7\",\"src_port\":80,\"dest_ip\":\"172.18.0.24\",\"dest_port\":49220,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2035208,\"rev\":2,\"signature\":\"ET INFO Namecheap URL Forward\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_02_16\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_02_16\"]}},\"http\":{\"hostname\":\"waptrick.net\",\"url\":\"/en/free/mp3/Manaiki\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"http://waptrick.com\",\"length\":42},\"files\":[{\"filename\":\"/en/free/mp3/Manaiki\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":42,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":706,\"bytes_toclient\":505,\"start\":\"2025-09-14T09:22:50.157999+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"42987033e1f4b8c46477c26decf09574","sha1":"e90dea73bd8240907f99361d77ad7d04a8c0dfd7","sha256":"37a15e211ee1f449a7c42bdd55686ad580435cae157953b3cb476da157fc7a1d","sha512":"15d301fc2e654ced64a9ca8c6f066014d44d3e103d1848652c83a474d579859951632509aa67c67cf07e83fa55810b34bf1c44728763e555c9b6ef92fb306d48","ssdeep":"","tlshash":"8f2102183be98529e217396e4e5f01257930d3233a19ae4c794c93b07f05c19cc967ee","size":1157,"data":"","first_seen":"2025-01-03T04:02:01.651512Z","last_seen":"2026-04-16T23:03:52.107433Z","times_seen":649,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a76dff92aa1b88c60ede1921a2383df7","sha1":"cafacb00dd4dd9875cba44c2241c18c26f3bd52c","sha256":"522401381e959aaddecd35fcd55c6fbd92ca04c0c4b5a675fcc7d44ef1d412af","sha512":"f67ae6581653a59550ccfac29dc6fd1f5af691c090031d0cbccef16a49b1c17fc35d173bce7ef78762cb81c5ae4a88dfb7c766066f123d664e9998b44e4e7289","ssdeep":"","tlshash":"3301407905652670842b379bb020d38c7c72a06673037456a19c538d8ef0f87292afee","size":826,"data":"","first_seen":"2023-03-09T09:29:47Z","last_seen":"2026-04-16T23:03:52.108267Z","times_seen":978,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","size":5080,"data":"","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"fed48f10f5134b3b99bc13e18d4e94e2","sha1":"ca61a3f1c30e65b1f6a36d08d60583ae5d214824","sha256":"78f99c829d124e6e77b88334a96cc85f6b1bfad303a87b7091c9196c4622fbac","sha512":"aa333f521063229ea1468d9487b307009a06a8cfc55a3b03630bb8c7c3c77014360f4f4e7fa1206d1ac11a1100183a27bf9f6c6a0ae417215fd63c6abc89c71e","ssdeep":"","tlshash":"9f31eab6dc265b4e1dc4b8a0343778264bb1cc6ab1d6c4624aa20cd5a122190bfa61b1","size":1564,"data":"","first_seen":"2025-09-14T09:23:11.245168Z","last_seen":"2025-09-14T09:23:11.245168Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"23252c3a1ad1d6bca76494c142e29399","sha1":"53aa586f62474f343b2428bf43554a32d97c37e5","sha256":"a6831b23699d9297753d9ffabedb472d20eb84f8842055cabdfe9284dbd05566","sha512":"1a71e2ea198792cf5396d59adc4787368c9d408bc070b56be08bf6b182c871de064730d687e0125562acc4a1f0a826e9a7c91eb4587a912c19b2be8b3be46f51","ssdeep":"96:doozs/KzGqALzGA9xBA+WULFwe9YJigpKiqB5QKW1/DeXXCfMEDaH:dxzmlqGiA9xC2LFt7aqjQKKbeXXCkCaH","tlshash":"92a14b32ada611346c8574b7023f71193d70c11f360bdd437c8de7a203212940abedea","size":4851,"data":"","first_seen":"2025-09-14T09:23:11.247304Z","last_seen":"2025-09-14T09:23:11.247304Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3432ff8abe89354469b23a859fe7fe81","sha1":"f87e743ae22ca007a57e2aca28066c5b75be88b6","sha256":"ab0fdbb233aa37b8eefadc125804bb8da2ad85a99a01eef3f3ca4e575bc4435a","sha512":"044499a9305e1d37daf729ffa2b51e6e28c176fec5c9f95f95b545165cce872a30b9e2e806a9c67aca87f4fc4c3e173e9038025f8a6fef155fdf97af22406d64","ssdeep":"","tlshash":"9f90025f77407d8285ba15184e5b905a10542566181a55124982ca5a4b605980536945","size":53,"data":"","first_seen":"2023-03-07T01:11:26Z","last_seen":"2026-04-16T23:03:52.108846Z","times_seen":978,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elegantimpose.com/2d153cd4cb37fa54e41856d8ba93a1bc/invoke.js","fqdn":"elegantimpose.com","domain":"elegantimpose.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"71ba17fb34411d341642b1787c0aa07d","sha1":"8fba0f72eeff566919685f06766ce67b9d4e3587","sha256":"d2cf1b690d9db8d4d86b8c768e0349a8093e691e558763d23efef778f17e800e","sha512":"8806687b9d0df2bda91129d7ced7306566ded75b2788bfd78e7f6f658f50251aeb9b1c4a12e59642d1ff885aecf9d371505e39ab95a5305cf0abdac4ffd861cb","ssdeep":"768:iBgj6ccu9YuFYdYjHMjYZ6lRtsi8Yg1L/lUUYEFYLetqz:6gec7PF0Y6Hd8Y0L/qJEFYLetqz","tlshash":"b903f7883fc0b3d456ab6867337fd00ba1955d04a54cd098e927f4e82de876af727b60","size":37674,"data":"","first_seen":"2025-09-07T00:40:25.773843Z","last_seen":"2025-09-17T11:49:27.090045Z","times_seen":96,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.profitabledisplaycontent.com/ce/7b/c5/ce7bc5be50617aaed4fb988a580b1a6c.js","fqdn":"www.profitabledisplaycontent.com","domain":"profitabledisplaycontent.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2727c395a3bd692237e522c4e6ec3cae","sha1":"8fd59a5215c96ccc25edec7f539e8a5a4cdfd1bc","sha256":"11c9065ed25cc2be6ba6139e6c50c611133c59f5afa6a532f209c543997ea597","sha512":"3e429e2328f44cdb71749ed73d10c6ad59511f66dfd4699fca92c289b0cd8ada243ac970dca59d7102667f899b781a5d0dd9a89d449dd2acd756846e559d1ee0","ssdeep":"1536:WV8ISE162TOup6SJr5qQLHvuiCh+JAxy1m7E7W1uBDx1o:WV5SuvnbkAmv","tlshash":"b5b3c68c3f7ef02d16b6e037223f6416e15a0d0140dce5ace117dde83a6c79ae579a26","size":109681,"data":"","first_seen":"2025-09-09T06:03:33.047284Z","last_seen":"2025-09-14T11:13:26.671291Z","times_seen":23,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"e03d2652622e0942aa170fcd772dca1b","sha1":"2ce2e5f931a5d32ec44307a8168b8f75ff91d609","sha256":"bc521b9e26f6aa8a280452aae74a0fe1178d1789a386fb3f5109154956fa1c81","sha512":"3e0821dd6f0a5ea6e40301e6a440972fc8a753c41d136bc3aaf26970c644644b122f00c399a11b9dd5648cc7db56fc326a5d81f0c457349c56c1924a8e872fe8","ssdeep":"","tlshash":"a2410b26b55f2030dc99f4f3424e72a92c6693373d1b7ac7384e57a5034245a012feab","size":2043,"data":"","first_seen":"2025-09-14T09:23:11.250438Z","last_seen":"2025-09-14T09:23:11.250438Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"effluveputting.com/guVDqNpEAhcDXk/115015","fqdn":"effluveputting.com","domain":"effluveputting.com","tld":"com"},"ip":{"addr":"23.109.170.134","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"4fc71bf68a1d477bd1523733e34d1e90","sha1":"15119105cffbe108b6cf290146ab02c9aa8517ba","sha256":"74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce","sha512":"e8e5f5430841f9cdaad492efce3fed11992913ad2b714b27c6fd147c55b2c56dc1b896635f24c2b180d4215c70ba9a042847d7d9cf3ff8a67b636a4c0ca1ce3d","ssdeep":"","tlshash":"f440000300000000cc300000300300000000000000000c00c000000000000000000000","size":6,"data":"","first_seen":"2023-03-07T01:31:39Z","last_seen":"2026-04-15T22:17:23.892246Z","times_seen":10585,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adaptunemployed.com/da/fe/7e/dafe7e98dace1e50d48969e5c8a626a4.js","fqdn":"adaptunemployed.com","domain":"adaptunemployed.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8feda8b00a2bc632645b31b9aac3fa0","sha1":"bb89863c0a28790f76967c932696bb85606010a4","sha256":"32edca7c9c6a3a8c34c0876a7d389a7624dbbe912d6a471b7cec59764aebf487","sha512":"3c67edea3c3167a5e68cf593dbcfe30394222df4d637b0ec2316fa9d35b3d4006a76dd9265949bc3acc00bf55063d17bcf7ce4cf5c7c724d71b0ce6a972441ad","ssdeep":"1536:IZxKuAEEm3pEEim4mYdM96mXpH1fPzdsRt:huAQWRHmWM96m5Jwt","tlshash":"2f73c8897f50b05cc3da6577326fa40af06a1d42a14cf44ce122e8a4ffaa71df53b958","size":76494,"data":"","first_seen":"2025-09-10T04:56:00.366714Z","last_seen":"2025-09-14T09:29:22.559293Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"be28e8deaf821f5e33636c721f7b1460","sha1":"4d548c78872144658b2c51f92a51a3c3f0430d8b","sha256":"0ecfe5b28dc3c86c0bcd2cc3a8cb0a36595434f658970f75b14a5641017e5887","sha512":"c024c894960f340aa6150b38f93d762c0bd988073beeffdde3f976551e855d6441b98d3176b8352db53ff4801884e282ea7b8d86fcb2e5f0c337c54304df0be8","ssdeep":"","tlshash":"cb217d3610584bf95227f292d24e23d4de661bcd9a05460bf50807c80fd2bb4a2eeed9","size":1276,"data":"","first_seen":"2025-07-07T01:04:36.824801Z","last_seen":"2026-04-16T23:03:52.109446Z","times_seen":86,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84380,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-17T03:15:56.644637Z","times_seen":16401,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"az.isoamidtrusion.com/towu3IhH864JiYsh/37433","fqdn":"az.isoamidtrusion.com","domain":"isoamidtrusion.com","tld":"com"},"ip":{"addr":"23.109.170.198","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"ec300000003000000000000000000000000c0000000000000000000000000c00000000","size":5,"data":"","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-04-16T23:03:52.089417Z","times_seen":13919,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"72b55f79b9c271e948cf0553325ef5f1","sha1":"ce69a58072871fae38f408974782a0b668b0bed0","sha256":"49c67724b1d5222c0a9d341e3f5e5868e386f06307108923ef8660890e014a50","sha512":"d9acbfd8004bcb9c391a2d5998fd4b0be5b4ad5560e3697583be1bdd9016f429a92efb09c1437a544118ae63b81854009317fd6342cea9cc14f54818bba3e29d","ssdeep":"","tlshash":"2df0c0d29c51a5244aeb28bb13b8f154bff04665ef17951374ece87aa040fd44c03844","size":534,"data":"","first_seen":"2025-09-07T00:40:25.799839Z","last_seen":"2025-10-24T02:03:47.27321Z","times_seen":122,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"29b8e74eaea39ae9cd7eaa5c07d470fc","sha1":"5f94916b3913d33fd300f086ae8448b679e6663e","sha256":"a0bf8c90036c4d61e3cf5562518e867ddf7815581702a3e1739db73451fee3b2","sha512":"e3ee6081acdc520f56998c55e59dd150526ee7ab62f7beb89b691cd221836692a3ec3fba3370cd38f81a763606e1198cfc1c68f21f83b4807f7ed8764a5778cf","ssdeep":"","tlshash":"33f0e5b2db2c9a1390fe2b784d1e26d857eca031aad188693c14dc3415a0a6b4aa94dc","size":516,"data":"","first_seen":"2023-03-26T00:57:25Z","last_seen":"2026-04-16T23:03:52.1113Z","times_seen":638,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85386,"data":"","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=79","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css\u0026l=78689\u0026fd=79 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css\u0026l=3355\u0026fd=79","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.84","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.163Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css\u0026l=3355\u0026fd=79 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":695,"timings":{"blocked":295,"dns":1,"connect":93,"send":0,"wait":95,"receive":0,"ssl":209},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-14T09:22:50.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: text/html; charset=utf-8\r\nexpires: 0\r\npragma: no-cache\r\ncache-control: max-age=0, no-store, no-cache, must-revalidate\r\nvary: accept-encoding, user-agent\r\nset-cookie: socialbar=Y;Expires=Sun, 14-Sep-2025 09:26:51 GMT;Path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12980,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (774), with CRLF, LF line terminators","md5":"354458231237804ca64baf6e8dd0e702","sha1":"96550f0e5ef2d45973be6e2cd4ee4dcacf250d5a","sha256":"6cf0fe891c687faa2d21133c27f6dc664de8704b7bbc00a831fe34c81248eb9f","sha512":"cf53c7ee86a14d7d1790f62f070c6a4ced8497a53a40d4c7ddec75ca8a6d404a84b59b781aab9bece718e949d0568f4ec73a5618f3021674bdffd94354fc7a8c","ssdeep":"96:UdmuZbaB8im8LdT771DpW2zN8GSyNRFzR2hfIwEtfDocFOP/54i/LN4Uo6znPifT:vTdSAFzIYtfDp2xBu/cenzxTd","tlshash":"3242a43186565c3b533759f9aa71f328e893c129e7435804fbec52beabd1e01cc1298d","first_seen":"2025-09-14T03:09:49.368168Z","last_seen":"2025-09-14T11:50:18.760873Z","times_seen":4,"resource_available":false,"data":null}},"time_used":1590,"timings":{"blocked":568,"dns":0,"connect":162,"send":0,"wait":455,"receive":0,"ssl":403},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/css/htmlv126_basic.css","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.800Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /css/htmlv126_basic.css HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 18 Sep 2024 09:12:08 GMT\r\nvary: Accept-Encoding\r\netag: W/\"66ea9968-6090\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":24720,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (24720), with no line terminators","md5":"db9b5dad148fee9e2aa9ca23feed5ebe","sha1":"49f0e068665a2a705744882f259e64f973ccd4ca","sha256":"11bfd28f03d09af39883735a25582386f6f5cc8acf56b2c13f6b870a81791995","sha512":"7a14192259869bbdf343c76645b66d44f5fccd17535653aa8a74fe1fbe833a7e8390df24b15f6ba965a79dc072ca407edec5c44c4ccc249381d8b0ab675f4dae","ssdeep":"384:1iD54KQELyNxyaHEyxnCpShpBCoCIv8fHE6tGro0lz:1iD5Dgmw+Ez","tlshash":"b9b29731459c203df137c42fb685a7cc3225d012eb0a9bb5de75e536c1c7ca92af6a46","first_seen":"2024-09-18T14:51:36Z","last_seen":"2026-04-16T23:03:52.087701Z","times_seen":667,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":213,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/home_animation_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.823Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/home_animation_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 533\r\nlast-modified: Wed, 09 Apr 2014 12:11:00 GMT\r\netag: \"534538d4-215\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":533,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"423fec6a2eeaa6049f2220ebb3249cd8","sha1":"ebb2f4d8140b60bf6b1f236657c0233ce4ce0653","sha256":"75fe34345cd023cce3dbec836b9bac0c96136fec3db9dc6b7e2b3e94b03af580","sha512":"b842f07807d3ed343a02612f044836c968d91e0039414a63baecab85e2f1357064c0ef4a05d13a09aa34c12ce2562235bb2429c223c2ac6707ca0cb6b3e5bc03","ssdeep":"","tlshash":"82f0058d031165d6cb0ba37aa1dad090cddd07fcfe28e2adf159c84b2594865159253d","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.351991Z","times_seen":433,"resource_available":false,"data":null}},"time_used":365,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":365,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/special/videovak/videovak_160x600_2_en.jpg","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.841Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /special/videovak/videovak_160x600_2_en.jpg HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13589\r\nlast-modified: Fri, 10 Jan 2020 10:07:13 GMT\r\netag: \"5e184cd1-3515\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13589,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 160x600, components 3","md5":"9cb0e4dc60ff3cc0790e47286f3d6263","sha1":"976fa25aec9f1709fb10fa9d706b5d930f57e43c","sha256":"b487b2f5d379a1144bffda436792d4c30df5c1d94c1db22c137f00bb6e676c70","sha512":"f95822051d68d67a5e7e70205b77d3d434e7e945077513802081e0f483cf6930d37c1187089ab44cb40784d3587b7228700788d17837acf4fd74a797b1fe50a0","ssdeep":"384:iGR2JGz/uIj3ffDT6Z7YHFlvf9P1UgdonDRQZ:iGR6Ohz7OZsHFlvtSgdoK","tlshash":"4b52af1bd981d713d01522ecbd2f0f1c6f8f970e55803aad59054e5bce25e8464e93ae","first_seen":"2025-01-29T04:25:53.452156Z","last_seen":"2026-04-16T22:21:38.490051Z","times_seen":278,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":361,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.profitabledisplaycontent.com/ce/7b/c5/ce7bc5be50617aaed4fb988a580b1a6c.js","fqdn":"www.profitabledisplaycontent.com","domain":"profitabledisplaycontent.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.profitabledisplaycontent.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 22:16:27 GMT","end":"Wed, 22 Oct 2025 22:16:26 GMT"},"fingerprint":{"sha1":"80:ED:AE:02:6E:22:92:2C:1D:3B:CF:40:B8:05:ED:A8:F4:78:41:C1","sha256":"27:CE:4E:A9:E9:2E:EA:67:C9:22:7C:B4:62:29:07:B9:BD:AA:87:B5:6A:AD:89:6C:68:5A:63:CB:C5:73:7D:0F"}}},"request":{"raw":"GET /ce/7b/c5/ce7bc5be50617aaed4fb988a580b1a6c.js HTTP/1.1\r\nHost: www.profitabledisplaycontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:52 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 39419\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: www.profitabledisplaycontent.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9b2e24ab9db833742daa9d1715e156ad\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109681,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2727c395a3bd692237e522c4e6ec3cae","sha1":"8fd59a5215c96ccc25edec7f539e8a5a4cdfd1bc","sha256":"11c9065ed25cc2be6ba6139e6c50c611133c59f5afa6a532f209c543997ea597","sha512":"3e429e2328f44cdb71749ed73d10c6ad59511f66dfd4699fca92c289b0cd8ada243ac970dca59d7102667f899b781a5d0dd9a89d449dd2acd756846e559d1ee0","ssdeep":"1536:WV8ISE162TOup6SJr5qQLHvuiCh+JAxy1m7E7W1uBDx1o:WV5SuvnbkAmv","tlshash":"b5b3c68c3f7ef02d16b6e037223f6416e15a0d0140dce5ace117dde83a6c79ae579a26","first_seen":"2025-09-09T06:03:33.047284Z","last_seen":"2025-09-14T11:13:26.671291Z","times_seen":23,"resource_available":true,"data":null}},"time_used":758,"timings":{"blocked":282,"dns":1,"connect":93,"send":0,"wait":98,"receive":95,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:02 GMT","end":"Mon, 17 Nov 2025 08:41:01 GMT"},"fingerprint":{"sha1":"ED:FC:A5:F2:F4:07:8E:0E:EA:C7:96:D8:BE:47:04:EE:34:72:47:E9","sha256":"42:1D:9B:CD:2D:EC:4C:72:94:02:2C:88:B5:FF:BC:A2:B8:35:1B:C6:E0:B5:97:71:DB:7D:5B:6A:FA:CA:C1:8A"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 14 Sep 2025 09:22:54 GMT\r\ndate: Sun, 14 Sep 2025 09:22:54 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"a90fc2bf15e304ef3fa4e7f75b6a8608","sha1":"0f8c2853b49a7c206d75af99117482d80a60f869","sha256":"6e10be4b6befecf6f3d1ae34b727939e6da334a1f2d815fd325ba9c455520772","sha512":"0d1a14e11c436dadf51cc489592867eaff3cae2c4a95748d2a25614c984560ad3588fb95e2aaafd4060d4954594951d09e71ab36e9859fb8590198811f156fc4","ssdeep":"384:pwf5wgwPwrwyUw/qY4+w4wYwpwfMw1wWw6wyhw/qY4XwNwtw4wfdwkwDw3wyQw/P:pc70afUQRptmJKBLfhQE8YTYHw+fQQVl","tlshash":"b472ed91041700009b835ce223cebf35fe5f92117141d0b9abfd9b6badcbc6652693ad","first_seen":"2025-09-08T23:24:40.129975Z","last_seen":"2025-11-18T23:33:55.863403Z","times_seen":3582,"resource_available":false,"data":null}},"time_used":187,"timings":{"blocked":74,"dns":1,"connect":14,"send":0,"wait":33,"receive":0,"ssl":62},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:52 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 2570\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cf79aa473084cf50bb9cf5c541b80d3a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":5080,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (5080), with no line terminators","md5":"a524ecfbd97124fd2e9c3f6ad371ca23","sha1":"a281b89a51cfe367f92816be50eba55ccc0eaee6","sha256":"5549a01f3d1c788c8e44dc8a54e5c9103880b5608d3b44e0a0ea4ebd124dc18f","sha512":"dbfa06ea3faf0b6451668b8634e61e52c71ac098f26b08551cac54344128a205b2378e56953102dda758aa63fab8ed1e22c3a74eda39a154caff8f2b6b3bdee5","ssdeep":"96:WhmlSzNzYF4RWz3qVeBYJ2gzAKAYaR/tCP/KZhWAEGo:SmAz+60BSF81RM3KZoGo","tlshash":"b1a1618e3f81b4ac069270372f3f6e0ef13a5c55195ad4d8d202a0a47f28a39d4b6b55","first_seen":"2025-08-06T23:31:31.906679Z","last_seen":"2025-09-26T10:32:45.122277Z","times_seen":4581,"resource_available":true,"data":null}},"time_used":658,"timings":{"blocked":280,"dns":1,"connect":91,"send":0,"wait":97,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=3236\u0026rd=3236\u0026fd=482\u0026bv=25.8.6603\u0026tmpl=136","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:00:34 GMT","end":"Tue, 25 Nov 2025 22:00:33 GMT"},"fingerprint":{"sha1":"FC:5B:24:E2:ED:A9:65:69:CA:97:74:44:F8:E9:93:1A:50:E7:73:C1","sha256":"26:1B:F8:72:30:B2:C4:49:6A:2E:E7:A5:FC:26:35:74:02:CB:56:D1:F7:7E:A5:5E:89:65:A9:B4:1F:1F:DB:8F"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=3236\u0026rd=3236\u0026fd=482\u0026bv=25.8.6603\u0026tmpl=136 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 14 Sep 2025 09:22:53 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":669,"timings":{"blocked":287,"dns":1,"connect":92,"send":0,"wait":95,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 14 Sep 2025 09:22:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 591\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"65aa84fe-24f\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 1399196\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hG0Fq8wMax7rBIQIIbnq8x85S6yJVppggjWMvld2zZq%2ByhuaV1fZH%2BU9IagvTXhlkhKki7%2B619gVPZ%2Bt4XHhXAApCg3GhVCIz6vNjz26j4s%3D\"}]}\r\nvary: accept-encoding\r\ncf-ray: 97eed2906ebd3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":591,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced","md5":"9fd5bcb6103d86e317bd1eb019bcbe71","sha1":"6b5a52ea669dcb74946f2bed4bdd7ec985026113","sha256":"0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae","sha512":"e244a8842c009fa83e8d9d1088ec5b76ca2a42660568b7886e01724977b9ebd4e43690e0c651e25287c64dcc4826391b34cae6a106e2148139450dd05fc5a562","ssdeep":"","tlshash":"b0f0414e7c5903a1874caf3b18dd00119c27898077c82e0db689eed20e008e215471da","first_seen":"2023-04-11T11:09:41Z","last_seen":"2026-04-16T23:23:34.867414Z","times_seen":4843,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/flags/NORWAY.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/flags/NORWAY.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 2214\r\nlast-modified: Thu, 12 Dec 2019 08:10:42 GMT\r\netag: \"5df1f602-8a6\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2214,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 25 x 50, 8-bit/color RGBA, non-interlaced","md5":"d63618403a5116c6f67652c052780939","sha1":"76a973780634b8753544f896c10c07cf1d308cb6","sha256":"a2afdc332e5e773e12aae4ac22807a41b982c338398e103b5d46aa28ef5728c7","sha512":"83b50e4ed1844cd00a3f88559226bf69f7997f93e5f8f225e6b6ce71a468335bd7ba0c94276972bb8a8ade046e573110b35bbb82ca48405481300dc38a432999","ssdeep":"","tlshash":"cb41b65ffa40bd42568cfe8168e751631f6719d1c6c1b81a6cdaac13a8b02f9c90d8d3","first_seen":"2023-05-26T20:57:31Z","last_seen":"2026-04-16T23:03:52.100843Z","times_seen":996,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=dafe7e98dace1e50d48969e5c8a626a4\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.872Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=dafe7e98dace1e50d48969e5c8a626a4\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 14 Sep 2025 09:22:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9a42f1e27afc708d2d862ac2e231d071\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":653,"timings":{"blocked":280,"dns":1,"connect":91,"send":0,"wait":92,"receive":0,"ssl":187},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5JhUVRLyLMYQ8KZtI93Zkf7kE2biLRmIQkSw4epLqqelJOd1db1T09GS_BgKx4mb3pRTrfJBvU4I8_QJCJeFkUHE85bC7evQgL3qQng7M-qPejvlfF9z7eJ0fZJXGR0YvNd1VfhiFdWKzalVd2ZcxVbirrOxXHrtq3Krsyrnu3Kr3S6e7rjutV7VcrbwnWUQs127Ftx3YqK1KLQPUWJihkctZyqi276tWqzqKHnv5_bTILhlrg3UvyHCQf3_gzeA-SjRBH398RppOq5LXlKAtpqjS6_PRu3IlVHiOapYG2EMSn024oMybk8zmo-HQ6AVT3uJwAvhyTuRcfwY9PpzThd0-umPohRAyfP428O4IIR5B0BKYOIfnvBGAc6xuIowfrSud0_wqlJTom1x__DZmPyfVHzyOOvl0KZa-yrcIslSo26AUFZG8E2R4hyc6R9ucg83Ow9GNI_htZeLyGODreMKGC5Bc3667wBA-a84EdiHmvxeg8DQJnvlFjtWbDcTjz3YlEMhiBGgtZeaSFLLCQJRYiflHx7KbHHOrWgxZnDdujnseFb7eaNdumLdZAxkruA6TJACwcgOkDJPoAHTmAzn6C2StguAWTEnR5gVwQ5IYgpwS5JMhTgrxbnPDQ1EzxgIcm851prE2jWwxV2j7yT1TaFnEVVA-geXEskw_NIVh6bdgPDB-q0lE__W5l-fbO3a3l7fma22i97wypz4uj5JI8O1H5r-6X6IiLCqeBaIhWk1MmHLFoc6_ZqrfEImvSeq1OPRhZQJq5iTZ9OSbW_RtIyrj0FHx6DhOeg8kXQLOXQfMCdK9APz7LaZJqyTpVpiJwVSBJryPdt47CS_LShMHtf76AYA_f-MOdGJgukOgCH8ifCdrhveGWysnxlsoN-WEjSWUk-7Tcge2UpuLa1--I_VxpvnrHDL66zUqgTM92hEnXaMxl3DbkmyXJudArSjNBflw1u8LfzMzeUqbjLFnbfHNlNUq0MEaqeARaDvXRr2ByTJ55e3my3zdXP4PUI-isQJQ9JFMDSw5gkhl3owh0OMP9xEKeFUNd8_-7HGo_mHWEkiAUs5r6BcwTtS-eeEjLr6gsjsw9tLUFmh4ijgp0dYFuWICGA5js2jBN9IyTH1pDP9TWsR_q8P6V3kZeVAJX1JhtNxt1x20GwnE9zoLFptfidWq7rkBqxnu_fBr9GwAA__8RXLP8ygQAAA==","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.519Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5JhUVRLyLMYQ8KZtI93Zkf7kE2biLRmIQkSw4epLqqelJOd1db1T09GS_BgKx4mb3pRTrfJBvU4I8_QJCJeFkUHE85bC7evQgL3qQng7M-qPejvlfF9z7eJ0fZJXGR0YvNd1VfhiFdWKzalVd2ZcxVbirrOxXHrtq3Krsyrnu3Kr3S6e7rjutV7VcrbwnWUQs127Ftx3YqK1KLQPUWJihkctZyqi276tWqzqKHnv5_bTILhlrg3UvyHCQf3_gzeA-SjRBH398RppOq5LXlKAtpqjS6_PRu3IlVHiOapYG2EMSn024oMybk8zmo-HQ6AVT3uJwAvhyTuRcfwY9PpzThd0-umPohRAyfP428O4IIR5B0BKYOIfnvBGAc6xuIowfrSud0_wqlJTom1x__DZmPyfVHzyOOvl0KZa-yrcIslSo26AUFZG8E2R4hyc6R9ucg83Ow9GNI_htZeLyGODreMKGC5Bc3667wBA-a84EdiHmvxeg8DQJnvlFjtWbDcTjz3YlEMhiBGgtZeaSFLLCQJRYiflHx7KbHHOrWgxZnDdujnseFb7eaNdumLdZAxkruA6TJACwcgOkDJPoAHTmAzn6C2StguAWTEnR5gVwQ5IYgpwS5JMhTgrxbnPDQ1EzxgIcm851prE2jWwxV2j7yT1TaFnEVVA-geXEskw_NIVh6bdgPDB-q0lE__W5l-fbO3a3l7fma22i97wypz4uj5JI8O1H5r-6X6IiLCqeBaIhWk1MmHLFoc6_ZqrfEImvSeq1OPRhZQJq5iTZ9OSbW_RtIyrj0FHx6DhOeg8kXQLOXQfMCdK9APz7LaZJqyTpVpiJwVSBJryPdt47CS_LShMHtf76AYA_f-MOdGJgukOgCH8ifCdrhveGWysnxlsoN-WEjSWUk-7Tcge2UpuLa1--I_VxpvnrHDL66zUqgTM92hEnXaMxl3DbkmyXJudArSjNBflw1u8LfzMzeUqbjLFnbfHNlNUq0MEaqeARaDvXRr2ByTJ55e3my3zdXP4PUI-isQJQ9JFMDSw5gkhl3owh0OMP9xEKeFUNd8_-7HGo_mHWEkiAUs5r6BcwTtS-eeEjLr6gsjsw9tLUFmh4ijgp0dYFuWICGA5js2jBN9IyTH1pDP9TWsR_q8P6V3kZeVAJX1JhtNxt1x20GwnE9zoLFptfidWq7rkBqxnu_fBr9GwAA__8RXLP8ygQAAA== HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: uid_id2=63e4edf8-f0fe-49ca-aff1-72c28711dcb3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15627934=1; slecdafe7e98dace1e50d48969e5c8a626a4=[4323737]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+881963a3aba3efeca199ae7040248ad8=4323737; expires=Mon, 15 Sep 2025 09:22:54 GMT; path=/; secure; SameSite=None\niprc_l:4323737=1; expires=Mon, 15 Sep 2025 09:22:54 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 5\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 151a3cf7cb899d74c78e4fc4ed48baa0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/pixel/sbs?c=1","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.521Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: uid_id2=63e4edf8-f0fe-49ca-aff1-72c28711dcb3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15627934=1; slecdafe7e98dace1e50d48969e5c8a626a4=[4323737]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 14 Sep 2025 09:22:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":670,"timings":{"blocked":287,"dns":1,"connect":93,"send":0,"wait":95,"receive":0,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/home_photos_pictures_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/home_photos_pictures_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 432\r\nlast-modified: Tue, 04 Mar 2014 12:57:02 GMT\r\netag: \"5315cd9e-1b0\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":432,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"349672eab7dfd387d884ceabdd74d7e1","sha1":"75c0d3f3f338058f39b4708dda312ebf1dcd3cb8","sha256":"ee38a9dbc94e9bd1893d3fc7bdd850b93754f5a57ddebd008db2f5810ca9fa8b","sha512":"66243eb277ee295f9df38278f4afd09842285200e450a1ce0556cf77206815a3d1df056b442c4462e94a8380d0ee85ccfba33315daf21755cb6282124683d670","ssdeep":"","tlshash":"d5e023469d5344e1095c8f3e4d4901515d872cb20b12158a2011f86b3b2bc005c68c2d","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.35097Z","times_seen":435,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:53 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 18bddc5a25202f6db8325b5eba1779c0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":21,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://waptrick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 14 Sep 2025 09:22:54 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-d1b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 626852\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=TBNK7bShtQgWlbW6%2B3tTKodfonA2%2BXkwh1%2BKw1uzHsAC0wx2zEXuJp%2FEIFf%2B%2F5hN40yeA4nSsez13sNT45BmGo82XKLPQWKkmSS8wyDW\"}]}\r\ncf-ray: 97eed28fec3a0b69-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":3355,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"039a6734d79ed9aa51cf81c52479c5fe","sha1":"9cf29c4ea1a3880681d50c7228374f8073b7778b","sha256":"a15bad73fc8907795285b78a4a1a1bf5e7f68b4d39988b9bb165444819cf9eb1","sha512":"879f067d02f582c2ff8f9c0308cbb44b24964136c4d8074f1a1b200169b520bb49fdd2b290772dfbc3ca432fba2ce9d5b1a398eb14746613cc942dd7567fa1d9","ssdeep":"","tlshash":"3a61ba966b670a04b51ad0ab3f667b4723084007995fed757fc8620ccfc92a8d6d378e","first_seen":"2024-02-12T03:25:01Z","last_seen":"2026-04-16T23:23:34.930681Z","times_seen":2277,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":24,"dns":1,"connect":3,"send":0,"wait":23,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://waptrick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 14 Sep 2025 09:22:54 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=I6tleX9i68JgBlyP9NlMEstq60JdMv7GaEBmcYa5gyKr%2ByYN0Awi0YHqhwhWbu00qu0Sg%2BWG03G6xkgmoJ1pbpi08XGsWn%2BAtxM7s0%2F8jlU%3D\"}]}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 198670\r\ncf-cache-status: HIT\r\netag: W/\"65aa84fe-3c2\"\r\ncf-ray: 97eed290dec23181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":962,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text","md5":"0013fbb3bd9e7300fa1bc9f62501dcf0","sha1":"447e4a8994979e2e158b9beff79b94e7d1b29508","sha256":"4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e","sha512":"288a5e82fdbfdadf11f5a15ed40b54b67dd43fd83f0666abf85ebc0f14ef3b6e5e9104c3491fdb85b40e5556b252d933ee8cbe6e381e96e01170e76c60003dc6","ssdeep":"","tlshash":"e7117d37156882f06257f027a15729d6ee32029ee81a5707721c06cd0ec47b913fa6e7","first_seen":"2023-06-25T06:36:24Z","last_seen":"2026-04-16T23:23:34.856571Z","times_seen":2378,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/waptrick_html_flag.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/waptrick_html_flag.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 2230\r\nlast-modified: Thu, 12 Dec 2019 07:05:11 GMT\r\netag: \"5df1e6a7-8b6\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2230,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 155 x 50, 8-bit/color RGBA, non-interlaced","md5":"8dabbade5c7050e85ed02fd7ffea93db","sha1":"efaf45364e8d6041a27e1246a07591b002a67b2e","sha256":"106ebe3072f58bb44727eb4d1700f1a8f7ca3b106282a36227245873fbbb3e46","sha512":"1c0f44d8acd99bb3ccaebbfb47fa379f7cd6e314fe2a2b21bea66d89519682d075db62db106c69a59d16030d4352b537b425114608fdf79bd10bacd55e6c3b2c","ssdeep":"","tlshash":"5d414b0216b9de05c6f62d7fbaf8547caca60044160c9924bb5e841bc5e8f6a0ec8fb0","first_seen":"2023-06-09T02:21:36Z","last_seen":"2026-04-16T22:36:22.503487Z","times_seen":970,"resource_available":false,"data":null}},"time_used":212,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":212,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/home_soundeffects_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/home_soundeffects_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 477\r\nlast-modified: Tue, 04 Mar 2014 12:57:02 GMT\r\netag: \"5315cd9e-1dd\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":477,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"780760a41e9521e67498ce2a62d48fa7","sha1":"9011d02355537671bd0c7d68a6757ce5768813d7","sha256":"9ec4b4577a0a989025ba46cc757d17b90abdf44256a2a407beeba3939dbea822","sha512":"ed9c35ee63ca9b43dd2fee5d57275fe0797835724b7497f1ddd819b757083c40d69c5806729b36820c5218f9d3b794935c28e846e00cc1e3849be7a8a7d8d483","ssdeep":"","tlshash":"0df0dcd656804c28f256c3b73e017919fcb2059c8c2562c58da06da027f2b51a0a9396","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.354914Z","times_seen":433,"resource_available":false,"data":null}},"time_used":364,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":364,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/tv_series_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/tv_series_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 895\r\nlast-modified: Mon, 03 Feb 2020 09:21:34 GMT\r\netag: \"5e37e61e-37f\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":895,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"8d07524313ea5f7dccfd3838dfef8970","sha1":"77ed8d7670c7abada4ff0e52ea5ba4e0ce34744e","sha256":"64be00d09bd003d1537e93588f724f566878f36bb4c2593297cb42c87d99a7d5","sha512":"573c3815c661c02a6b0cc64170fa6cbfdcb60f5f43584abffe5249160b1ea9e0ae7306456666e5b7129ce28385711b7a22fc90e14e569e17f76e09bda1c4590d","ssdeep":"","tlshash":"d41126c5bc033d1c8c4a803b2b101230e8434b4ea03321e9eeba828f3c8862010c4f0a","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.348056Z","times_seen":433,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.526Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://waptrick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 08 Sep 2025 23:17:31 GMT\r\nexpires: Tue, 08 Sep 2026 23:17:31 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nage: 468323\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-17T03:13:33.161197Z","times_seen":742529,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":78,"dns":2,"connect":15,"send":0,"wait":15,"receive":19,"ssl":58},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/erotic_xxxvideos_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.806Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/erotic_xxxvideos_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 1383\r\nlast-modified: Thu, 06 Mar 2014 12:49:28 GMT\r\netag: \"53186ed8-567\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1383,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ca31f74bc009e94f781a401e67574b8e","sha1":"8e14f79523fd6415f021254b7a94573783138c28","sha256":"b69bc01102a2638d02b220abafdae9b79cc5a38689e767890790c1066bf57be3","sha512":"f6e7949b8b1ad77fc2e552a0913060cc16ebcb9b0813caa7e35db640e244bbb40b80066f6319fe5de530ee1189318ca7207b60fc2f9f2cf8d0771761d94887ac","ssdeep":"","tlshash":"052108db6191584c948138030b3b22b0c813d720f57e2da939f56b818a0fdd6f7de201","first_seen":"2025-01-03T04:02:01.610128Z","last_seen":"2026-04-04T23:11:28.357927Z","times_seen":380,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/pg_symbol_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/pg_symbol_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 1731\r\nlast-modified: Tue, 03 Jun 2014 13:32:26 GMT\r\netag: \"538dce6a-6c3\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1731,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b30a6d2d1539c1fea8d725ad181a118c","sha1":"b6f3a493487d35a6819bf010db46f86aad2e224c","sha256":"a53bdfadf22f70eb1a7cc598ffcce77ef426740185b69457a51e02c183483353","sha512":"a4bd8a174d39f2e778d4ea66a317de4324307eaa615e5482948e678a6539eac734caa3c2cb9f9180bd4ee2e3f353aebae711581c9a15d62d1fa4f3fe3646848a","ssdeep":"","tlshash":"2e311ae6ca6aef015858d1c3b79548e0cd9793dc5d9f6f4c821d406c2128c4c72290d1","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.358712Z","times_seen":435,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/newheader_sprite.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/newheader_sprite.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/css/htmlv126_basic.css\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 7735\r\nlast-modified: Thu, 18 Apr 2013 10:39:32 GMT\r\netag: \"516fcd64-1e37\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7735,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 132 x 89, 8-bit/color RGBA, non-interlaced","md5":"c69713a312d1b997f56a3cb735d20c18","sha1":"e5cf3bfddfe63e46bae6878a3822b60df05708ac","sha256":"1283d6887d31cbf075e56f03e88b9300ef4a5a1504203880046b7189b4e2dcef","sha512":"17f53e4d9bd41a0458e319c747cd6e4249b26a50783eb33cddda60cae6473955db2553430990325cdeeac47f11bc833823ef465269a8d6b56b641689a5f7a8e7","ssdeep":"192:GQLLalGEcrOGk5U+9p03TskF9lZ1y+8R0X5y0C:9LajEOv5U+9mIkjX1y+8wvC","tlshash":"66f1bfd62b396648c18b2bf4344f717aed75613aa0afc6dda40bcf1ed04bd218031805","first_seen":"2023-04-07T10:05:03Z","last_seen":"2026-04-16T23:03:52.072855Z","times_seen":1006,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/white_transparent_bg.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/white_transparent_bg.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/css/htmlv126_basic.css\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 156\r\nlast-modified: Fri, 13 Jul 2012 08:36:56 GMT\r\netag: \"4fffde28-9c\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":156,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 50 x 41, 8-bit/color RGBA, non-interlaced","md5":"393837b5c8fb68fcb4d40762f47409ad","sha1":"78a9a294025c862052fe164d785b2687cbdbdc7b","sha256":"2bfe590cdd9bc99659992219cc6ece86327ffcb6e66ab95cd0e04098708467a8","sha512":"4397e978984d9d0c7cf0bbf481827b2b6739439acf732094d4e0906b99ee8d5fd7299d880e6c1988c2e9db70c5e074dd93160a524e8676ef64c179a107e1a576","ssdeep":"","tlshash":"41c02bfe3e841e79f4b41022d53c30415b32b63622b30d14e884d0395e32e4fc844bc2","first_seen":"2023-04-07T10:05:03Z","last_seen":"2026-04-16T23:03:52.090533Z","times_seen":1008,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":287,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/favicon.ico","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.660Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y; bVerison=63e4edf8-f0fe-49ca-aff1-72c28711dcb3; dom3ic8zudi28v8lr6fgphwffqoz0j6c=63e4edf8-f0fe-49ca-aff1-72c28711dcb3; sb_main_dafe7e98dace1e50d48969e5c8a626a4=1; sb_count_dafe7e98dace1e50d48969e5c8a626a4=1; imprCounter_2d153cd4cb37fa54e41856d8ba93a1bc=1; imprCounter_2d153cd4cb37fa54e41856d8ba93a1bc_expiry=Mon, 15 Sep 2025 09:22:53 GMT; pbpr0tpuw4isk85t8yg3jb2lj5vqf=rashcolonizeexpand.com; pp_main_ce7bc5be50617aaed4fb988a580b1a6c=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:53 GMT\r\ncontent-type: image/x-icon\r\ncontent-length: 1406\r\nlast-modified: Wed, 26 Mar 2014 09:40:24 GMT\r\netag: \"5332a088-57e\"\r\nexpires: Mon, 14 Sep 2026 09:22:53 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1406,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel","md5":"01c48056c54361fc88232188a273080f","sha1":"d1db6c8e4f35ea841075d02824c8fa515e97970e","sha256":"8f3c321adcc2766d5c40e55891bc9abf03818968b94423534c6034c5b9d90cf5","sha512":"0fafec19bf30115217ae08dae483265b83c8b94eaa42180e7190eaada2b081469c6c29d4a1be2f927fe887c97b4592f05c7f373289124a0edf3ad039b7331441","ssdeep":"","tlshash":"67219ed33385c166d2aa1b75df5e0f658b8bf55040f3bba42835ad85bf1019518945f0","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-16T23:03:52.084845Z","times_seen":1007,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":173,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"waptrick.net/en/free/mp3/Manaiki","fqdn":"waptrick.net","domain":"waptrick.net","tld":"net"},"ip":{"addr":"162.255.119.7","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-14T09:22:49.825Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /en/free/mp3/Manaiki HTTP/1.1\r\nHost: waptrick.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 14 Sep 2025 09:22:50 GMT\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 42\r\nConnection: keep-alive\r\nLocation: http://waptrick.com\r\nX-Served-By: Namecheap URL Forward\r\nServer: namecheap-nginx\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12980,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":1144,"timings":{"blocked":492,"dns":0,"connect":492,"send":0,"wait":159,"receive":1,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-14T09:23:00Z","timestamp":1757841780,"ip_dst":{"addr":"172.18.0.24","port":49220,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"162.255.119.7","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Namecheap URL Forward","source":"{\"timestamp\":\"2025-09-14T09:23:00.642361+0000\",\"flow_id\":1322315361708335,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"162.255.119.7\",\"src_port\":80,\"dest_ip\":\"172.18.0.24\",\"dest_port\":49220,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2035208,\"rev\":2,\"signature\":\"ET INFO Namecheap URL Forward\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_02_16\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_02_16\"]}},\"http\":{\"hostname\":\"waptrick.net\",\"url\":\"/en/free/mp3/Manaiki\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"http://waptrick.com\",\"length\":42},\"files\":[{\"filename\":\"/en/free/mp3/Manaiki\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":42,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":706,\"bytes_toclient\":505,\"start\":\"2025-09-14T09:22:50.157999+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/home_updates_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/home_updates_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 471\r\nlast-modified: Tue, 04 Mar 2014 12:57:02 GMT\r\netag: \"5315cd9e-1d7\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":471,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit colormap, non-interlaced","md5":"4b8eade855e645b623290a6227af7bfa","sha1":"3c18326ddbde41a014b0d6963a8d1e430aa7223a","sha256":"56ebcbc675ee6cfdbc768edb62a58cc6109f1344deb6c445c5d20c198dc1e6ad","sha512":"7c479eee2f8befed3adb0a4030569619c0f5ada0ab20e27599b0b2ec28abf94b5fa62380e9ee6bedd4ed536312797658ef6a50a22f415bdb361805518218fa80","ssdeep":"","tlshash":"39f0237527151a54e35b2a2fc0165122cdd2fe0c84019388e458c38cadf3a04dcef704","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.354432Z","times_seen":436,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/9d/8d/09/9d8d09680fddea6d84a36026e6016860/1756656619.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.139Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /cti/9d/8d/09/9d8d09680fddea6d84a36026e6016860/1756656619.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 14 Sep 2025 09:22:53 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 35344\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 16:10:19 GMT\r\netag: \"68b473eb-8a10\"\r\nexpires: Tue, 16 Sep 2025 09:22:53 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":35344,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:42:24], progressive, precision 8, 320x50, components 3","md5":"8fa070234efac77d9089606fa74cba78","sha1":"03fcb77a890f152d0dfe3951af5a6f8748ae7334","sha256":"5554b78d53219d9dd12fcdcfbc7a8e8dbe9c93b0645839aac529f18941c36e9d","sha512":"dad3dd460baa2c029d5497367e88f33267a99cd9c5cff1a54acd13336bcd48adf766b673e4f29953b0a30aeb42de228d7a8395e9b939e23635e20beca35d6272","ssdeep":"384:Zvsw+RIPt2Bii0vsw+RIPt2VnH44qIdXYNg7bNnAakDLViP1JdJaiRzCZOY+K1di:ZkwBSiPkwBOrlYylndknmLD0IK1OvQe1","tlshash":"14f2ae267792de23fdd35a3c45e1e38347956a48b3d356c23c8dba153b38242ae8e143","first_seen":"2025-09-02T14:53:06.098632Z","last_seen":"2026-04-16T00:01:51.965644Z","times_seen":258,"resource_available":false,"data":null}},"time_used":182,"timings":{"blocked":55,"dns":2,"connect":19,"send":0,"wait":44,"receive":28,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/ren.gif?sid=H4sIAAAAAAAC_1RSy4scRRiv3uSkQlDUiwhzyEHBne3XPNocJGt2ZTUmIQ9y8CDVVdWz5XR3tVXd05PxElyQiJfJTS_S-5vdLOri4w8QZFa8BAXH0x6yF-9ehIA36dnBiR_U96jfV8Xv-_F9slucEA8FPb72rhrJOKZrrabdeOW2TLkqTePKzYZjN-0LjdsybfsXGsPa6cHrjuc37VcbbwnWV2uu7di2YzuNTalFpIZrcxQyOwycZmA3fbfptHwM9f9rU1gw1AIfnJDnIPns3J_Re5BsijT5_pIw_Vxlr20kRUxzpTHgB7fSfqrKFMkyjbSFKD1YdEOZGSGfr0ClB4sJoAZ79QQI5YysvPgIYXqwoIlwsH_KNIwhUoT8aZSDKUQ8haRTMLUDyX8nAOO4chVp8uCK0iW9c4rSGp2Rs4__hixn5Oyj55Em367Hcti4oeIilyo1GEYV5HAK2ZsiK46Qj1YgyyOw_GNI_htZe3wZabJ31cQKkh-fb3vCFzzqrkZ2JFb9gNFVGkXOasdlbrfjOJyF3lwiGU1BjYWiPtJCEVkoMgsJP274dtdnDvXaUcBZx_ap73MR2kHXtW0asA4KVnMfI8_GYPEYTN9Fpu-iL8fQxU8w2xUMt2ByggGvUAqC0hCUlKCUBGVOUA6qfR4b11QPeGyK0FlEdxG9aqLy3m64r_KeSJugegzNqz2ZfWh2wPIzk1Fk-ETVjob5d5sbF2_eur5xY9X1OsH7zoSGvNrNTsizc5X_GnyJvjhucBqJjgi6nDLhiJbN_W7QDkSLdWnbbVMfRlaQZmWuzUjOiHX_HLI6rj-FkB7BxEdg8gXQ4mXQsgLdrjBKD0ua5VqyfpOpBFxVyPKzyO9Yu_EJeWnO4OI_X0Cwh2_84c0NTFfIdIUP5M8Evfje5Loqyd51VRryw9Usl4kc0XoHbuQ0F2e-fkfcKZXmW5fM-KuLrAbq9PCmMPllmnKZ9gz5Zl1yLvSm0kyQH7fMbRFeK8z2eqHTIrt87c3NrSTTwhip0iloPdRHv4LJGXnm7Y35fp_f-gxST6GLCknxkCwMLLsLky25G0Wg4yUeZhbKoppoN_zvcqLDaNkRS4JYLGsaVjBP1KF44iGtv6Ky2jX30NMWaL6DNKkw0BUGcQUaj2GKM5M800tOYWxNwlhbe2Gs4_uneht53Gi5odfudtsiavPI457r8aBli8CnQdsP_BZyM9v-5dPk3wAAAP__7TQjIsoEAAA=","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.460Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSy4scRRiv3uSkQlDUiwhzyEHBne3XPNocJGt2ZTUmIQ9y8CDVVdWz5XR3tVXd05PxElyQiJfJTS_S-5vdLOri4w8QZFa8BAXH0x6yF-9ehIA36dnBiR_U96jfV8Xv-_F9slucEA8FPb72rhrJOKZrrabdeOW2TLkqTePKzYZjN-0LjdsybfsXGsPa6cHrjuc37VcbbwnWV2uu7di2YzuNTalFpIZrcxQyOwycZmA3fbfptHwM9f9rU1gw1AIfnJDnIPns3J_Re5BsijT5_pIw_Vxlr20kRUxzpTHgB7fSfqrKFMkyjbSFKD1YdEOZGSGfr0ClB4sJoAZ79QQI5YysvPgIYXqwoIlwsH_KNIwhUoT8aZSDKUQ8haRTMLUDyX8nAOO4chVp8uCK0iW9c4rSGp2Rs4__hixn5Oyj55Em367Hcti4oeIilyo1GEYV5HAK2ZsiK46Qj1YgyyOw_GNI_htZe3wZabJ31cQKkh-fb3vCFzzqrkZ2JFb9gNFVGkXOasdlbrfjOJyF3lwiGU1BjYWiPtJCEVkoMgsJP274dtdnDvXaUcBZx_ap73MR2kHXtW0asA4KVnMfI8_GYPEYTN9Fpu-iL8fQxU8w2xUMt2ByggGvUAqC0hCUlKCUBGVOUA6qfR4b11QPeGyK0FlEdxG9aqLy3m64r_KeSJugegzNqz2ZfWh2wPIzk1Fk-ETVjob5d5sbF2_eur5xY9X1OsH7zoSGvNrNTsizc5X_GnyJvjhucBqJjgi6nDLhiJbN_W7QDkSLdWnbbVMfRlaQZmWuzUjOiHX_HLI6rj-FkB7BxEdg8gXQ4mXQsgLdrjBKD0ua5VqyfpOpBFxVyPKzyO9Yu_EJeWnO4OI_X0Cwh2_84c0NTFfIdIUP5M8Evfje5Loqyd51VRryw9Usl4kc0XoHbuQ0F2e-fkfcKZXmW5fM-KuLrAbq9PCmMPllmnKZ9gz5Zl1yLvSm0kyQH7fMbRFeK8z2eqHTIrt87c3NrSTTwhip0iloPdRHv4LJGXnm7Y35fp_f-gxST6GLCknxkCwMLLsLky25G0Wg4yUeZhbKoppoN_zvcqLDaNkRS4JYLGsaVjBP1KF44iGtv6Ky2jX30NMWaL6DNKkw0BUGcQUaj2GKM5M800tOYWxNwlhbe2Gs4_uneht53Gi5odfudtsiavPI457r8aBli8CnQdsP_BZyM9v-5dPk3wAAAP__7TQjIsoEAAA= HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: uid_id2=63e4edf8-f0fe-49ca-aff1-72c28711dcb3:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl15627934=1; slecdafe7e98dace1e50d48969e5c8a626a4=[4323737]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:53 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 31ef4995c922bfcb99faf7d30f1954a4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":97,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=ce7bc5be50617aaed4fb988a580b1a6c\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"192.243.59.12","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 21:53:17 GMT","end":"Fri, 28 Nov 2025 21:53:16 GMT"},"fingerprint":{"sha1":"AA:2A:FC:C2:EE:01:8F:55:3F:19:46:84:4A:C8:A0:95:62:50:5C:A3","sha256":"3D:8C:1A:2E:1F:32:30:D4:D8:4F:D2:FB:CC:99:F1:9C:05:E5:7B:D8:9D:7D:24:86:AD:C5:1E:62:55:44:A4:CA"}}},"request":{"raw":"GET /pxf.gif?uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=ce7bc5be50617aaed4fb988a580b1a6c\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=9 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 14 Sep 2025 09:22:54 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 05b284c4e868149787194d35c124bc70\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":655,"timings":{"blocked":280,"dns":1,"connect":92,"send":0,"wait":93,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/home_videos_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.810Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/home_videos_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 348\r\nlast-modified: Tue, 04 Mar 2014 12:57:02 GMT\r\netag: \"5315cd9e-15c\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":348,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"b648cc89726b701fdb1b64dcc6bd7842","sha1":"ab86f8937c1f8cb7b075719eec9dfcb0ad7fb059","sha256":"432c1bc3a21655b90c0835e4d1b3c4b2643620a8ab9e1a65f66ef76c04f1ec17","sha512":"e90f7bcad2467c2adb27ba8ca165e49e5993bf6e51c0904b3720020a36d01478d8273b8695784e907cb0f53c9239dcf390f938c9cf7eba21bb011f91b5fad6f3","ssdeep":"","tlshash":"72e060e04db8a4a8a4a23207860f21caecb3cdc4082e4530ac09c8c21db000de2ce302","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.347537Z","times_seen":436,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/whatsapp_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/whatsapp_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/css/htmlv126_basic.css\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 3057\r\nlast-modified: Thu, 09 May 2019 10:03:17 GMT\r\netag: \"5cd3fae5-bf1\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3057,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 36 x 37, 8-bit/color RGBA, non-interlaced","md5":"af1b134ddf468446228d0fb5f69c62d0","sha1":"9ffd6a9d6d624e3ca00a6c49df8c0762aefeba30","sha256":"f9f611dc16257617b61ba4b01892a5eeda564ed9430c14e0edf86d872d729097","sha512":"0399853228207a168e0797aafe2784aa2353f5b3acf3fbf9f73c1661e637a4395dd6a1f5aedfee1712d8437ac537dbe4c6d5bf73f03a935cc4ebf57eecc990ca","ssdeep":"","tlshash":"93514c9b01bee48d8d3035a5d0a3c502baba39a3eb46196ff79a4246307532a0824666","first_seen":"2023-04-07T10:05:03Z","last_seen":"2026-04-16T23:03:52.097268Z","times_seen":1006,"resource_available":false,"data":null}},"time_used":288,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":288,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 31 Aug 2025 00:07:02 GMT","end":"Sat, 29 Nov 2025 00:07:01 GMT"},"fingerprint":{"sha1":"AD:4F:15:9E:60:62:A7:16:BA:4B:37:64:C6:01:6B:2B:99:47:89:BE","sha256":"44:74:EA:98:35:48:9C:28:63:20:61:17:18:F6:2B:0A:57:68:36:F4:EF:B0:67:1E:C0:7C:41:30:13:2C:02:F1"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:53 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 43eeb930145c0b3f899bb5fec6e399a3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":148,"timings":{"blocked":64,"dns":0,"connect":17,"send":0,"wait":19,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=515","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html\u0026l=1325\u0026fd=515 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":115,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/back_change_language_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/back_change_language_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 3042\r\nlast-modified: Wed, 09 Apr 2014 09:02:34 GMT\r\netag: \"53450caa-be2\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3042,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"9879e97102aaacacf42f1257a5afb761","sha1":"e523a42312b049a9aadb51a0f0a62833ec1fca96","sha256":"209d59d004a87671c892d53fffc966ec01aa511ba5cd5bef59c16b5455f24102","sha512":"17d7480401fc8f67d73b92e1b3af462e3ea7106a363f760c39e5d794a6bcb9dbb5e7d94e8281fd158418dba3330b2db92d5761948afb9f1174a6a6c63e437001","ssdeep":"","tlshash":"92516db130c43ca8fda842a1e5fa85382a319216fd3c446c69477728776d942c8331af","first_seen":"2023-04-07T10:05:03Z","last_seen":"2026-04-16T23:03:52.095665Z","times_seen":1007,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"torchfriendlypay.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js\u0026l=962\u0026fd=12","fqdn":"torchfriendlypay.com","domain":"torchfriendlypay.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.225Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"torchfriendlypay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 22:09:22 GMT","end":"Tue, 25 Nov 2025 22:09:21 GMT"},"fingerprint":{"sha1":"11:D6:40:9F:C0:3E:93:5F:D7:10:AB:88:ED:35:EF:8D:BC:BA:B6:BE","sha256":"46:DD:4D:E7:2C:ED:72:DC:3F:71:6D:46:29:34:DC:D7:AC:E1:73:91:92:2F:5C:B4:86:3E:AE:F7:FB:A4:58:10"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js\u0026l=962\u0026fd=12 HTTP/1.1\r\nHost: torchfriendlypay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:54 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: torchfriendlypay.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":18,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"torchfriendlypay.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/home_live_wallpaper_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/home_live_wallpaper_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 2313\r\nlast-modified: Wed, 09 Apr 2014 12:11:00 GMT\r\netag: \"534538d4-909\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2313,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"6137c10f1c137a3dccf9a6f61984493b","sha1":"14033b1232519417cb483a40f2b01d3ac3f9d3f0","sha256":"4718027747d7f8c5416b1ef7afb5935158e9b307467f100fd9fa35587b12fb14","sha512":"d93a780719602408ec37e8c22ae8e29259b63594c685725237a84101ab4ffb612c907ad6af8215d8a97a5fff859ee39ec42c570d2df87237ef27797dabf99021","ssdeep":"","tlshash":"2e413bf289d0781f1b4e1ac11061d078cd62a4a6236aa2b050d57ab6871d544af7f1cd","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.351485Z","times_seen":433,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":367,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"effluveputting.com/guVDqNpEAhcDXk/115015","fqdn":"effluveputting.com","domain":"effluveputting.com","tld":"com"},"ip":{"addr":"23.109.170.134","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.819Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"effluveputting.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Sat, 19 Jul 2025 11:41:38 GMT","end":"Fri, 17 Oct 2025 11:41:37 GMT"},"fingerprint":{"sha1":"3A:46:91:A5:EC:08:D0:5F:81:76:2B:91:46:B4:54:A2:3E:49:2A:81","sha256":"0C:63:48:B1:A4:57:E6:EC:96:7F:29:FA:C7:C3:29:51:CF:AD:63:C8:0A:B0:99:96:D6:6B:40:AA:AC:B1:30:A8"}}},"request":{"raw":"GET /guVDqNpEAhcDXk/115015 HTTP/1.1\r\nHost: effluveputting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://waptrick.com\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Mon, 15-Sep-2025 09:22:51 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyM0KgkAUhuE5hxiIJPjA9l6BadnCbbYMXXgFZhEDwxyZGfu5%2B2zxLp5XKcVpAjYTkrrM6yKvDnl5qkBPcNuBRwfdin8PX5AHF0ewd9h0wUrWyOzi8kes%2FgYZbM%2FWfLJe7ByNuABeWjfDzT72l%2F4KmjSBo2gGh3uqQC%2B9%2BwFe7x3U; expires=Mon, 15-Sep-2025 09:22:51 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"4fc71bf68a1d477bd1523733e34d1e90","sha1":"15119105cffbe108b6cf290146ab02c9aa8517ba","sha256":"74c1971a5c7f3f1cfb81b7a0a8717cee5a45841844104566e00bbfca271943ce","sha512":"e8e5f5430841f9cdaad492efce3fed11992913ad2b714b27c6fd147c55b2c56dc1b896635f24c2b180d4215c70ba9a042847d7d9cf3ff8a67b636a4c0ca1ce3d","ssdeep":"","tlshash":"f440000300000000cc300000300300000000000000000c00c000000000000000000000","first_seen":"2023-03-07T01:31:39Z","last_seen":"2026-04-15T22:17:23.892246Z","times_seen":10585,"resource_available":true,"data":null}},"time_used":162,"timings":{"blocked":56,"dns":39,"connect":17,"send":0,"wait":23,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"effluveputting.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.profitabledisplaycontent.com/watch.1454855757021.js?key=2d153cd4cb37fa54e41856d8ba93a1bc\u0026kw=%5B%22waptrick%22%2C%22-%22%2C%22free%22%2C%22downloads%22%2C%22for%22%2C%22your%22%2C%22phone%22%5D\u0026refer=https%3A%2F%2Fwaptrick.com%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3","fqdn":"www.profitabledisplaycontent.com","domain":"profitabledisplaycontent.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.profitabledisplaycontent.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 22:16:27 GMT","end":"Wed, 22 Oct 2025 22:16:26 GMT"},"fingerprint":{"sha1":"80:ED:AE:02:6E:22:92:2C:1D:3B:CF:40:B8:05:ED:A8:F4:78:41:C1","sha256":"27:CE:4E:A9:E9:2E:EA:67:C9:22:7C:B4:62:29:07:B9:BD:AA:87:B5:6A:AD:89:6C:68:5A:63:CB:C5:73:7D:0F"}}},"request":{"raw":"GET /watch.1454855757021.js?key=2d153cd4cb37fa54e41856d8ba93a1bc\u0026kw=%5B%22waptrick%22%2C%22-%22%2C%22free%22%2C%22downloads%22%2C%22for%22%2C%22your%22%2C%22phone%22%5D\u0026refer=https%3A%2F%2Fwaptrick.com%2F\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3 HTTP/1.1\r\nHost: www.profitabledisplaycontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://waptrick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:52 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://waptrick.com\r\naccess-control-allow-credentials: true\r\nlocation: https://www.profitabledisplaycontent.com/watch.1454855757021.js?dev=e\u0026key=2d153cd4cb37fa54e41856d8ba93a1bc\u0026kw=%5B%22waptrick%22%2C%22-%22%2C%22free%22%2C%22downloads%22%2C%22for%22%2C%22your%22%2C%22phone%22%5D\u0026pst=1757841832\u0026rb=\u0026refer=https%3A%2F%2Fwaptrick.com%2F\u0026res=14.3095\u0026rmtc=t\u0026shu=9ec073b7cede0f7af7884f7af5244ba6b6ef11106d290d01bf388531b9a0f51a3810ff262e3a3e3f8dfcebe5d1db40366c78f344147d2d7a6787cc027015f974b10e57aca2b48bb408b3a5ccadfbc99abd1f7bba638dbcf82efe34\u0026tz=0\u0026uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDQ1NzM2MSwiayI6IjJkMTUzY2Q0Y2IzN2ZhNTRlNDE4NTZkOGJhOTNhMWJjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDI2NzEsInBpZCI6ODI0NDIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MzIsInB0Ijo0LCJwayI6ImhyM2R0Mm54OG0iLCJjcGtzIjp7IjI4IjoiY2U3YmM1YmU1MDYxN2FhZWQ0ZmI5ODhhNTgwYjFhNmMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhcHRyaWNrLmNvbS8iLCJhciI6W119fQ.jKJpIRs9o7rKsdkNkjTLb4luBQCGiswVOLUJ0u4QhpA; expires=Sun, 14 Sep 2025 09:23:52 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: www.profitabledisplaycontent.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 74589fce7c4a5d703af38c904f9ffd56\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":4883,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":654,"timings":{"blocked":279,"dns":1,"connect":91,"send":0,"wait":94,"receive":0,"ssl":185},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/home_horoscope_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/home_horoscope_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 1923\r\nlast-modified: Tue, 04 Mar 2014 12:57:02 GMT\r\netag: \"5315cd9e-783\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1923,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"91d6860fd7b12a16bd89ae40d00073bd","sha1":"00b80ac7861977f5099a0e4342ef3ee83d9a3209","sha256":"640ffa6c93e08c9fe84741f09e1e435c3e5233a0caedfd1965b08f72a26cb720","sha512":"9eb0b26e9bd1ff76ce5b3b06a86a1a091c545d70dcea899b398593aaa0c294c8c061c8d5a3fc41b3b6366032165c42150a7091cf0aeac03dc5d0aea6e5efec0d","ssdeep":"","tlshash":"68410adcf39c31da5c92a6b90cd14fa0d7b279ea54ce0136657a881511bc59f4988011","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.356038Z","times_seen":433,"resource_available":false,"data":null}},"time_used":363,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":363,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.profitabledisplaycontent.com/watch.1454855757021.js?dev=e\u0026key=2d153cd4cb37fa54e41856d8ba93a1bc\u0026kw=%5B%22waptrick%22%2C%22-%22%2C%22free%22%2C%22downloads%22%2C%22for%22%2C%22your%22%2C%22phone%22%5D\u0026pst=1757841832\u0026rb=\u0026refer=https%3A%2F%2Fwaptrick.com%2F\u0026res=14.3095\u0026rmtc=t\u0026shu=9ec073b7cede0f7af7884f7af5244ba6b6ef11106d290d01bf388531b9a0f51a3810ff262e3a3e3f8dfcebe5d1db40366c78f344147d2d7a6787cc027015f974b10e57aca2b48bb408b3a5ccadfbc99abd1f7bba638dbcf82efe34\u0026tz=0\u0026uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3","fqdn":"www.profitabledisplaycontent.com","domain":"profitabledisplaycontent.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.profitabledisplaycontent.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 22:16:27 GMT","end":"Wed, 22 Oct 2025 22:16:26 GMT"},"fingerprint":{"sha1":"80:ED:AE:02:6E:22:92:2C:1D:3B:CF:40:B8:05:ED:A8:F4:78:41:C1","sha256":"27:CE:4E:A9:E9:2E:EA:67:C9:22:7C:B4:62:29:07:B9:BD:AA:87:B5:6A:AD:89:6C:68:5A:63:CB:C5:73:7D:0F"}}},"request":{"raw":"GET /watch.1454855757021.js?dev=e\u0026key=2d153cd4cb37fa54e41856d8ba93a1bc\u0026kw=%5B%22waptrick%22%2C%22-%22%2C%22free%22%2C%22downloads%22%2C%22for%22%2C%22your%22%2C%22phone%22%5D\u0026pst=1757841832\u0026rb=\u0026refer=https%3A%2F%2Fwaptrick.com%2F\u0026res=14.3095\u0026rmtc=t\u0026shu=9ec073b7cede0f7af7884f7af5244ba6b6ef11106d290d01bf388531b9a0f51a3810ff262e3a3e3f8dfcebe5d1db40366c78f344147d2d7a6787cc027015f974b10e57aca2b48bb408b3a5ccadfbc99abd1f7bba638dbcf82efe34\u0026tz=0\u0026uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3 HTTP/1.1\r\nHost: www.profitabledisplaycontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://waptrick.com\r\nReferer: https://waptrick.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDQ1NzM2MSwiayI6IjJkMTUzY2Q0Y2IzN2ZhNTRlNDE4NTZkOGJhOTNhMWJjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDI2NzEsInBpZCI6ODI0NDIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MzIsInB0Ijo0LCJwayI6ImhyM2R0Mm54OG0iLCJjcGtzIjp7IjI4IjoiY2U3YmM1YmU1MDYxN2FhZWQ0ZmI5ODhhNTgwYjFhNmMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhcHRyaWNrLmNvbS8iLCJhciI6W119fQ.jKJpIRs9o7rKsdkNkjTLb4luBQCGiswVOLUJ0u4QhpA\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:53 GMT\r\nContent-Type: text/html\r\nContent-Length: 3288\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://waptrick.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=63e4edf8-f0fe-49ca-aff1-72c28711dcb3:1:1; expires=Sun, 21 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\npdhtkv32=true; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\nuncs32=1; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\nu_pl14457361=1; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 15\r\nHost: www.profitabledisplaycontent.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dab28e7fdfaed235d9f52a862f40930e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4883,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (4007)","md5":"ac775db4ec9e92e08318c2176221d0c7","sha1":"5810819373d967ded15d326f30ab806496f362ea","sha256":"810a27bf414e824db8a9b4660bd76b8b28b8b05d9e7bb619428e69bc70c5a542","sha512":"5ca88aca868d2665157ae14978bf6376075a0aed859fc8a1784a6dfee11611246557895b8c89b65b58bcae06b2e735c2e764387321bbb187ada48cc7ef15314e","ssdeep":"96:Ioozs/KzGqALzGA9xBA+WULFwe9YJigpKiqB5QKW1/DeXXCfMEDaH:IxzmlqGiA9xC2LFt7aqjQKKbeXXCkCaH","tlshash":"49a13a72ada65134ac8574b7123f71193d61c21b360add837d8de7a203222940abedee","first_seen":"2025-09-14T09:23:11.230911Z","last_seen":"2025-09-14T09:23:11.230911Z","times_seen":1,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":110,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.net/en/free/mp3/Manaiki","fqdn":"waptrick.net","domain":"waptrick.net","tld":"net"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-14T09:22:46.001Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /en/free/mp3/Manaiki HTTP/1.1\r\nHost: waptrick.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-09-14T09:23:00Z","timestamp":1757841780,"ip_dst":{"addr":"172.18.0.24","port":49220,"asn":0,"as":"","country":"","country_code":"zz"},"ip_src":{"addr":"162.255.119.7","port":80,"asn":22612,"as":"NAMECHEAP-NET","country":"United States","country_code":"US"},"severity":"low","alert":"ET INFO Namecheap URL Forward","source":"{\"timestamp\":\"2025-09-14T09:23:00.642361+0000\",\"flow_id\":1322315361708335,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"162.255.119.7\",\"src_port\":80,\"dest_ip\":\"172.18.0.24\",\"dest_port\":49220,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2035208,\"rev\":2,\"signature\":\"ET INFO Namecheap URL Forward\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_02_16\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_10_14\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_02_16\"]}},\"http\":{\"hostname\":\"waptrick.net\",\"url\":\"/en/free/mp3/Manaiki\",\"http_user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"http_content_type\":\"text/html\",\"http_method\":\"GET\",\"protocol\":\"HTTP/1.1\",\"status\":302,\"redirect\":\"http://waptrick.com\",\"length\":42},\"files\":[{\"filename\":\"/en/free/mp3/Manaiki\",\"sid\":[],\"gaps\":false,\"state\":\"CLOSED\",\"stored\":false,\"size\":42,\"tx_id\":0}],\"app_proto\":\"http\",\"flow\":{\"pkts_toserver\":5,\"pkts_toclient\":4,\"bytes_toserver\":706,\"bytes_toclient\":505,\"start\":\"2025-09-14T09:22:50.157999+0000\"}}"}],"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/email_icon2.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/email_icon2.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/png\r\ncontent-length: 2585\r\nlast-modified: Wed, 22 Jan 2014 10:29:48 GMT\r\netag: \"52df9d9c-a19\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2585,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"9766c9ddba35e22736bc0ff0344ab643","sha1":"c8a26ae1ec185b1a122c9deb69249ae13551cb09","sha256":"4ea7c9397cb12fdbb83acad3d6df3e2427120fbddd201adef942d853b87d5484","sha512":"d458deec6b3b760878c12f6715a43381295d24f09712e2fc72335249ca1846422e1d4d1fc362deadf4897ff7e6767bed07c41bdfe120571a404c430a1dd484b9","ssdeep":"","tlshash":"73513ace23c51724f6b551f8348e8c685e3f18f3daa02f91f58bca40d13668381b02b9","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.349353Z","times_seen":434,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":362,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 08:41:01 GMT","end":"Mon, 17 Nov 2025 08:41:00 GMT"},"fingerprint":{"sha1":"41:D2:08:38:86:84:32:C2:76:B6:A0:7C:F7:02:4C:C5:55:4E:2F:1E","sha256":"A5:34:21:73:D5:FC:24:AF:0D:8A:56:A2:A7:5C:BD:41:46:45:3B:DE:78:A3:6B:67:9C:80:C8:44:02:A9:12:D0"}}},"request":{"raw":"GET /s/roboto/v49/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://waptrick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 08 Sep 2025 23:17:31 GMT\r\nexpires: Tue, 08 Sep 2026 23:17:31 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 08 Sep 2025 18:08:05 GMT\r\ncontent-type: font/woff2\r\nage: 468323\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-17T03:13:33.161197Z","times_seen":742529,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":79,"dns":1,"connect":28,"send":0,"wait":32,"receive":10,"ssl":49},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sat, 30 Aug 2025 23:05:43 GMT","end":"Fri, 28 Nov 2025 23:05:42 GMT"},"fingerprint":{"sha1":"B9:51:95:1F:A8:75:17:3A:9B:B1:75:96:F4:7D:7A:CF:3D:52:C9:71","sha256":"36:D1:B1:18:05:03:10:B2:46:BC:6C:71:A5:E7:BE:07:32:66:88:16:04:1E:5F:96:0F:10:B6:4B:BF:01:D1:42"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:52 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32182\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 292a5ba440e053f2d8e51ca1f33e4977\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85386,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"46a6fef91632b94d14252fe324c1585f","sha1":"387cebbd261b8fe947fe9805875300f2ceeb5cfd","sha256":"36d0c771f8bf310d740cb4d0ca144354c45df284e72361660448708d72f175d5","sha512":"a3aaa1b5ab1113a12793bd1085332eb257416aaa9c4a690525838b91453a281580a979bfb856b3c429c2d4243c3ce02bd318a4b7048124eef96912179836d0fd","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRL:nPncLBSUBULGVTfGpucE5fox","tlshash":"528395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-07-08T10:38:39.799377Z","last_seen":"2025-11-18T17:01:51.014373Z","times_seen":15230,"resource_available":true,"data":null}},"time_used":152,"timings":{"blocked":57,"dns":1,"connect":17,"send":0,"wait":20,"receive":18,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"172.67.170.115","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.464Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 10 Aug 2025 11:11:15 GMT","end":"Sat, 08 Nov 2025 12:08:40 GMT"},"fingerprint":{"sha1":"46:26:78:BD:18:7A:95:15:D4:B3:89:73:FE:7E:99:33:18:7F:21:3E","sha256":"AD:6B:6A:10:54:38:33:B9:BB:A6:FD:B7:B0:1B:2E:9D:62:B8:47:35:C4:E6:7B:F6:4A:92:AA:75:B0:29:F7:F3"}}},"request":{"raw":"GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://waptrick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 14 Sep 2025 09:22:53 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Mon, 27 Sep 2021 07:43:24 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dqgMm3fHPC%2FrxN12ANoSl9pdKfuIFW8LXInXRpZhOETsNDbhSqZjzTquu5J%2Fl%2FhwvWxS1PWYgpQUIpAkV%2BqlJ6frreXHrA2j7ruL4B4%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 97eed28c4b68569f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1325,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"f6990569c7ffeac1f4a3f6d9eee5da44","sha1":"e7d5e37acf89a8faee252c36fc2c9d6615501d76","sha256":"cc2a9756c81bd570fff8b32e48a413687c33f8abe9c934e743a0769178b4f690","sha512":"be3ebced9d65b29fef8caab46e95f54f1ca645ea5942331c84c964ec033fb7c78506d14eda131948b7f664f1635deaa8d82a63169f9214f72035b087ea104bda","ssdeep":"","tlshash":"a52105692df9c97311e750947b352f1bed92ea87c80a6e0173bc9d684f9ad84cd23407","first_seen":"2023-06-26T22:59:31Z","last_seen":"2026-04-16T23:23:34.919023Z","times_seen":2479,"resource_available":false,"data":null}},"time_used":534,"timings":{"blocked":26,"dns":1,"connect":2,"send":0,"wait":481,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/css/animate.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.036Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://waptrick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 14 Sep 2025 09:22:54 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"65aa84fe-13361\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\nage: 626852\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=q3AmghbdxBwFFZak0EhzsgM4Y1e6TDIK1DwMSTVcnwSbLz5BpOYljk6YCY1Cx%2B%2BxnJcd2vjq2XdREUpNYOJOY9L9HGkLyzp6MIXX9nce\"}]}\r\ncf-ray: 97eed28fdc210b69-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":78689,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3d4123dbfb33d27a5cfdfcfa91df6783","sha1":"e7d0eeeec54b848f0bc3da8685fa3bc88429d660","sha256":"cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887","sha512":"75c8a48dc207595e201b50b87ff68782112a21aded9f15f14185c07d40f0151d6afe74a2b278aa575caf12ac422e8166316296ed7b6573ea24e667cca4af51dd","ssdeep":"384:jvuAuF81dghu3ublZlX/m/Gu7uNUtrL4VrbZJgBhLYNKwZiMUL6Vpaj7F:jvuAu21dghu3uLu7uNKwZiMUL6Vpaj7F","tlshash":"22731bad399115845263861d83df9e68273ce5731826acef73c2488bcf8bf9867c9147","first_seen":"2024-01-20T06:37:31Z","last_seen":"2026-04-16T23:23:34.937903Z","times_seen":10718,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":16,"dns":1,"connect":1,"send":0,"wait":34,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"az.isoamidtrusion.com/towu3IhH864JiYsh/37433","fqdn":"az.isoamidtrusion.com","domain":"isoamidtrusion.com","tld":"com"},"ip":{"addr":"23.109.170.198","port":443,"asn":7979,"as":"SERVERS-COM","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.811Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"az.isoamidtrusion.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 13 Sep 2025 12:25:51 GMT","end":"Fri, 12 Dec 2025 12:25:50 GMT"},"fingerprint":{"sha1":"92:0B:F8:43:5F:78:5D:67:92:3B:FE:1E:B0:C3:67:F6:BB:29:C0:83","sha256":"BB:68:97:84:1B:66:23:44:ED:13:69:9A:21:61:23:0F:4F:09:A6:9F:B9:0E:11:6C:ED:91:B6:8B:BF:6F:84:3A"}}},"request":{"raw":"GET /towu3IhH864JiYsh/37433 HTTP/1.1\r\nHost: az.isoamidtrusion.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\naccept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: https://waptrick.com\r\naccess-control-allow-headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires\r\naccess-control-max-age: 600\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: GL_UI4=eJw9zV1OhDAcBHC%2BWdcFnYQDeASKQHj1xSv4SAr9g3Wh3ZQKensbE32bTH6T8TwvKB7g78kZ4Sdv8MRY13Z1U3VlPXa8GoaubZtyaLqSVc00NbiTW2%2F5sJCNcNpWbmxv9wiXmRQZOfajFpTh0am%2F5qr0oSLEg%2BFKZIhXJ5YM6WD0sZEpQkSKr4T0VRqa9JcT%2FEMbhOy5dlkql%2F0Sgd6KMD8jfZNKuGV%2BQcDKPE883N8Wbidt1l6KxEc8Gy4I%2FgtOI7c0a%2FONVNB2tfoG6EX0%2F%2F73ODxYiUTQLkdCrO07mR%2B4dk3m; expires=Mon, 15-Sep-2025 09:22:51 GMT; Max-Age=86400; path=/; secure; SameSite=None\nGL_GI10=eJwVyM0KgkAUhuE5hxiIJPjA9l6BadnCbbYMXXgFZhEDwxyZGfu5%2B2zxLp5XKcVpAjYTkrrM6yKvDnl5qkBPcNuBRwfdin8PX5AHF0ewd9h0wUrWyOzi8kes%2FgYZbM%2FWfLJe7ByNuABeWjfDzT72l%2F4KmjSBo2gGh3uqQC%2B9%2BwFe7x3U; expires=Mon, 15-Sep-2025 09:22:51 GMT; Max-Age=86400; path=/; secure; SameSite=None\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=1\r\nx-content-type-options: nosniff\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"f7a2939527fd9e68723da600e96d76bd","sha1":"a9e717b6364d2895ee0a716050db32ca0ef1bb42","sha256":"d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a","sha512":"e6956ec633c76eb3ebc408528f950b81373238cd1d5b9fff5ddd97089ea14a1ff5934f23769bac5d93cc4cdb6a1fbc4ce69baebfb940a55d8a7a89caccaf92b5","ssdeep":"","tlshash":"ec300000003000000000000000000000000c0000000000000000000000000c00000000","first_seen":"2023-03-07T01:14:39Z","last_seen":"2026-04-16T23:03:52.089417Z","times_seen":13919,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":26,"dns":5,"connect":17,"send":0,"wait":21,"receive":0,"ssl":24},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"az.isoamidtrusion.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/special/videovak/videovak_160x600_1_en.jpg","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.840Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /special/videovak/videovak_160x600_1_en.jpg HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:52 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 15738\r\nlast-modified: Fri, 10 Jan 2020 10:06:18 GMT\r\netag: \"5e184c9a-3d7a\"\r\nexpires: Mon, 14 Sep 2026 09:22:52 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15738,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 160x600, components 3","md5":"3968ac2cf48dec11a2bd2436345e9ac0","sha1":"b70755231d4d09e68c06b81d445cd2d02f38fcc7","sha256":"0d145e9f5925e030ca60af27bfb39119a16ffac97bf55c8546fea7e2c9b1995e","sha512":"c5595f022ac1552d6f73d098347361e864d19cf54b0df051bb65a34bbad193afde2cff69a62a06cc3f2d44fea14e9337b40d26e1b48b5ad227e51d69aae351bd","ssdeep":"384:i/IgBjrWrkYR1XXcEywLnAg137NbWjKWAWOhN:i/zit1XXcEyW51rRKKWA5","tlshash":"7662c033e57f55144212c9f5158eb30c7ad70287bf6aea232ee890a6d1a0cf74194fd5","first_seen":"2025-02-19T06:25:50.92357Z","last_seen":"2026-04-16T23:03:52.072289Z","times_seen":265,"resource_available":false,"data":null}},"time_used":362,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":361,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"elegantimpose.com/2d153cd4cb37fa54e41856d8ba93a1bc/invoke.js","fqdn":"elegantimpose.com","domain":"elegantimpose.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"elegantimpose.com","organization":""},"issuer":{"commonName":"R10","organization":"Let's Encrypt"},"validity":{"start":"Mon, 28 Jul 2025 20:27:18 GMT","end":"Sun, 26 Oct 2025 20:27:17 GMT"},"fingerprint":{"sha1":"2F:B8:35:A2:3D:17:D5:22:11:1A:AC:FF:1C:2F:19:62:5A:BB:32:AF","sha256":"F6:00:B6:19:B0:89:2C:A7:69:98:BF:A3:E9:EC:A3:F2:02:25:ED:E3:84:00:27:71:E5:80:EE:4C:F8:3B:42:EB"}}},"request":{"raw":"GET /2d153cd4cb37fa54e41856d8ba93a1bc/invoke.js HTTP/1.1\r\nHost: elegantimpose.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:52 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 15960\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: elegantimpose.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 40e5d3df3ec008b72c02cadc0681f46b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37674,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (37674), with no line terminators","md5":"71ba17fb34411d341642b1787c0aa07d","sha1":"8fba0f72eeff566919685f06766ce67b9d4e3587","sha256":"d2cf1b690d9db8d4d86b8c768e0349a8093e691e558763d23efef778f17e800e","sha512":"8806687b9d0df2bda91129d7ced7306566ded75b2788bfd78e7f6f658f50251aeb9b1c4a12e59642d1ff885aecf9d371505e39ab95a5305cf0abdac4ffd861cb","ssdeep":"768:iBgj6ccu9YuFYdYjHMjYZ6lRtsi8Yg1L/lUUYEFYLetqz:6gec7PF0Y6Hd8Y0L/qJEFYLetqz","tlshash":"b903f7883fc0b3d456ab6867337fd00ba1955d04a54cd098e927f4e82de876af727b60","first_seen":"2025-09-07T00:40:25.773843Z","last_seen":"2025-09-17T11:49:27.090045Z","times_seen":96,"resource_available":true,"data":null}},"time_used":864,"timings":{"blocked":337,"dns":50,"connect":92,"send":0,"wait":97,"receive":93,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"elegantimpose.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rashcolonizeexpand.com/sbar.json?key=dafe7e98dace1e50d48969e5c8a626a4\u0026abtopt=b\u0026abt=FEATURES-2379_1\u0026uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3","fqdn":"rashcolonizeexpand.com","domain":"rashcolonizeexpand.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:52.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rashcolonizeexpand.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 27 Aug 2025 21:51:30 GMT","end":"Tue, 25 Nov 2025 21:51:29 GMT"},"fingerprint":{"sha1":"1E:45:CB:7E:7C:E7:1E:08:73:0A:D3:08:B4:74:21:2F:CA:B6:15:9B","sha256":"54:F3:5A:C9:08:4C:76:26:F7:0E:BF:E0:3F:5B:38:DD:53:CF:95:81:0B:FC:C7:F9:6A:3E:9C:1A:6E:33:92:E0"}}},"request":{"raw":"GET /sbar.json?key=dafe7e98dace1e50d48969e5c8a626a4\u0026abtopt=b\u0026abt=FEATURES-2379_1\u0026uuid=63e4edf8-f0fe-49ca-aff1-72c28711dcb3 HTTP/1.1\r\nHost: rashcolonizeexpand.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://waptrick.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:53 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4816\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://waptrick.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=63e4edf8-f0fe-49ca-aff1-72c28711dcb3:1:1; expires=Sun, 21 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\nu_pl15627934=1; expires=Mon, 15 Sep 2025 09:22:53 GMT; path=/; secure; SameSite=None\nslecdafe7e98dace1e50d48969e5c8a626a4=[4323737]; expires=Sun, 14 Sep 2025 09:22:58 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 215\r\nHost: rashcolonizeexpand.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7aac9c2accbd425a745f9969d580e25d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6170,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"4a606d789a4070671cf7ae5715d1d50e","sha1":"e548b61d35e21415107cb1bb75f857b98a643bc1","sha256":"da593622cdc488899807a9e41680acbcbfe67551fecd193159f477227ce1405d","sha512":"ef35b429be98e5514ca7ef0358cf03001b49dbdf62dfbdb708ac134f8cd4faef7d24c4cb317cb380e5a43b3257a93e8c4791898dc8b4d76de8341d2d4cda0f0a","ssdeep":"192:9zhB6cJgx2qqasWT981I8hbx2fpe2fyYRyf6K:9zDJgxrqas88xANYf6K","tlshash":"81d1aeed701e70e54787490d7c264ed49ed2274423e69a1f194f9f8fde116b52346834","first_seen":"2025-09-14T09:23:11.238002Z","last_seen":"2025-09-14T09:23:11.238002Z","times_seen":1,"resource_available":false,"data":null}},"time_used":890,"timings":{"blocked":289,"dns":1,"connect":93,"send":0,"wait":311,"receive":1,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"rashcolonizeexpand.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/e7/1b/13/e71b13312082539e211f40b180b929f1/1680663431.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.2","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 08 Sep 2025 02:32:56 GMT","end":"Sun, 07 Dec 2025 02:32:55 GMT"},"fingerprint":{"sha1":"F2:37:25:60:C4:34:06:EB:37:74:9F:D1:9C:FE:63:47:1F:30:4C:58","sha256":"AA:72:28:9B:C9:B7:77:AB:D7:89:4F:AC:CB:86:72:85:1D:1B:E5:15:4D:07:7B:D9:77:0F:D5:BE:92:06:8D:71"}}},"request":{"raw":"GET /si/e7/1b/13/e71b13312082539e211f40b180b929f1/1680663431.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 14 Sep 2025 09:22:54 GMT\r\ncontent-type: image/png\r\ncontent-length: 70608\r\nserver: nginx/1.21.6\r\nlast-modified: Wed, 05 Apr 2023 02:57:19 GMT\r\netag: \"642ce38f-113d0\"\r\nexpires: Tue, 16 Sep 2025 09:22:54 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: ah0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70608,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"61b6bebe0cb42acfc8731bdca04aa71a","sha1":"d396876682997f10b3bf721df1204677e3b5b0be","sha256":"3bebac68fde7ea059ec5422cb3162c3765ff43c7263e9be6e6b324b73ad0e6f2","sha512":"6883904fb678ea57cbedbd3753c93f5e8f73a79b8abf79fefed3ca2ea0d3eb635c9843419cfda66a561addaed6c68d67151ed51270d31ed3e597e67215173e5a","ssdeep":"1536:xK57wBBmhOG4aC7NV3fwtbCj9Q4tsd8aB0oqaoPHmqrfTwHMX:xK1wBgNZaNV34Cj9Q4Sd5aosPd/wsX","tlshash":"0c63010ed38967b86ec02b9fb3097f408b2473acc719c0d768b059b7a346c1961b7d5a","first_seen":"2023-06-24T15:48:47Z","last_seen":"2026-04-16T23:03:52.100255Z","times_seen":873,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"waptrick.com/imgs/htmlcssv11/theme_icon32x32.png","fqdn":"waptrick.com","domain":"waptrick.com","tld":"com"},"ip":{"addr":"207.32.216.51","port":443,"asn":14315,"as":"1GSERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.816Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"waptrick.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Tue, 29 Jul 2025 05:08:23 GMT","end":"Mon, 27 Oct 2025 05:08:22 GMT"},"fingerprint":{"sha1":"90:04:2F:49:85:D4:92:99:0B:85:CB:A8:E7:41:2A:4A:66:BC:9C:D3","sha256":"A6:C2:A4:D9:8A:5B:03:DC:FE:2B:35:F7:4E:B6:30:EF:CF:DF:37:3C:F6:40:DB:27:CC:86:49:45:FF:9F:8F:56"}}},"request":{"raw":"GET /imgs/htmlcssv11/theme_icon32x32.png HTTP/1.1\r\nHost: waptrick.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: socialbar=Y\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.25.0\r\ndate: Sun, 14 Sep 2025 09:22:51 GMT\r\ncontent-type: image/png\r\ncontent-length: 3170\r\nlast-modified: Fri, 20 Mar 2015 08:34:40 GMT\r\netag: \"550bdba0-c62\"\r\nexpires: Mon, 14 Sep 2026 09:22:51 GMT\r\ncache-control: max-age=31536000\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3170,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"189960d2bbe8cadb54cfd1b17c9b905d","sha1":"08ed5afce9cd25be4fc75ca810cc51a9757fefd1","sha256":"537f45ba7423547faaded58fed848e2c819246f372320a573a9e8bb1340c6139","sha512":"14dd3d6846287fa3ab22bd85099c30b9a7787d71f51953db24dfec5a59efe67ca6f2243a8ce20e0e2def66691e509ba3e9961460398f3384eaf2aee7fb93fbe8","ssdeep":"","tlshash":"a9515bcaec06e55d9896dcb12ab7714924fe6c40262bc872627d58a1e810f04c1ee26f","first_seen":"2023-05-09T05:11:10Z","last_seen":"2026-04-04T23:11:28.352497Z","times_seen":434,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"adaptunemployed.com/da/fe/7e/dafe7e98dace1e50d48969e5c8a626a4.js","fqdn":"adaptunemployed.com","domain":"adaptunemployed.com","tld":"com"},"ip":{"addr":"192.243.59.20","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"Dominica","country_code":"DM"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:51.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PKCS1-SHA512","protocol":"TLSv1.2","cert":{"subject":{"commonName":"adaptunemployed.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 02 Sep 2025 20:36:10 GMT","end":"Mon, 01 Dec 2025 20:36:09 GMT"},"fingerprint":{"sha1":"31:BC:E8:E3:A5:12:74:2E:8B:A6:3C:52:50:82:7E:1A:C5:22:C8:EE","sha256":"3E:96:5C:77:11:51:36:3A:C4:5A:74:FC:6F:1C:78:E1:5D:6B:51:D2:51:25:4F:44:D4:28:25:62:4B:91:EB:39"}}},"request":{"raw":"GET /da/fe/7e/dafe7e98dace1e50d48969e5c8a626a4.js HTTP/1.1\r\nHost: adaptunemployed.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.19.5\r\nDate: Sun, 14 Sep 2025 09:22:52 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30342\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nAccept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nSet-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_FEATURES-2379=1; expires=Sun, 14 Sep 2025 09:22:52 GMT; secure; SameSite=None\r\nHost: adaptunemployed.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e218fe922463984e05946e05becc63c3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.19.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":76494,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"b8feda8b00a2bc632645b31b9aac3fa0","sha1":"bb89863c0a28790f76967c932696bb85606010a4","sha256":"32edca7c9c6a3a8c34c0876a7d389a7624dbbe912d6a471b7cec59764aebf487","sha512":"3c67edea3c3167a5e68cf593dbcfe30394222df4d637b0ec2316fa9d35b3d4006a76dd9265949bc3acc00bf55063d17bcf7ce4cf5c7c724d71b0ce6a972441ad","ssdeep":"1536:IZxKuAEEm3pEEim4mYdM96mXpH1fPzdsRt:huAQWRHmWM96m5Jwt","tlshash":"2f73c8897f50b05cc3da6577326fa40af06a1d42a14cf44ce122e8a4ffaa71df53b958","first_seen":"2025-09-10T04:56:00.366714Z","last_seen":"2025-09-14T09:29:22.559293Z","times_seen":8,"resource_available":true,"data":null}},"time_used":784,"timings":{"blocked":277,"dns":35,"connect":92,"send":0,"wait":96,"receive":93,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-09-14","alert":"Sinkholed","trigger":"adaptunemployed.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.profitabledisplaycontent.com/impr.gif?sid=H4sIAAAAAAAC_1RTv28cxRefc6JvkW8RAggJ0VxBAQifZ3Zmf5ECYUJQREiiJCgFopif9uC9nWVm99ZxFWEJBSqnA6r1OycWJELQ0IHQGdFEQsrRYIm44S9ASKnRXSwcnrTv8z77ebv6vN03n2w3B4hCw_cvves2bFHwpXiA-y9ds6VybehfuNoneIBP96_ZMmGn--uz5EevEcoG-OX-21quuaUIE4wJJv2z1mvj1pfmKtjqXk4GOR6waEBiBuv-vzw0PQi8B2p0gJ4Gq6Yn_zTvg5UTKIffntFhrXbVq28Nm4LXzsNI7b5XrpWuLWF4VBrfA1PuHnaDC1OEPl8AV-4eTgButDObAISdooXnHoIodw9tghjdfuxUFKBLEOr_0I4moIs9sHwC0m2CVQ8QgFRw4SKUwzsXnG_59ccqn6lTdPzR32DbKTr-8Fkoh98sF3a9f8UVTW1dGWDddGDXJ2BXJlA1e1BvLIBt90DWH4NVv6KlR-ehHO5cDIUDq_ZfTKhmWpls0WCjF1ku-SI3hiymkYyylBAlBZ1_ImsmwEMPmtlle9CYHjRVD4Zqv89wxiThNDG5kilmnDGlBc6zCGOeyxQaOfO-BXW1BbLYAulvQOVvwJq99eD5u-CbnyCs7n-fa4lTKlKplcYm5SbNMjbDOGJM8EQk2hBCcKKiHCtMhKFZFlMico5NTDjNCDYmSiJNOdXUZMpILXSsiBIM0ySRaWYoY4SlKlIpT9IslRJHKSaxyVMmCNZxyiWPBMuEYDgTlMdScmWEzHMuFDGpEDyhmRLSZJE2mjIIqgehRjBSHbQaQRsQtBxBaxG0NYJ21N1WRYhCd0cVoRHkEKNDpN3Y1Svb_LarV3SJgPst8KrbsdVHYRNkfWy8YYIau1niou7GXKhuuzpAp-YL8ceXp2BN7_cjRWIqFZOCpobHTDOSxYnKBM8pJ0JCsB3YsDD_jRt2inq3TkI1w-UTIPgehGIPpH0KeNMH3o5phIGvQoxho7zX8qr2Vq4NpBuCch1U9XGor_e2iwP0wtzGB79vgpb30WGA9B1UvoMP7c8IVoqb48uuRTuXXRvQdxer2g7tBp_t7JWa1_p_X7-jr7fOq3NnwtZXb8iZMCvvXdWhPs9LZcuVgO4uW6W0P-u81OiHc-GaFpeasLrc-LKpzl968-y5YeV1CNaVE-B2ik789RlIO0XP_PjF_DzGr4zB-gn4poNh84TX6gaE6ogHh8AXR1xUCNqmG_tI_Htz7IU56igsgkIfcS46CE9woZ94kM9exW23HW7Ciu8BrzehHHYw8h2Mig54sQWhOTauK3__9d_oPEAUvbEoPNoRhZ_pdr9vqI4kxlmaEJoZTShT0sQZy1XCMaUa6jBd_eXT4T8BAAD__695ZL91BQAA","fqdn":"www.profitabledisplaycontent.com","domain":"profitabledisplaycontent.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:53.142Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.profitabledisplaycontent.com","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Thu, 24 Jul 2025 22:16:27 GMT","end":"Wed, 22 Oct 2025 22:16:26 GMT"},"fingerprint":{"sha1":"80:ED:AE:02:6E:22:92:2C:1D:3B:CF:40:B8:05:ED:A8:F4:78:41:C1","sha256":"27:CE:4E:A9:E9:2E:EA:67:C9:22:7C:B4:62:29:07:B9:BD:AA:87:B5:6A:AD:89:6C:68:5A:63:CB:C5:73:7D:0F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTv28cxRefc6JvkW8RAggJ0VxBAQifZ3Zmf5ECYUJQREiiJCgFopif9uC9nWVm99ZxFWEJBSqnA6r1OycWJELQ0IHQGdFEQsrRYIm44S9ASKnRXSwcnrTv8z77ebv6vN03n2w3B4hCw_cvves2bFHwpXiA-y9ds6VybehfuNoneIBP96_ZMmGn--uz5EevEcoG-OX-21quuaUIE4wJJv2z1mvj1pfmKtjqXk4GOR6waEBiBuv-vzw0PQi8B2p0gJ4Gq6Yn_zTvg5UTKIffntFhrXbVq28Nm4LXzsNI7b5XrpWuLWF4VBrfA1PuHnaDC1OEPl8AV-4eTgButDObAISdooXnHoIodw9tghjdfuxUFKBLEOr_0I4moIs9sHwC0m2CVQ8QgFRw4SKUwzsXnG_59ccqn6lTdPzR32DbKTr-8Fkoh98sF3a9f8UVTW1dGWDddGDXJ2BXJlA1e1BvLIBt90DWH4NVv6KlR-ehHO5cDIUDq_ZfTKhmWpls0WCjF1ku-SI3hiymkYyylBAlBZ1_ImsmwEMPmtlle9CYHjRVD4Zqv89wxiThNDG5kilmnDGlBc6zCGOeyxQaOfO-BXW1BbLYAulvQOVvwJq99eD5u-CbnyCs7n-fa4lTKlKplcYm5SbNMjbDOGJM8EQk2hBCcKKiHCtMhKFZFlMico5NTDjNCDYmSiJNOdXUZMpILXSsiBIM0ySRaWYoY4SlKlIpT9IslRJHKSaxyVMmCNZxyiWPBMuEYDgTlMdScmWEzHMuFDGpEDyhmRLSZJE2mjIIqgehRjBSHbQaQRsQtBxBaxG0NYJ21N1WRYhCd0cVoRHkEKNDpN3Y1Svb_LarV3SJgPst8KrbsdVHYRNkfWy8YYIau1niou7GXKhuuzpAp-YL8ceXp2BN7_cjRWIqFZOCpobHTDOSxYnKBM8pJ0JCsB3YsDD_jRt2inq3TkI1w-UTIPgehGIPpH0KeNMH3o5phIGvQoxho7zX8qr2Vq4NpBuCch1U9XGor_e2iwP0wtzGB79vgpb30WGA9B1UvoMP7c8IVoqb48uuRTuXXRvQdxer2g7tBp_t7JWa1_p_X7-jr7fOq3NnwtZXb8iZMCvvXdWhPs9LZcuVgO4uW6W0P-u81OiHc-GaFpeasLrc-LKpzl968-y5YeV1CNaVE-B2ik789RlIO0XP_PjF_DzGr4zB-gn4poNh84TX6gaE6ogHh8AXR1xUCNqmG_tI_Htz7IU56igsgkIfcS46CE9woZ94kM9exW23HW7Ciu8BrzehHHYw8h2Mig54sQWhOTauK3__9d_oPEAUvbEoPNoRhZ_pdr9vqI4kxlmaEJoZTShT0sQZy1XCMaUa6jBd_eXT4T8BAAD__695ZL91BQAA HTTP/1.1\r\nHost: www.profitabledisplaycontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://waptrick.com/\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoxNDQ1NzM2MSwiayI6IjJkMTUzY2Q0Y2IzN2ZhNTRlNDE4NTZkOGJhOTNhMWJjIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDI2NzEsInBpZCI6ODI0NDIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MTYsImFpZCI6MzIsInB0Ijo0LCJwayI6ImhyM2R0Mm54OG0iLCJjcGtzIjp7IjI4IjoiY2U3YmM1YmU1MDYxN2FhZWQ0ZmI5ODhhNTgwYjFhNmMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjI2NjU2MTExNSwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEzNjkyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMzQuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3dhcHRyaWNrLmNvbS8iLCJhciI6W119fQ.jKJpIRs9o7rKsdkNkjTLb4luBQCGiswVOLUJ0u4QhpA; uid_id2=63e4edf8-f0fe-49ca-aff1-72c28711dcb3:1:1; pdhtkv=true; uncs=1; pdhtkv32=true; uncs32=1; u_pl14457361=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sun, 14 Sep 2025 09:22:53 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: www.profitabledisplaycontent.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0ce0c414c909dfe1397875700709057d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-17T03:13:33.193802Z","times_seen":13844586,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"104.21.112.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://waptrick.com/","date":"2025-09-14T09:22:54.162Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 29 Aug 2025 18:23:14 GMT","end":"Thu, 27 Nov 2025 19:21:45 GMT"},"fingerprint":{"sha1":"99:06:8C:E5:8E:41:8B:38:F8:46:C0:E9:CF:99:E2:11:F2:8E:DD:AB","sha256":"93:A8:69:6F:83:C3:C8:1B:E8:A3:20:9C:19:F4:47:35:74:85:80:F1:82:1F:48:42:AB:AA:77:A3:35:AB:29:20"}}},"request":{"raw":"GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Sun, 14 Sep 2025 09:22:54 GMT\r\ncontent-type: application/javascript\r\nvary: accept-encoding\r\nlast-modified: Fri, 19 Jan 2024 14:19:42 GMT\r\ncontent-encoding: br\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PejANhEctqiHAxDntOV9oJwtq03%2FHEIIwnSJCYUDpLAc2RcdVPRYl1D%2FEWDC2VDzx63GIwt7bo64BXH%2FLduFe%2BmrAbRYnrNBdZRQyOTL1Xs%3D\"}]}\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nage: 1309340\r\ncf-cache-status: HIT\r\netag: W/\"65aa84fe-1499c\"\r\ncf-ray: 97eed2907ebe3181-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84380,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025)","md5":"4a356126b9573eb7bd1e9a7494737410","sha1":"8258d046f17dd3c15a5d3984e1868b7b5d1db329","sha256":"22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5","sha512":"005c3102459dbf145df6a858629d6a6de4598fafe24cd989d86170731b0c3b3c304da470cf66bfd935f6db911b723df0857b5ed561906f7f1c5c4e63ed9430de","ssdeep":"1536:/P10iSi65U/dXXeyhzeBuG+HYE0mdkuJO1z6Oy4sh3J1A72BjmN7TwpDKba98HrZ:++414Jiz6fh6lTqya98HrZ","tlshash":"dc83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-04-17T03:15:56.644637Z","times_seen":16401,"resource_available":true,"data":null}},"time_used":19,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}