{"report_id":"49540ed9-4414-486e-9230-077c809cccb6","version":6,"status":"done","tags":[],"date":"2025-11-09T08:30:06Z","url":{"schema":"http","addr":"tracking.insta-tool.net/66b62f283d6373156310028c?sub1=10078367\u0026sub2=7774508\u0026sub3=5279024\u0026sub4=colttechnologyservicesgrouplimited\u0026sub5=24753652\u0026sub6=DE\u0026sub7=high\u0026sub8=\u0026sub9=android13\u0026sub10=samsung\u0026sub11=de\u0026ref_id=1011302367599013889\u0026cost=0.000000","fqdn":"tracking.insta-tool.net","domain":"insta-tool.net","tld":"net"},"ip":{"addr":"178.162.133.193","port":0,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"final":{"url":{"schema":"https","addr":"881.lkadtrack006.date/adserver/delivery/click.php?site_id=72016\u0026aff_sub=691050f90481b600015a33ae\u0026source=759_10078367_7774508_5279024","fqdn":"881.lkadtrack006.date","domain":"lkadtrack006.date","tld":"date"},"title":"881.lkadtrack006.date/adserver/delivery/click.php?site_id=72016\u0026aff_sub=691050f90481b600015a33ae\u0026source=759_10078367_7774508_5279024","dom":{"size":56,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"32f1a769faf9103d203409f7ee7a1ffe","sha1":"cd87aa4aa6292e16d5dc0ea2d955b79a336c5f8c","sha256":"6d8f4e3ad808dcd1a9f1624162e308029370702913ed9c47a5d019d22b8b3ab7","sha512":"904b9061aac13a5a3cc3b59f13a8e6ccf04eba01f32d328ae9be246417c95df21266ee05b9e6698e7f0cc0ec689cae34a4da9461a169ac663272d22e98a906a5","ssdeep":"","tlshash":"9d9002fbd0514005ad6035c00cd7a3462d64865430114e04b5807465c854559a803194","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tracking.insta-tool.net/66b62f283d6373156310028c?sub1=10078367\u0026sub2=7774508\u0026sub3=5279024\u0026sub4=colttechnologyservicesgrouplimited\u0026sub5=24753652\u0026sub6=DE\u0026sub7=high\u0026sub8=\u0026sub9=android13\u0026sub10=samsung\u0026sub11=de\u0026ref_id=1011302367599013889\u0026cost=0.000000","fqdn":"tracking.insta-tool.net","domain":"insta-tool.net","tld":"net"},"ip":{"addr":"178.162.133.193","port":0,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"tags":null,"meta":null,"user":{"country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-14T08:30:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"tracking.insta-tool.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"tracking.insta-tool.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"881.lkadtrack006.date","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-02-07","domain_rank":0,"first_seen":"2019-01-12T23:07:01Z","last_seen":"2025-11-03T07:42:57.112826Z","alert_count":0,"request_count":2,"received_data":1398,"sent_data":1159,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tracking.insta-tool.net","ip":{"addr":"88.198.75.39","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2023-01-20","domain_rank":4161078,"first_seen":"2024-08-12T11:18:57Z","last_seen":"2025-11-05T21:49:50.384805Z","alert_count":2,"request_count":1,"received_data":1001,"sent_data":713,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tappx.go2affise.com","ip":{"addr":"35.214.172.106","port":443,"asn":15169,"as":"GOOGLE","country":"The Netherlands","country_code":"NL"},"domain_registered":"2016-07-15","domain_rank":4975314,"first_seen":"2017-11-22T19:54:51Z","last_seen":"2025-11-05T21:49:50.325332Z","alert_count":0,"request_count":1,"received_data":568,"sent_data":577,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":null,"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"tappx.go2affise.com/click?pid=759\u0026offer_id=432282\u0026sub1=691050f8ad6ab16da92177b6\u0026sub2=10078367_7774508_5279024","fqdn":"tappx.go2affise.com","domain":"go2affise.com","tld":"com"},"ip":{"addr":"35.214.172.106","port":443,"asn":15169,"as":"GOOGLE","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-09T08:29:44.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.go2affise.com","organization":""},"issuer":{"commonName":"Go Daddy Secure Certificate Authority - G2","organization":"GoDaddy.com, Inc."},"validity":{"start":"Thu, 24 Oct 2024 13:54:17 GMT","end":"Tue, 25 Nov 2025 13:54:17 GMT"},"fingerprint":{"sha1":"D6:76:9A:D5:77:E7:64:EB:6E:FD:91:8B:F1:7B:9E:32:A4:85:12:02","sha256":"A4:C1:54:88:1A:75:EE:D1:88:20:07:E3:7A:9B:58:82:DA:5D:DE:7E:C0:09:E3:D9:DE:1A:42:65:59:9D:4D:0A"}}},"request":{"raw":"GET /click?pid=759\u0026offer_id=432282\u0026sub1=691050f8ad6ab16da92177b6\u0026sub2=10078367_7774508_5279024 HTTP/1.1\r\nHost: tappx.go2affise.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: nginx\r\ndate: Sun, 09 Nov 2025 08:29:45 GMT\r\ncontent-length: 0\r\nlocation: https://881.lkadtrack006.date/adserver/delivery/click.php?site_id=72016\u0026aff_sub=691050f90481b600015a33ae\u0026source=759_10078367_7774508_5279024\r\nx-adjust-use-original-forwarded-for: 1\r\nset-cookie: afclick=691050f90481b600015a33ae; expires=Mon, 09 Nov 2026 08:29:45 GMT; secure; SameSite=None\nafoffers={\"432282\":[1762676985,1]}; expires=Mon, 09 Nov 2026 08:29:45 GMT; secure; SameSite=None\r\naccess-control-allow-credentials: true\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T15:47:04.335959Z","times_seen":13382140,"resource_available":true,"data":null}},"time_used":2158,"timings":{"blocked":1068,"dns":11,"connect":19,"send":0,"wait":22,"receive":0,"ssl":1034},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"881.lkadtrack006.date/adserver/delivery/click.php?site_id=72016\u0026aff_sub=691050f90481b600015a33ae\u0026source=759_10078367_7774508_5279024","fqdn":"881.lkadtrack006.date","domain":"lkadtrack006.date","tld":"date"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-09T08:29:45.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lkadtrack006.date","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Sep 2025 04:12:11 GMT","end":"Fri, 12 Dec 2025 21:50:12 GMT"},"fingerprint":{"sha1":"70:A7:F3:1C:E8:94:6C:7E:7B:62:BA:CD:38:B4:40:93:95:A8:95:D1","sha256":"8E:9B:9D:9E:44:F0:7C:2A:AB:AF:31:07:B0:2E:C4:7D:2E:27:41:DA:2D:46:60:0A:5A:D7:65:4D:97:5A:C5:2D"}}},"request":{"raw":"GET /adserver/delivery/click.php?site_id=72016\u0026aff_sub=691050f90481b600015a33ae\u0026source=759_10078367_7774508_5279024 HTTP/1.1\r\nHost: 881.lkadtrack006.date\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 09 Nov 2025 08:29:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IfA9ESGOgl5oj1pOeWrdmwXxLkcm84dCVxj%2Fy9Itr33dqQM75GjXMltnZy9vl%2Fj0tbHA4kd6SGBL5ypD5nmst4lpDiRr%2FSU8HXKZMOgVbc%2B6%2BxI%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 99bbf1b58de20b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":20,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text","md5":"bb9e3c4ac2abbd86f57dc81d7a10a7d8","sha1":"98bbc2b7f8bef80f0043cc07324100ecf1b7e074","sha256":"991c3d5d1f0960b405473a9866e5fee1ef39c57e5429aed88afc4f412651921c","sha512":"415ca49b7900c3bf8ab25c778cc347c571c87409336f39e48df0820a3e8723961cd729281191a5ad4fee0d27d64b3e7193dc1c216bc610b8d4670d002500f83e","ssdeep":"","tlshash":"967000a38000800088c0208000cb800a02b0000200200008f000b002c8a0888a003020","first_seen":"2025-09-20T21:40:46.638361Z","last_seen":"2026-01-04T12:04:53.337814Z","times_seen":24,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":55,"dns":34,"connect":1,"send":0,"wait":193,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"881.lkadtrack006.date/favicon.ico","fqdn":"881.lkadtrack006.date","domain":"lkadtrack006.date","tld":"date"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://881.lkadtrack006.date/adserver/delivery/click.php?site_id=72016\u0026aff_sub=691050f90481b600015a33ae\u0026source=759_10078367_7774508_5279024","date":"2025-11-09T08:29:45.630Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"lkadtrack006.date","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 14 Sep 2025 04:12:11 GMT","end":"Fri, 12 Dec 2025 21:50:12 GMT"},"fingerprint":{"sha1":"70:A7:F3:1C:E8:94:6C:7E:7B:62:BA:CD:38:B4:40:93:95:A8:95:D1","sha256":"8E:9B:9D:9E:44:F0:7C:2A:AB:AF:31:07:B0:2E:C4:7D:2E:27:41:DA:2D:46:60:0A:5A:D7:65:4D:97:5A:C5:2D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: 881.lkadtrack006.date\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://881.lkadtrack006.date/adserver/delivery/click.php?site_id=72016\u0026aff_sub=691050f90481b600015a33ae\u0026source=759_10078367_7774508_5279024\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Sun, 09 Nov 2025 08:29:45 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nserver: cloudflare\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\npriority: u=6,i=?0\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=9vHZ910dUM9%2Fxh6ccxsniwL3651F2hvW4XuhRUEYZFKNwHTeOT5gB3KfOTH9qbVUNU5JWOmZCdfIAQXVI%2BELJpwHGZ8kb2uJVsU0cT75hCZYTHw%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 99bbf1b83fb10b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":196,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"62962daa1b19bbcc2db10b7bfd531ea6","sha1":"d64bae91091eda6a7532ebec06aa70893b79e1f8","sha256":"80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880","sha512":"9002a0475fdb38541e78048709006926655c726e93e823b84e2dbf5b53fd539a5342e7266447d23db0e5528e27a19961b115b180c94f2272ff124c7e5c8304e7","ssdeep":"","tlshash":"c0d0129e9183638b442225907ac211d2654d13a6b87645e82d82a48a951857dc5ca69d","first_seen":"2023-03-07T12:06:54Z","last_seen":"2026-04-05T14:56:24.943802Z","times_seen":90180,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":180,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tracking.insta-tool.net/66b62f283d6373156310028c?sub1=10078367\u0026sub2=7774508\u0026sub3=5279024\u0026sub4=colttechnologyservicesgrouplimited\u0026sub5=24753652\u0026sub6=DE\u0026sub7=high\u0026sub8=\u0026sub9=android13\u0026sub10=samsung\u0026sub11=de\u0026ref_id=1011302367599013889\u0026cost=0.000000","fqdn":"tracking.insta-tool.net","domain":"insta-tool.net","tld":"net"},"ip":{"addr":"88.198.75.39","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-09T08:29:43.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tracking.insta-tool.net","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sun, 21 Sep 2025 13:15:15 GMT","end":"Sat, 20 Dec 2025 13:15:14 GMT"},"fingerprint":{"sha1":"7F:86:16:D5:78:CA:DB:E4:04:78:2E:2D:46:A4:2F:02:79:22:24:CB","sha256":"21:01:02:BB:6E:7F:A7:68:51:9F:BA:44:8D:DC:EF:AB:6B:0B:15:10:7F:1B:BE:C9:97:BA:D5:B4:AB:7A:30:31"}}},"request":{"raw":"GET /66b62f283d6373156310028c?sub1=10078367\u0026sub2=7774508\u0026sub3=5279024\u0026sub4=colttechnologyservicesgrouplimited\u0026sub5=24753652\u0026sub6=DE\u0026sub7=high\u0026sub8=\u0026sub9=android13\u0026sub10=samsung\u0026sub11=de\u0026ref_id=1011302367599013889\u0026cost=0.000000 HTTP/1.1\r\nHost: tracking.insta-tool.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nContent-Type: text/html; charset=utf-8\r\nContent-Length: 152\r\nConnection: keep-alive\r\nLocation: https://tappx.go2affise.com/click?pid=759\u0026offer_id=432282\u0026sub1=691050f8ad6ab16da92177b6\u0026sub2=10078367_7774508_5279024\r\nReferer: \r\nReferrer-Policy: no-referrer\r\nSet-Cookie: redcmps=W3siaWQiOiI2NmI2MmYyODNkNjM3MzE1NjMxMDAyOGMiLCJ0IjoiMjAyNS0xMS0wOVQwODoyOTo0NC4wMzc3MjYxNDFaIn1d; Path=/; Domain=tracking.insta-tool.net; Expires=Mon, 10 Nov 2025 08:29:44 GMT; Secure; SameSite=None\nredhash=NjkxMDUwZjhhZDZhYjE2ZGE5MjE3N2I2fDB8NjZiNjJmMjgzZDYzNzMxNTYzMTAwMjhjfHxmN2Y4YThiYS1jYTc5LTQwN2YtODJlMy0xNDBiM2EwYmE3OTB8MTc2MjY3Njk4NA==; Path=/; Domain=tracking.insta-tool.net; Expires=Mon, 09 Nov 2026 08:29:44 GMT; Secure; SameSite=None\r\nDate: Sun, 09 Nov 2025 08:29:44 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\nX-Kong-Upstream-Latency: 24\r\nX-Kong-Proxy-Latency: 8\r\nX-Kong-Request-Id: d7a45d41bc483723b0992505c8a23f31\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":20,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-05T15:47:04.335959Z","times_seen":13382140,"resource_available":true,"data":null}},"time_used":398,"timings":{"blocked":168,"dns":88,"connect":29,"send":0,"wait":62,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"tracking.insta-tool.net","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-11-09","alert":"Sinkholed","trigger":"tracking.insta-tool.net","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}