{"report_id":"47de894a-66e3-45c8-839c-6fc335529ed0","version":6,"status":"done","tags":[],"date":"2026-01-04T15:13:09Z","url":{"schema":"http","addr":"ad-nex.com/link.php?i=ai6k1c00dkii\u0026pbid={click_id}\u0026kbp1={campaign_id}\u0026kbp2={creative_id}\u0026kbp3={referrer}{site_id}{keywords}{geo}{pricing_model}{cost}{ip}{site_host}","fqdn":"ad-nex.com","domain":"ad-nex.com","tld":"com"},"ip":{"addr":"59.106.237.133","port":0,"asn":9370,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"final":{"url":{"schema":"https","addr":"happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","fqdn":"happy-egg.net","domain":"happy-egg.net","tld":"net"},"title":"このサイトはスマートフォン専用です。QRコードを読み取ってからご確認ください。","dom":{"size":33489,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (27446)","md5":"fa88b19669f71c451c71539381931581","sha1":"1f4eb29122360d9c6b377da21d3a7d2cd72d9da1","sha256":"417c6b36589efd0aa82ad0aac38ba331ee0cadecc290242be54d1714733e5a15","sha512":"74dc9c9d6ce8653ea2a1cbcd180e09dcdfff6db5666f1ea6376ae26e34b2378ad2d825218b3fa0cc8c778509e40523aea39e777e5b5bdc9afaf149c8e6f4d623","ssdeep":"768:+q3lM2e3ZDFAqRmfa7MCt750UzdXrv/VM9VB8JxBIEl27rG2uHsEwxt:B3lM2KNFAPd+ZL9EVUXJ2un2","tlshash":"34e2cf9f8dc86404e6a53c794d3b7044b6aa650fe849cc61f48cf267af50efaa4435f8","dom_hash":"domhash3360f32f044f33715b836d884ea18899","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"ad-nex.com/link.php?i=ai6k1c00dkii\u0026pbid={click_id}\u0026kbp1={campaign_id}\u0026kbp2={creative_id}\u0026kbp3={referrer}{site_id}{keywords}{geo}{pricing_model}{cost}{ip}{site_host}","fqdn":"ad-nex.com","domain":"ad-nex.com","tld":"com"},"ip":{"addr":"59.106.237.133","port":0,"asn":9370,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-08T15:13:09Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"happy-egg.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"happy-egg.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ad-nex.com","ip":{"addr":"27.133.150.213","port":443,"asn":9370,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"domain_registered":"2017-09-11","domain_rank":177990,"first_seen":"2018-07-19T20:14:15Z","last_seen":"2026-01-01T21:50:10.060749Z","alert_count":0,"request_count":2,"received_data":7332,"sent_data":1079,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.0.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"ajax.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":3691,"first_seen":"2012-05-22T10:38:03Z","last_seen":"2025-12-28T22:36:42.452939Z","alert_count":0,"request_count":2,"received_data":176756,"sent_data":884,"comment":"","tags":null,"fingerprints":null},{"fqdn":"happy-egg.net","ip":{"addr":"192.200.109.186","port":443,"asn":53850,"as":"GORILLASERVERS","country":"United States","country_code":"US"},"domain_registered":"2009-08-26","domain_rank":4435195,"first_seen":"2015-03-23T11:16:10Z","last_seen":"2025-12-27T16:16:10.964098Z","alert_count":6,"request_count":3,"received_data":4149,"sent_data":1623,"comment":"","tags":null,"fingerprints":[{"name":"PHP:7.0.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.rawgit.com","ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"domain_registered":"2014-03-20","domain_rank":102096,"first_seen":"2017-01-30T05:42:07Z","last_seen":"2025-12-30T07:42:00.197543Z","alert_count":0,"request_count":1,"received_data":20880,"sent_data":444,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-12-28T22:26:34.892336Z","alert_count":0,"request_count":1,"received_data":20701,"sent_data":449,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","fqdn":"happy-egg.net","domain":"happy-egg.net","tld":"net"},"ip":{"addr":"192.200.109.186","port":443,"asn":53850,"as":"GORILLASERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"ddaee42d9c8550993b4a3a1d4a7c3e4d","sha1":"be59fd3cff5445e4cd417ca180cd0207899b60c4","sha256":"a05515e5d8fdf5009931f721f788c932ec901de7398d0acbc6f328a182285a97","sha512":"28b4299692025469d815a7b7b7edb28b8c7ef624eca5f2a9f606b89d2f65f0b60acc10e24039990b7348b7ccf11fe4af1676cd7edc5863e00d7602341aef82ae","ssdeep":"","tlshash":"90f0550b2c131474de6b20ca63fa809831f1220b6812d824b4cee8451f08f78a81bde8","size":453,"data":"","first_seen":"2025-11-04T19:23:19.968139Z","last_seen":"2026-01-13T15:55:00.301232Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.rawgit.com/davidshimjs/qrcodejs/gh-pages/qrcode.min.js","fqdn":"cdn.rawgit.com","domain":"rawgit.com","tld":"com"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"introduction_type":"scriptElement","is_inline":false,"md5":"517b55d3688ce9ef1085a3d9632bcb97","sha1":"2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b","sha256":"c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36","sha512":"08d80845e706a3b9e985b799d3849cd7791ad3ba5aa9d793bb4591d4833890d7299810144874905f416c94d8530da74be0ee520066a91ade05a1da8bf0ccb498","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy9:xThP2V/9N4U/gQYPXa8CAPLyrZ","tlshash":"8c92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","size":19927,"data":"","first_seen":"2023-03-07T01:14:56Z","last_seen":"2026-04-07T22:38:54.50828Z","times_seen":54256,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad-nex.com/data.php?id=ai3dkpvihu3n\u0026param=cid%3Dci8z40bgqx3td","fqdn":"ad-nex.com","domain":"ad-nex.com","tld":"com"},"ip":{"addr":"27.133.150.213","port":443,"asn":9370,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"introduction_type":"scriptElement","is_inline":false,"md5":"8b545e08aa2b559ae69acd54e16425e9","sha1":"2e71d273ff609a7f521cdbdd80585f3a10083fc1","sha256":"507ce89299c5114bbff4514d64c6bee9784bc6304b12161cecd0f89c75cfb1ca","sha512":"9e5c974d5a5da2047ce2cff3c8c2cd6e0785a77f7fbf1577c744bd072155629c0c4ae19d93a2ed93913c6a8c637e8e5454e3715f6871e75642f1e6cf1dd6d90f","ssdeep":"","tlshash":"ac71dc8a768d940adaf438bd9477724cf579a81ddc64cca2c084d5afd830faa742b488","size":3619,"data":"","first_seen":"2026-01-04T15:13:12.817096Z","last_seen":"2026-01-04T15:13:12.817096Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","fqdn":"happy-egg.net","domain":"happy-egg.net","tld":"net"},"ip":{"addr":"192.200.109.186","port":443,"asn":53850,"as":"GORILLASERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"a14e6b349943ee12d6b6a14678fb2512","sha1":"bf1540182ae3cca8b72fc1db1a7b6e911b165385","sha256":"5909754147765a8012990966b9bc007b0d13ce1f025c1b1aa8e39b8561e84346","sha512":"9eb8f6e023a1dcbd45b66f1e4606545c4fd6d89ec0e6af357b112d565caa531ab7f300f2d8cbb88efa1d7c832fc50d6fcd4d6633a76c15373c07c75832dfd158","ssdeep":"","tlshash":"a4e0ab224e840c4ced0a32448f6d5811a3a0326b22f0ec313c8efcc04744821c9ff0f0","size":409,"data":"","first_seen":"2025-10-19T20:49:19.895301Z","last_seen":"2026-04-01T11:41:03.792222Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","size":88145,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-07T22:04:43.472096Z","times_seen":115883,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","fqdn":"happy-egg.net","domain":"happy-egg.net","tld":"net"},"ip":{"addr":"192.200.109.186","port":443,"asn":53850,"as":"GORILLASERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a29bb693e6c49aa842e5f16eee588c70","sha1":"9db89fb814ae9e01287cfb0727289a1a19856bfd","sha256":"027fa2f06b867d628aaaab81792a973523bc238dedff8c3e9764720e94136e0d","sha512":"ee8d5189d975e2982d05996abc4188f1dbd9f00584e53bdccf1a38ee05d26917f66cdefb6e21d6311c2b732838f2faac708ab5fe543a28086d91e77cd1db615f","ssdeep":"","tlshash":"6b51adab538d9817e3f4387dd8173688f271284dd9a8cc65c488e5aba530fab78170dc","size":2678,"data":"","first_seen":"2026-01-04T15:13:12.827174Z","last_seen":"2026-01-04T15:13:12.827174Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","size":86659,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-07T22:36:48.250354Z","times_seen":77854,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","fqdn":"happy-egg.net","domain":"happy-egg.net","tld":"net"},"ip":{"addr":"192.200.109.186","port":443,"asn":53850,"as":"GORILLASERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"13b92cc9531feaaf84bc17b5b88787ef","sha1":"1803fa2d31cf866316e2b97b7688a1c88fd4a5d2","sha256":"7db60d823be6aabcb2779261a29488806771cc1a83b39f0334f068b79255d223","sha512":"775be912c03a7bf5100da7a94f2b4da9500f5f55be29b247385d8e99c48df42eedc48f2b4120a99885afecd7b2d6106e08e63c3fc0c788e22bb7f0dd583ce66b","ssdeep":"","tlshash":"e3f04c4a6aa0140e913334dd6f6f5011716a014f102cfd00fe4cf9929fc05384fe7aae","size":638,"data":"","first_seen":"2025-10-19T20:49:19.900212Z","last_seen":"2026-04-01T11:41:03.793391Z","times_seen":43,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","fqdn":"happy-egg.net","domain":"happy-egg.net","tld":"net"},"ip":{"addr":"192.200.109.186","port":443,"asn":53850,"as":"GORILLASERVERS","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"292882d9e29b8fb15fc4abd8106e70c8","sha1":"59bb94f7b2a86051a5d8ec91d040fcfac03f1498","sha256":"9f134dd4491c8d7e5b387151425e6849c77e5f5f82225e7af09f92e35eeaa60f","sha512":"b53ca5fbdd19b076661898530eeb94fbf0c7e06defd883409477b57e458cf9a6fd95afed9170395568a9f8f9e50d7ae9d476926c1567f79c7bcb70e1b272d9c3","ssdeep":"","tlshash":"70e08c1a266126a0b8bb218a272a214c21b3981f3847dd157a8d97142f6c1ab8234ad7","size":305,"data":"","first_seen":"2025-12-23T16:42:20.461597Z","last_seen":"2026-04-01T11:41:03.794521Z","times_seen":37,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"ad-nex.com/link.php?i=ai6k1c00dkii\u0026pbid={click_id}\u0026kbp1={campaign_id}\u0026kbp2={creative_id}\u0026kbp3={referrer}{site_id}{keywords}{geo}{pricing_model}{cost}{ip}{site_host}","fqdn":"ad-nex.com","domain":"ad-nex.com","tld":"com"},"ip":{"addr":"27.133.150.213","port":443,"asn":9370,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T15:12:47.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ad-nex.com","organization":""},"issuer":{"commonName":"JPRS Domain Validation Authority - G4","organization":"Japan Registry Services Co., Ltd."},"validity":{"start":"Thu, 25 Dec 2025 08:34:04 GMT","end":"Thu, 31 Dec 2026 14:59:59 GMT"},"fingerprint":{"sha1":"75:85:73:63:63:06:DE:A7:8B:28:8B:46:5F:84:C3:9B:76:B9:9C:A8","sha256":"3E:7C:A8:48:DD:DC:DF:E6:28:DE:7B:C1:1E:9E:5B:C4:AF:C3:2A:F4:BC:ED:36:0E:16:81:FD:F2:7D:B4:00:ED"}}},"request":{"raw":"GET /link.php?i=ai6k1c00dkii\u0026pbid={click_id}\u0026kbp1={campaign_id}\u0026kbp2={creative_id}\u0026kbp3={referrer}{site_id}{keywords}{geo}{pricing_model}{cost}{ip}{site_host} HTTP/1.1\r\nHost: ad-nex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nDate: Sun, 04 Jan 2026 15:12:49 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.0.33\r\nP3P: CP='UNI CUR OUR'\r\nLocation: https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td\r\nContent-Length: 0\r\nConnection: close\r\nContent-Type: text/html; charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"PHP:7.0.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":3212,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T22:38:16.996083Z","times_seen":13478183,"resource_available":true,"data":null}},"time_used":3494,"timings":{"blocked":1609,"dns":256,"connect":270,"send":0,"wait":276,"receive":0,"ssl":1080},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","date":"2026-01-04T15:12:50.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://happy-egg.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30774\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 02 Jan 2026 15:58:40 GMT\r\nexpires: Sat, 02 Jan 2027 15:58:40 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 170050\r\nlast-modified: Mon, 13 May 2019 14:37:17 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":88145,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"220afd743d9e9643852e31a135a9f3ae","sha1":"88523924351bac0b5d560fe0c5781e2556e7693d","sha256":"0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a","sha512":"6e722fce1e8553be592b1a741972c7f5b7b0cdafce230e9d2d587d20283482881c96660682e4095a5f14df45a96ec193a9b222030c53b1b7bbe8312b2eae440d","ssdeep":"1536:yTExXUZinxD7oPEZxkMV4SYKFMbRHZ6H5HOHCWrcElzuu7BRCKKBEqBsojZlOPma:ygZm0H5HO5+gCKWZyPmHQ47GKe","tlshash":"338319dd72c6706257b761ba00bf540bf236599e6c4d4410f124e8eabc78a4a823bf7d","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-07T22:04:43.472096Z","times_seen":115883,"resource_available":true,"data":null}},"time_used":184,"timings":{"blocked":75,"dns":0,"connect":15,"send":0,"wait":15,"receive":16,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","fqdn":"happy-egg.net","domain":"happy-egg.net","tld":"net"},"ip":{"addr":"192.200.109.186","port":443,"asn":53850,"as":"GORILLASERVERS","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-04T15:12:49.454Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"happy-egg.net","organization":""},"issuer":{"commonName":"FujiSSL SHA2 Domain Secure Site CA","organization":"Nijimo K.K."},"validity":{"start":"Sat, 13 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:34:0B:6B:8B:95:8B:90:E5:30:80:3B:F2:D7:83:16:D7:F5:56:6F","sha256":"D4:FC:A1:52:33:BB:61:FA:F1:39:BB:34:FE:CC:52:F8:BE:4C:D8:97:A0:BF:5C:AD:6D:84:A9:9D:B7:DC:5D:B4"}}},"request":{"raw":"GET /apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td HTTP/1.1\r\nHost: happy-egg.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 04 Jan 2026 15:12:50 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-powered-by: PHP/7.0.33\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.0.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Google Hosted Libraries","description":"Google Hosted Libraries is a stable, reliable, high-speed, globally available content distribution network for the most popular, open-source JavaScript libraries.","website":"https://developers.google.com/speed/libraries","common_platform_enumeration":"","icon":"Google Developers.svg","categories":["CDN"]},{"name":"jQuery:3.4.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3212,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"490d30cc382812ae468a8bbb039cd39f","sha1":"55ea9ed3cb13bf8bb05667f19da2d6ba0d9dc8a1","sha256":"4c68d59e5c94762866ec8098f7335183204acc7a28a904e7c65bfef78c5550d7","sha512":"ec3ff7f0de5867f0a0026886f7f8f8ccf42e5039473a892f79a97ad0ada125e06530ffa4c5f280c622f7dff6ce0f9c975a30cfadf7a53788b82d3049aa160705","ssdeep":"","tlshash":"d361411a5c924409e92330951bfa601c72b6d90fb449dc207dccf5509f88badc8b7af8","first_seen":"2026-01-04T15:13:12.811657Z","last_seen":"2026-01-13T15:55:00.289462Z","times_seen":3,"resource_available":false,"data":null}},"time_used":1893,"timings":{"blocked":876,"dns":267,"connect":136,"send":0,"wait":139,"receive":0,"ssl":473},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"happy-egg.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"happy-egg.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.rawgit.com/davidshimjs/qrcodejs/gh-pages/qrcode.min.js","fqdn":"cdn.rawgit.com","domain":"rawgit.com","tld":"com"},"ip":{"addr":"194.242.11.186","port":443,"asn":34989,"as":"ServeTheWorld AS","country":"Norway","country_code":"NO"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","date":"2026-01-04T15:12:50.683Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.rawgit.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Dec 2025 17:02:54 GMT","end":"Sat, 21 Mar 2026 17:02:53 GMT"},"fingerprint":{"sha1":"CF:EB:F1:91:64:03:67:8E:82:5F:7A:E3:C3:2C:54:13:43:65:E0:DA","sha256":"68:BB:1B:AD:D7:FC:07:40:DB:EF:8C:B0:E1:DD:77:72:36:4D:05:FB:A3:3F:39:BC:EA:C3:BC:FD:CC:7C:92:E4"}}},"request":{"raw":"GET /davidshimjs/qrcodejs/gh-pages/qrcode.min.js HTTP/1.1\r\nHost: cdn.rawgit.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://happy-egg.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\ndate: Sun, 04 Jan 2026 15:12:51 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 105\r\nlocation: https://cdn.jsdelivr.net/gh/davidshimjs/qrcodejs@gh-pages/qrcode.min.js\r\nserver: BunnyCDN-NO1-830\r\ncdn-pullzone: 201235\r\ncdn-requestcountrycode: NO\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\nage: 26330\r\ncache-control: public, max-age=2592000\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-served-by: cache-fra-eddf8230101-FRA, cache-chi-kigq8000047-CHI\r\nx-cache: MISS, HIT\r\ncdn-proxyver: 1.43\r\ncdn-requestpullcode: 301\r\ncdn-requestpullsuccess: True\r\ncdn-edgestorageid: 830\r\ncdn-cachedat: 01/04/2026 15:12:51\r\ncdn-status: 301\r\ncdn-requesttime: 0\r\ncdn-requestid: 6bcb45405d117002ff826cec72c9e9b3\r\ncdn-cache: EXPIRED\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Bunny","description":"","website":"https://bunny.net","common_platform_enumeration":"","icon":"Bunny.svg","categories":["CDN"]}],"data":{"size":19927,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-07T22:38:16.996083Z","times_seen":13478183,"resource_available":true,"data":null}},"time_used":651,"timings":{"blocked":95,"dns":92,"connect":1,"send":0,"wait":457,"receive":0,"ssl":4},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/livelog.biz/lp/script/function/qrcode/reset.css","fqdn":"happy-egg.net","domain":"happy-egg.net","tld":"net"},"ip":{"addr":"192.200.109.186","port":443,"asn":53850,"as":"GORILLASERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","date":"2026-01-04T15:12:50.681Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"happy-egg.net","organization":""},"issuer":{"commonName":"FujiSSL SHA2 Domain Secure Site CA","organization":"Nijimo K.K."},"validity":{"start":"Sat, 13 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:34:0B:6B:8B:95:8B:90:E5:30:80:3B:F2:D7:83:16:D7:F5:56:6F","sha256":"D4:FC:A1:52:33:BB:61:FA:F1:39:BB:34:FE:CC:52:F8:BE:4C:D8:97:A0:BF:5C:AD:6D:84:A9:9D:B7:DC:5D:B4"}}},"request":{"raw":"GET /apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/livelog.biz/lp/script/function/qrcode/reset.css HTTP/1.1\r\nHost: happy-egg.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 04 Jan 2026 15:12:50 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncontent-length: 285\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":285,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"0e48ecb5da668451dc61ae19eb9bb68e","sha1":"988414540a03b3dce5909137813af577927dadb0","sha256":"3e86b4f4b642c0323250d579d43291c422d013b95076ad65e9f1837b02cf997d","sha512":"767aaff9857e637f59ec6e507d0fbc65c49f119368b57acda2b942054845b679bc28eba81cd50fdba2b17bde94d3c3d12c2aaa2a2a7092ab80d5b597840cb149","ssdeep":"","tlshash":"ccd0eb4ca0432246082300603ec32082a4ce237ab47680f43e825085e608a3c848fe8e","first_seen":"2025-11-04T19:23:19.966124Z","last_seen":"2026-01-13T15:55:00.291011Z","times_seen":4,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":138,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"happy-egg.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"happy-egg.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/davidshimjs/qrcodejs@gh-pages/qrcode.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","date":"2026-01-04T15:12:51.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /gh/davidshimjs/qrcodejs@gh-pages/qrcode.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://happy-egg.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: gh-pages\r\nx-jsd-version-type: branch\r\netag: W/\"4dd7-LQbB+CPzTBmYHGrgsOsPWGHF4Us\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Sun, 04 Jan 2026 15:12:51 GMT\r\nage: 30041\r\nx-served-by: cache-fra-eddf8230165-FRA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 7121\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":19927,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"ASCII text, with very long lines (19927), with no line terminators","md5":"517b55d3688ce9ef1085a3d9632bcb97","sha1":"2d06c1f823f34c19981c6ae0b0eb0f5861c5e14b","sha256":"c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36","sha512":"08d80845e706a3b9e985b799d3849cd7791ad3ba5aa9d793bb4591d4833890d7299810144874905f416c94d8530da74be0ee520066a91ade05a1da8bf0ccb498","ssdeep":"384:WRQ2kvcAAdTRhQLThP2yO9/9G84U5xOiKQYHHHsglDep9m1yfB8dKLMyA+LyUyy9:xThP2V/9N4U/gQYPXa8CAPLyrZ","tlshash":"8c92c7e4f36542f6915e6cd4283f104b64a0a4636c1490acbfb5c1e6a9f8fe0647af74","first_seen":"2023-03-07T01:14:56Z","last_seen":"2026-04-07T22:38:54.50828Z","times_seen":54256,"resource_available":true,"data":null}},"time_used":150,"timings":{"blocked":61,"dns":1,"connect":26,"send":0,"wait":27,"receive":1,"ssl":31},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad-nex.com/data.php?id=ai3dkpvihu3n\u0026param=cid%3Dci8z40bgqx3td","fqdn":"ad-nex.com","domain":"ad-nex.com","tld":"com"},"ip":{"addr":"27.133.150.213","port":443,"asn":9370,"as":"SAKURA Internet Inc.","country":"Japan","country_code":"JP"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","date":"2026-01-04T15:12:51.381Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"ad-nex.com","organization":""},"issuer":{"commonName":"JPRS Domain Validation Authority - G4","organization":"Japan Registry Services Co., Ltd."},"validity":{"start":"Thu, 25 Dec 2025 08:34:04 GMT","end":"Thu, 31 Dec 2026 14:59:59 GMT"},"fingerprint":{"sha1":"75:85:73:63:63:06:DE:A7:8B:28:8B:46:5F:84:C3:9B:76:B9:9C:A8","sha256":"3E:7C:A8:48:DD:DC:DF:E6:28:DE:7B:C1:1E:9E:5B:C4:AF:C3:2A:F4:BC:ED:36:0E:16:81:FD:F2:7D:B4:00:ED"}}},"request":{"raw":"GET /data.php?id=ai3dkpvihu3n\u0026param=cid%3Dci8z40bgqx3td HTTP/1.1\r\nHost: ad-nex.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://happy-egg.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sun, 04 Jan 2026 15:12:52 GMT\r\nServer: Apache\r\nX-Powered-By: PHP/7.0.33\r\nP3P: CP='UNI CUR OUR'\r\nContent-Length: 3619\r\nConnection: close\r\nContent-Type: text/javascript;charset=UTF-8\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP:7.0.33","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":3619,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (2773), with CRLF line terminators","md5":"8b545e08aa2b559ae69acd54e16425e9","sha1":"2e71d273ff609a7f521cdbdd80585f3a10083fc1","sha256":"507ce89299c5114bbff4514d64c6bee9784bc6304b12161cecd0f89c75cfb1ca","sha512":"9e5c974d5a5da2047ce2cff3c8c2cd6e0785a77f7fbf1577c744bd072155629c0c4ae19d93a2ed93913c6a8c637e8e5454e3715f6871e75642f1e6cf1dd6d90f","ssdeep":"","tlshash":"ac71dc8a768d940adaf438bd9477724cf579a81ddc64cca2c084d5afd830faa742b488","first_seen":"2026-01-04T15:13:12.817096Z","last_seen":"2026-01-04T15:13:12.817096Z","times_seen":1,"resource_available":true,"data":null}},"time_used":2371,"timings":{"blocked":1047,"dns":1,"connect":270,"send":0,"wait":276,"receive":0,"ssl":774},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"happy-egg.net/favicon.ico","fqdn":"happy-egg.net","domain":"happy-egg.net","tld":"net"},"ip":{"addr":"192.200.109.186","port":443,"asn":53850,"as":"GORILLASERVERS","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","date":"2026-01-04T15:12:51.699Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"happy-egg.net","organization":""},"issuer":{"commonName":"FujiSSL SHA2 Domain Secure Site CA","organization":"Nijimo K.K."},"validity":{"start":"Sat, 13 Sep 2025 00:00:00 GMT","end":"Tue, 13 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"BE:34:0B:6B:8B:95:8B:90:E5:30:80:3B:F2:D7:83:16:D7:F5:56:6F","sha256":"D4:FC:A1:52:33:BB:61:FA:F1:39:BB:34:FE:CC:52:F8:BE:4C:D8:97:A0:BF:5C:AD:6D:84:A9:9D:B7:DC:5D:B4"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: happy-egg.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td\r\nCookie: CL_adnex=ci8z40bgqx3td\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: nginx\r\ndate: Sun, 04 Jan 2026 15:12:51 GMT\r\ncontent-type: text/html\r\ncontent-length: 146\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-07T22:38:32.632265Z","times_seen":481489,"resource_available":true,"data":null}},"time_used":136,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":136,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"happy-egg.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-04","alert":"Sinkholed","trigger":"happy-egg.net","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js","fqdn":"ajax.googleapis.com","domain":"ajax.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://happy-egg.net/apps/matchapp/adnex/o_01/0/ai3dkpvihu3n/?cid=ci8z40bgqx3td","date":"2026-01-04T15:12:52.714Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:54:11 GMT","end":"Wed, 25 Feb 2026 15:54:10 GMT"},"fingerprint":{"sha1":"43:D3:3F:93:6C:4F:F7:67:58:9D:D5:48:20:4C:74:A2:69:DB:13:9F","sha256":"8C:DB:D2:85:E1:AB:12:7B:1D:5A:65:A7:EC:22:67:6F:B3:A6:65:01:28:29:FA:D2:3B:01:8D:10:7E:4D:09:52"}}},"request":{"raw":"GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1\r\nHost: ajax.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://happy-egg.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"hosted-libraries-pushers\"\r\nreport-to: {\"group\":\"hosted-libraries-pushers\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 30306\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Mon, 29 Dec 2025 09:59:38 GMT\r\nexpires: Tue, 29 Dec 2026 09:59:38 GMT\r\ncache-control: public, max-age=31536000, stale-while-revalidate=2592000\r\nage: 537194\r\nlast-modified: Tue, 03 Mar 2020 19:15:00 GMT\r\ncontent-type: text/javascript; charset=UTF-8\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":86659,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (32058)","md5":"c9f5aeeca3ad37bf2aa006139b935f0a","sha1":"1055018c28ab41087ef9ccefe411606893dabea2","sha256":"87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de","sha512":"dcff2b5c2b8625d3593a7531ff4ddcd633939cc9f7acfeb79c18a9e6038fdaa99487960075502f159d44f902d965b0b5aed32b41bfa66a1dc07d85b5d5152b58","ssdeep":"1536:YNhEyjjTikEJO4edXXe9J578go6MWX2xkj8e4c4j2ll2AckaXEP6n15HZ+FhFcQ7:uxc2yjx4j2uX/kcQDU8Cu9","tlshash":"4483e6d9b2c67062977730b950bf410bb17a98dab44c8c60f158d9d47eb8a8d907bf2c","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-04-07T22:36:48.250354Z","times_seen":77854,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":17,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}