{"report_id":"4af585f6-d7f7-4407-a06e-ed5358d7c463","version":6,"status":"done","tags":[],"date":"2026-05-08T10:43:30Z","url":{"schema":"http","addr":"gefyx.jonsoutreach.com/","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":0,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"final":{"url":{"schema":"https","addr":"www.jonsoutreach.com/","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"title":"俄罗斯世界杯_2026世界杯赛程表全图_世界杯预选赛_狐狸直播","dom":{"size":117194,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5717)","md5":"888127c803c6669ad51c4aa2ddf6b273","sha1":"b05df85d349a3c62914ecd0ed443421c722258bd","sha256":"6dd302d8e61a24f2b6be31f7839ececf459514afe4a05f5f70e99d20d4ab2a69","sha512":"ffe1cd912486e604915732ffd118e591bc0a240ecff06c0de10bda64ccb4d124569b1b13478aa99b111bbf2d898520ef76a4eaf0ba0e5afa018136dec2d363ef","ssdeep":"1536:cFg0HB2Qntz2QpTLQHsnz2QpWpTLQHTaPVhaAgMOjN:OXnKPOp","tlshash":"6db332e021e0197e442786ea787abf9b7ee1f40fe6416034752d2e4a5fc9e324906fc5","dom_hash":"domhashdb6084a5f76c03b3f81ccaedd9e32ea3","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"gefyx.jonsoutreach.com/","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":0,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-12T10:43:30Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"pc28yc.cc","ip":{"addr":"172.67.148.129","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-06-09","domain_rank":0,"first_seen":"2023-06-26T18:43:25Z","last_seen":"2026-05-01T11:30:14.194727Z","alert_count":0,"request_count":1,"received_data":579,"sent_data":432,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.jonsoutreach.com","ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-12-24","domain_rank":0,"first_seen":"2026-04-30T14:43:14.607239Z","last_seen":"2026-04-30T14:43:14.607239Z","alert_count":20,"request_count":20,"received_data":960609,"sent_data":20680,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"gefyx.jonsoutreach.com","ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"domain_registered":"2024-12-24","domain_rank":0,"first_seen":"2026-05-08T10:43:31.616852Z","last_seen":"2026-05-08T10:43:31.616852Z","alert_count":17,"request_count":17,"received_data":559257,"sent_data":10599,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"www.jonsoutreach.com/jquery1.11.3.min.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"ef3d5fb2358872750b0655941fb0a9a5","sha1":"b661751c7aa065e2e159df6103bca974b1111409","sha256":"ce32707c0d679b8ed56b5dc8c498e1b1667e5b1905b8aeff42151e3f6667d73d","sha512":"c137085a0151bbe316526d971ca8b367894838428b29f737bdf93ab2534f6484e34024380eab1c0959ecc2be7b3c6a634712df5ff11c974167651e63fbe7a24c","ssdeep":"1536:zP10iSi65U/dXXeyhzeBuG+HYE0WEeLzFoNqLTW8+S5VRZIVI6xSb8Ch2ZbQnRmS:q+41VqLTW8xRrqSb8dGH77da98Hr3","tlshash":"1693d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","size":95960,"data":"","first_seen":"2023-03-07T12:26:02Z","last_seen":"2026-05-08T12:53:48.147936Z","times_seen":898,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/ad.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"bba4010b7d7d8e047af1d8b38b36ba74","sha1":"bcc2b5646e7d4f8bf7735ddf8a15384bdfd86827","sha256":"acb8514c95edcb669a5c5019b15693ef09be665eea719e5b423155cdd8cb6ad8","sha512":"b53f8bb8841c155c22f928a98ea7a49717a7d80f3f8900288a76dcbf61ac2f87c53cff510c9eba0ede2b770b6f20fe17a9ee53d6a4c91a614c9f7e8d54d14f22","ssdeep":"","tlshash":"f4f0ec2303a0210d813550ddcab1dd5c745b5529cb8a4cd6d5f3765eb247e415c796fc","size":447,"data":"","first_seen":"2023-10-15T17:16:33Z","last_seen":"2026-05-08T10:43:36.684345Z","times_seen":341,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/js/jquery.min.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"4dc834d16a0d219d5c2b8a5b814569e4","sha1":"4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9","sha256":"91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef","sha512":"6fbec4785a21520fa623d1a151c6c8b64baa1321ac6918a127bcfc22e49ec2e3bcd161af9c237bd5c70bc4046eb12cf434563f86cbdc9876eb67fb2dea87034b","ssdeep":"1536:EPEkjP+iADIOr/NEe876nmBu3HvF38sEeL8FoqqhJ7SerN5wVI+xcBpPv7E+nzmN:bNMzqhJvN32cBd7M6Whca98Hr4","tlshash":"2f93c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","size":95790,"data":"","first_seen":"2023-03-07T01:03:42Z","last_seen":"2026-05-08T12:48:19.364818Z","times_seen":5906,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":true,"md5":"03c3e822b2514fe1bd9be1a6ee03fac5","sha1":"84f2fcec257dc7a45aab19b6d1d7e86760dfd646","sha256":"5c2260ea45cdbbcf874ee23227db8a601ddb50afb3b85748d20aa05ed3047d81","sha512":"496df00f0dc978e11945f8a9d3190af1207bc1bc4ca2f75f125826753385194c0ad9f0b8908295759051ad2425dce1cdc411e97d890d1e17df131f48b1fa8a4d","ssdeep":"","tlshash":"fd217a04f19299f110f7357a597e52405d10884bc30edea8f8ae69e0cfdd018793676b","size":1127,"data":"","first_seen":"2025-09-25T18:48:42.082334Z","last_seen":"2026-05-08T10:43:36.68545Z","times_seen":27,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/js/swiper.min.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c4358cb63a4b96c5d71a2fb630871f30","sha1":"be3b7d9d5bbd680d035f768345778d84eb08fe23","sha256":"c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229","sha512":"35a85c90dfa0ac1e9f4b1bb7bd074a8b20baf6cc235bafb16148da3d55931ad46e89af33508970da09208e166601df250040841d5dc7742b9d6ab9c065a5a467","ssdeep":"3072:U79yoiRfIBB4G+yMwoSpADH79cVOJjBqcxN:k9ytlByMwoSpADH79cVOJjBqcL","tlshash":"9dd3188db354b2e151e72256539ed10263b65845b80ac1a470b68cd7acbde8c03bfefd","size":139961,"data":"","first_seen":"2023-03-07T12:20:59Z","last_seen":"2026-05-08T10:43:36.677391Z","times_seen":3909,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/main.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"c02e946fe528329cbd6a7377e12d4566","sha1":"570790a9b79df546ce021088e1e68bbd511f2a43","sha256":"26fabe452b0cd62327c2f5139c56173703a035442dd890565af1e72a8864cb84","sha512":"94deb8d40d3c42fe925d5bd7cbb2e95aea655afae26c53a7ba2793d9f2e2fccd9582ceec5ef120cc68d22efdeaf5019e243cf64d867a975e58bbd134d14d3f81","ssdeep":"96:gGKupQHToU8oMLLXlHPX58m1pw/WCytfOxH766wyJIT0OyQxkMzC7QvA5mmIzJ1L:gGFQHTqoSPXT1prCytWxyyJIT0OyLJmX","tlshash":"bfc11bb6713d967302df27333175a38972321098159f824440ad8a25133ceaeb5f7fd4","size":5791,"data":"","first_seen":"2025-12-29T02:55:37.254872Z","last_seen":"2026-05-08T11:13:12.773142Z","times_seen":654,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/tool.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"introduction_type":"scriptElement","is_inline":false,"md5":"9483013283a30b292c7843d91bdec6d8","sha1":"6dd6606f6823b8cff78296954d685a4eeefd5420","sha256":"d7d9123b6b6aef669fe6656af58338a35191af0198294ae7493a79a1d8114d84","sha512":"a5e1acf6eb200da72c405f89f608187831cc159b5ba1690b5c57baa83e3e96a2fa8fcbf743b019070a134bf78c19c4246b16c4ede1229075a2f9e8f682568b27","ssdeep":"","tlshash":"faf0c04a374adcfa412305a953e7280b4472bab72c45da57738fd3c04f5e41cd521726","size":584,"data":"","first_seen":"2025-06-20T17:12:48.877833Z","last_seen":"2026-05-08T10:43:36.67685Z","times_seen":331,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"147a2cc06d7f988c25a1f7c180ee1f83","sha1":"b4e2ec941ae3e173bccec4126f42bb167e054016","sha256":"134170af9e89f142a1ac004c6c1859add4a1e32309591e576d656937c53c34af","sha512":"43db6aad0e3fbaf689e74494102e0e3ab7d574537d0195226044a6a9e23f657b5e984c56ded1929ff504dd028028f6e5f6689965456fb12771f7de123267c780","ssdeep":"","tlshash":"8ee0e52303a0210e812960ddcab19d5ca4476619cb8a8cd6d5f3729eb206a41ac7a2fc","size":428,"data":"","first_seen":"2023-10-15T17:16:33Z","last_seen":"2026-05-08T10:43:36.685994Z","times_seen":340,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"console":null},"http":[{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/images/arrow-down.png","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/images/arrow-down.png HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 282\r\nlast-modified: Thu, 21 Jul 2022 02:56:56 GMT\r\netag: \"62d8c078-11a\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":282,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit colormap, non-interlaced","md5":"c16b333252d0b762152ca64ac40f41df","sha1":"137b08aeb249f793cbddb47358b2438d6292e9db","sha256":"325beef7aeec96b06bdeb66424bafd6a1352916ea6f98dd4b24f3ebb63698437","sha512":"08cc6ea0f2d7a0e13ccd69bdf99a4b40fcf9555ca318146f030dad0f7cf016e51cf3c1235b2ee2b3197e6fc296f16d0ad7244d337c982215d37473a0fcb2a7ec","ssdeep":"","tlshash":"d2d02ec634cbae20ed46ba9f224835036d128644b6a03dc3f38187238a32100c8a0381","first_seen":"2025-09-25T18:48:42.064487Z","last_seen":"2026-05-08T10:43:36.669656Z","times_seen":27,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":537,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/notimg.png","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /notimg.png HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 185586\r\nlast-modified: Sun, 30 Jul 2023 13:02:04 GMT\r\netag: \"64c65f4c-2d4f2\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":185586,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1064 x 784, 8-bit/color RGBA, non-interlaced","md5":"a3f7bdaf5881d30ac11d3b2b5444bc6a","sha1":"bc8cb6d16236e81c9db50f9db5948ea3941c5a70","sha256":"8df089006ba2fb9506b48c25f956595626f794a398588337565c585acdaa2e74","sha512":"a7587c77328ce46799ff56dc0457c6822a22d5a81f827d6a47a4c300f6e9f28d236e726d78531e0b4ea24a743220afe0d9b165d2c921c995ff382399f37f6d87","ssdeep":"3072:J2I0xnGzf8Zxf/xcVtWAsxyzXz9GZSZ0dqwRaCag6+qVy3GYyoHBhXMriYJ:te4EZxf/xcVtWIr1mQWnkuYJ","tlshash":"3404126b7708337af101fb17475cc2ba2169b95a325a3f78373253d198e69e20fb4609","first_seen":"2024-07-26T06:56:35Z","last_seen":"2026-05-08T10:43:36.670288Z","times_seen":327,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":536,"receive":126,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/xess/xess.min.css?cachebuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:08.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/xess/xess.min.css?cachebuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:08 GMT\r\ncontent-type: text/css; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":194738,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a9e69d61c3045b743c78ea21f2b93311","sha1":"7175e89fc9d4adfb0fc9e157986e2002ba257de0","sha256":"53a8bc5522ae89ec349b798a66d8ea4e601eaafb3d7f3799164d449043cd3326","sha512":"576600c79e223d573d256503c0648ca1febac48e4ef2ef8c57f49e88d96ca40689bf866bdbd561e9817851b3439a1d8f869e9d025d5d08445c64369593ceaebb","ssdeep":"3072:bT/CnLcADCsqeTsgEnWqKmuY40Vv6lo+64dGObyzO/k9IlU0wixc9gtrbNd3Z/k4:bunLcIUeT/EnImT0oopmzO+WU0wDQrbF","tlshash":"4f1412e02c7a784740b86ff660aff41f3d2d9ae1c644327b8c6a56f60a51b5705231b7","first_seen":"2025-05-27T00:00:30.01608Z","last_seen":"2026-05-08T10:43:36.670879Z","times_seen":694,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":246,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:09.988Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":7378,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5951)","md5":"a02fea9652fbaf3a7ec9ea444605e22b","sha1":"9fc8c7107b662d9f88eea4de042ca9e96845f6fc","sha256":"b78b9a584956e9b8cc79241a0b88b820f3bad3ad1a94114a972651f545d815ec","sha512":"a4b24ddd3460d522aced7cc6e2a2109d0bbed16ea551ea24d28a51f09746d8444cfb6e688f334f0c5e96674598bb8ba0d7cd1df033e7939e549f38dcfc4513fc","ssdeep":"192:gGFQHTqoN60k88kjMvvGgDVeQ0a4NieGghLdWJ+:gGF6qoNg8RAvGgDVZQNiLghLdWA","tlshash":"6be129c4ba95623043db62b240eb8c8fa23ea434350d045cb529e9f63575c6d867bfb9","first_seen":"2025-09-19T08:25:05.601775Z","last_seen":"2026-05-08T10:43:36.671381Z","times_seen":601,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/api/pass-challenge?id=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\u0026response=007002fbfb4ff87cbe637ec15776f30b2d899db08df6861d3f08443a9adfa32b\u0026nonce=1058\u0026redir=https%3A%2F%2Fgefyx.jonsoutreach.com%2F\u0026elapsedTime=420","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-08T10:43:10.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/api/pass-challenge?id=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\u0026response=007002fbfb4ff87cbe637ec15776f30b2d899db08df6861d3f08443a9adfa32b\u0026nonce=1058\u0026redir=https%3A%2F%2Fgefyx.jonsoutreach.com%2F\u0026elapsedTime=420 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncontent-length: 54\r\nlocation: https://gefyx.jonsoutreach.com/\r\nset-cookie: techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw; Path=/; Domain=jonsoutreach.com; Expires=Fri, 08 May 2026 10:53:10 GMT; Secure; SameSite=None\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115684,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T12:53:20.27382Z","times_seen":14838021,"resource_available":true,"data":null}},"time_used":392,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":392,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/js/jquery.min.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/js/jquery.min.js HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 21 Jul 2022 02:56:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d8c07a-1762e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":95790,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32086), with CRLF line terminators","md5":"4dc834d16a0d219d5c2b8a5b814569e4","sha1":"4fbe0563917d6f6289e4e1b4a0a8758e4e43bda9","sha256":"91222f96f34735ebc88df208017e54d4329b9202e3e52367fb8b149698a1a5ef","sha512":"6fbec4785a21520fa623d1a151c6c8b64baa1321ac6918a127bcfc22e49ec2e3bcd161af9c237bd5c70bc4046eb12cf434563f86cbdc9876eb67fb2dea87034b","ssdeep":"1536:EPEkjP+iADIOr/NEe876nmBu3HvF38sEeL8FoqqhJ7SerN5wVI+xcBpPv7E+nzmN:bNMzqhJvN32cBd7M6Whca98Hr4","tlshash":"2f93c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","first_seen":"2023-03-07T01:03:42Z","last_seen":"2026-05-08T12:48:19.364818Z","times_seen":5906,"resource_available":true,"data":null}},"time_used":665,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":665,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"pc28yc.cc/ad/1.gif","fqdn":"pc28yc.cc","domain":"pc28yc.cc","tld":"cc"},"ip":{"addr":"172.67.148.129","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pc28yc.cc","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 05 May 2026 10:15:13 GMT","end":"Mon, 03 Aug 2026 11:13:46 GMT"},"fingerprint":{"sha1":"94:05:92:1A:64:21:6B:C6:D5:75:0E:AE:F9:EE:AB:08:03:B7:70:AD","sha256":"6A:9C:76:56:4E:6E:5B:EE:68:CE:CF:E7:9E:C0:80:35:E1:AA:20:09:82:C0:17:78:BF:69:A0:E6:59:BC:C7:E2"}}},"request":{"raw":"GET /ad/1.gif HTTP/1.1\r\nHost: pc28yc.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.jonsoutreach.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Fri, 08 May 2026 10:43:13 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Ceo8ZV8mGBAtZNG2ZMUiu3heGW9YkbAUXnPY04dEszNkPYaXmP4sYP0AE4wg4GHZ296GdG3%2FtCqConnM%2BLDpQbKXsy4nh3fPI%2FwEfLe21Ynbv1cNgqowrIVLL50%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9f87dcaf3b715693-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T12:53:20.27382Z","times_seen":14838021,"resource_available":true,"data":null}},"time_used":1858,"timings":{"blocked":84,"dns":51,"connect":1,"send":0,"wait":1688,"receive":0,"ssl":27},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/img/pensive.webp?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:08.674Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/img/pensive.webp?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 28904\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28904,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"889699cb1bfa4f9aa658f3e3905bf4fd","sha1":"7b6be940864db4ab2a617804a4d814a0a1a2a899","sha256":"4f11b78f18a8306296d8f1dedc9a80ee7c6971aee8c3ec761546ee8e555ce3c5","sha512":"fc021497cfecbf7f11d7346f1834f492c84dcd4e48b802acc0ff2db5712b969f518b476c9b9bab6392d48fbdd3d2f068d604dd1c927767c371d6f95c5b409bd7","ssdeep":"768:X+W834bZmMeB+a2XtKpk7C7XWI6t25vvVs6VtaLf4jfw:X+W5mpB92XtSk7DIXVPVAco","tlshash":"72d2e136ad65a038cbe56e0bc9c3de778c0fc16c5ad6cea85b204ae4d02c3d76a57514","first_seen":"2025-04-14T12:39:56.201646Z","last_seen":"2026-05-08T10:43:36.673128Z","times_seen":721,"resource_available":false,"data":null}},"time_used":937,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":846,"receive":91,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:10.001Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7378,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5951)","md5":"a02fea9652fbaf3a7ec9ea444605e22b","sha1":"9fc8c7107b662d9f88eea4de042ca9e96845f6fc","sha256":"b78b9a584956e9b8cc79241a0b88b820f3bad3ad1a94114a972651f545d815ec","sha512":"a4b24ddd3460d522aced7cc6e2a2109d0bbed16ea551ea24d28a51f09746d8444cfb6e688f334f0c5e96674598bb8ba0d7cd1df033e7939e549f38dcfc4513fc","ssdeep":"192:gGFQHTqoN60k88kjMvvGgDVeQ0a4NieGghLdWJ+:gGF6qoNg8RAvGgDVZQNiLghLdWA","tlshash":"6be129c4ba95623043db62b240eb8c8fa23ea434350d045cb529e9f63575c6d867bfb9","first_seen":"2025-09-19T08:25:05.601775Z","last_seen":"2026-05-08T10:43:36.671381Z","times_seen":601,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/site_logo/hulizb.png","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /site_logo/hulizb.png HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 115483\r\nlast-modified: Wed, 20 Jul 2022 10:11:48 GMT\r\netag: \"62d7d4e4-1c31b\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115483,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 616 x 180, 8-bit/color RGBA, non-interlaced","md5":"adb3aaed8a63f3e1a471983f7558be97","sha1":"2bc9d9a04b51dc5bf0d45722c4640c95de30dfea","sha256":"227c6173ae2fbf94345fd77bb96b51466ce7b9b5039e1ee4c781b840363927ed","sha512":"df739676e9af26737b24c9bf6fc3b98953619476fee89b8b17b840370417169ed94c2f0344dd934e1a72575c7f82bd9c375ac3bacbf3675ba268b26dec833d1b","ssdeep":"1536:3nhDposr2fC5HaR2XVr/r+NdF6OIcFo/N2jHn+Xke6Z2OnKgx0E28iJU7rSjqskw:3hlosr2z2XVrhOnsu+REJW8Q/BY7k8g","tlshash":"efb3126d7ec0842dee24a60ff1411f9339be5831d156c9262ef996a628e0b74433e3cc","first_seen":"2026-04-30T14:43:17.161656Z","last_seen":"2026-05-08T10:43:36.673663Z","times_seen":8,"resource_available":false,"data":null}},"time_used":542,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":463,"receive":79,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/images/footer-logo.png","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/images/footer-logo.png HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 11303\r\nlast-modified: Thu, 21 Jul 2022 02:56:58 GMT\r\netag: \"62d8c07a-2c27\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11303,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 160 x 160, 8-bit/color RGBA, non-interlaced","md5":"095aec94f99fde05ecdf3f0c7c31330d","sha1":"11e9094b15de58deb1423251de94f963d339be6e","sha256":"0e248bcc808f9b4eb428b54d88f525111a2c7e69d3162c839d9fbfa0028edf4b","sha512":"43a168f5d0b7e5bee0411dc70b095c555ca91cb25bc87e255314985b1935e296fd76a4666e0998207e903fba973aad2c943c457fe87804fafd2505429c93909c","ssdeep":"192:wL6ch3gfdvfGkVI4pfL2VO7J353LbNnwnIquRlGMI2vJhID2fp:wLvh3glGk3ZL17V53LennuRlGH0ICx","tlshash":"bc32bd249c13dc9a61f67decdea63142535b438a11fcd9a014b2b861f8a4b7d6043b9e","first_seen":"2025-09-25T18:48:42.071949Z","last_seen":"2026-05-08T10:43:36.674167Z","times_seen":27,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":663,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan//css_image/fontawesome-webfont.woff2?v=4.7.0","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.803Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan//css_image/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://www.jonsoutreach.com/theme/ladan/css/font-awesome.min.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 77160\r\nlast-modified: Thu, 21 Jul 2022 02:56:54 GMT\r\nvary: Accept-Encoding\r\netag: \"62d8c076-12d68\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-05-08T12:51:54.02525Z","times_seen":458748,"resource_available":true,"data":null}},"time_used":860,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":431,"receive":429,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/favicon.ico","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:12.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:12 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nstrict-transport-security: max-age=63072000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"597ba0d4396e9c906225140ce907092c","sha1":"28ae2ba65ccdb583d79f85b8cc9509fae697493b","sha256":"ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6","sha512":"8898f14bd6cb5c72d6ee5878af3700be6d03b56a5a21a3d58ef347f008acf4ac68a46a908903e1d42999c1e259e77d7df686c94765865ae07361b2c4e04adf2c","ssdeep":"","tlshash":"18c02b2d24137c0c8663307636c37050c1978337a67e10210400805330cf1998ac33af","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-05-08T12:36:27.661467Z","times_seen":34596,"resource_available":true,"data":null}},"time_used":378,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":378,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:09.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":7378,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5951)","md5":"a02fea9652fbaf3a7ec9ea444605e22b","sha1":"9fc8c7107b662d9f88eea4de042ca9e96845f6fc","sha256":"b78b9a584956e9b8cc79241a0b88b820f3bad3ad1a94114a972651f545d815ec","sha512":"a4b24ddd3460d522aced7cc6e2a2109d0bbed16ea551ea24d28a51f09746d8444cfb6e688f334f0c5e96674598bb8ba0d7cd1df033e7939e549f38dcfc4513fc","ssdeep":"192:gGFQHTqoN60k88kjMvvGgDVeQ0a4NieGghLdWJ+:gGF6qoNg8RAvGgDVZQNiLghLdWA","tlshash":"6be129c4ba95623043db62b240eb8c8fa23ea434350d045cb529e9f63575c6d867bfb9","first_seen":"2025-09-19T08:25:05.601775Z","last_seen":"2026-05-08T10:43:36.671381Z","times_seen":601,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/images/arrow-up.png","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/images/arrow-up.png HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 284\r\nlast-modified: Thu, 21 Jul 2022 02:56:56 GMT\r\netag: \"62d8c078-11c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":284,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 24 x 24, 8-bit colormap, non-interlaced","md5":"ee44ef63bd89585dbf7eff68ee951941","sha1":"cd1ec8d20146af78205de6d284aa0898901d3a19","sha256":"98b3aaaf8e2c7a3901383759c718c02f4f30a850e6623de61eea1fd5a4ae272e","sha512":"fce65c478c17cbffea65823f95a9564295451f2bcc05c709f59e3b5a4f7ba272a5e53acd10fd7e9f426226b849fcc534d10089f1d09706b56670c1101bc802f2","ssdeep":"","tlshash":"33d02ed6768aec24fc1bb2af12812323ac228014aa127e43f3d1c3035a32111a1a1341","first_seen":"2025-09-25T18:48:42.053658Z","last_seen":"2026-05-08T10:43:36.675773Z","times_seen":27,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":534,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:10.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7378,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5951)","md5":"a02fea9652fbaf3a7ec9ea444605e22b","sha1":"9fc8c7107b662d9f88eea4de042ca9e96845f6fc","sha256":"b78b9a584956e9b8cc79241a0b88b820f3bad3ad1a94114a972651f545d815ec","sha512":"a4b24ddd3460d522aced7cc6e2a2109d0bbed16ea551ea24d28a51f09746d8444cfb6e688f334f0c5e96674598bb8ba0d7cd1df033e7939e549f38dcfc4513fc","ssdeep":"192:gGFQHTqoN60k88kjMvvGgDVeQ0a4NieGghLdWJ+:gGF6qoNg8RAvGgDVZQNiLghLdWA","tlshash":"6be129c4ba95623043db62b240eb8c8fa23ea434350d045cb529e9f63575c6d867bfb9","first_seen":"2025-09-19T08:25:05.601775Z","last_seen":"2026-05-08T10:43:36.671381Z","times_seen":601,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/main.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:08.677Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/main.mjs?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:08 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5791,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (4373)","md5":"c02e946fe528329cbd6a7377e12d4566","sha1":"570790a9b79df546ce021088e1e68bbd511f2a43","sha256":"26fabe452b0cd62327c2f5139c56173703a035442dd890565af1e72a8864cb84","sha512":"94deb8d40d3c42fe925d5bd7cbb2e95aea655afae26c53a7ba2793d9f2e2fccd9582ceec5ef120cc68d22efdeaf5019e243cf64d867a975e58bbd134d14d3f81","ssdeep":"96:gGKupQHToU8oMLLXlHPX58m1pw/WCytfOxH766wyJIT0OyQxkMzC7QvA5mmIzJ1L:gGFQHTqoSPXT1prCytWxyyJIT0OyLJmX","tlshash":"bfc11bb6713d967302df27333175a38972321098159f824440ad8a25133ceaeb5f7fd4","first_seen":"2025-12-29T02:55:37.254872Z","last_seen":"2026-05-08T11:13:12.773142Z","times_seen":654,"resource_available":true,"data":null}},"time_used":858,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":858,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:10.004Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7378,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5951)","md5":"a02fea9652fbaf3a7ec9ea444605e22b","sha1":"9fc8c7107b662d9f88eea4de042ca9e96845f6fc","sha256":"b78b9a584956e9b8cc79241a0b88b820f3bad3ad1a94114a972651f545d815ec","sha512":"a4b24ddd3460d522aced7cc6e2a2109d0bbed16ea551ea24d28a51f09746d8444cfb6e688f334f0c5e96674598bb8ba0d7cd1df033e7939e549f38dcfc4513fc","ssdeep":"192:gGFQHTqoN60k88kjMvvGgDVeQ0a4NieGghLdWJ+:gGF6qoNg8RAvGgDVZQNiLghLdWA","tlshash":"6be129c4ba95623043db62b240eb8c8fa23ea434350d045cb529e9f63575c6d867bfb9","first_seen":"2025-09-19T08:25:05.601775Z","last_seen":"2026-05-08T10:43:36.671381Z","times_seen":601,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":217,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/tool.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /tool.js HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 584\r\nlast-modified: Fri, 13 Jun 2025 02:26:54 GMT\r\netag: \"684b8c6e-248\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":584,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"9483013283a30b292c7843d91bdec6d8","sha1":"6dd6606f6823b8cff78296954d685a4eeefd5420","sha256":"d7d9123b6b6aef669fe6656af58338a35191af0198294ae7493a79a1d8114d84","sha512":"a5e1acf6eb200da72c405f89f608187831cc159b5ba1690b5c57baa83e3e96a2fa8fcbf743b019070a134bf78c19c4246b16c4ede1229075a2f9e8f682568b27","ssdeep":"","tlshash":"faf0c04a374adcfa412305a953e7280b4472bab72c45da57738fd3c04f5e41cd521726","first_seen":"2025-06-20T17:12:48.877833Z","last_seen":"2026-05-08T10:43:36.67685Z","times_seen":331,"resource_available":true,"data":null}},"time_used":463,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":462,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/js/swiper.min.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/js/swiper.min.js HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Thu, 21 Jul 2022 02:56:58 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d8c07a-222b9\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":139961,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65278)","md5":"c4358cb63a4b96c5d71a2fb630871f30","sha1":"be3b7d9d5bbd680d035f768345778d84eb08fe23","sha256":"c26293076ae548cd0614c5946e9c16f34bd7810fd2f63deeaa28df61ce935229","sha512":"35a85c90dfa0ac1e9f4b1bb7bd074a8b20baf6cc235bafb16148da3d55931ad46e89af33508970da09208e166601df250040841d5dc7742b9d6ab9c065a5a467","ssdeep":"3072:U79yoiRfIBB4G+yMwoSpADH79cVOJjBqcxN:k9ytlByMwoSpADH79cVOJjBqcL","tlshash":"9dd3188db354b2e151e72256539ed10263b65845b80ac1a470b68cd7acbde8c03bfefd","first_seen":"2023-03-07T12:20:59Z","last_seen":"2026-05-08T10:43:36.677391Z","times_seen":3909,"resource_available":true,"data":null}},"time_used":727,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":727,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-08T10:43:07.790Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:08 GMT\r\ncontent-type: text/html; charset=utf-8\r\ncache-control: no-store\r\ncontent-encoding: gzip\r\nset-cookie: techaro.lol-anubis-auth=; Path=/; Domain=jonsoutreach.com; Expires=Fri, 08 May 2026 10:42:08 GMT; Max-Age=0; Secure; SameSite=None\ntecharo.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; Path=/; Domain=jonsoutreach.com; Expires=Fri, 08 May 2026 11:13:08 GMT; Secure; SameSite=None\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4443,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2508)","md5":"6ce522ca3d56b7c40f317d37e594bd16","sha1":"10e65e2399ea6edf3eaf3f6e9dd7e77fea1b1c6f","sha256":"9d201d9a478e852f8a09d168a754443f87b302dc6e75b4c1bad733b66161a531","sha512":"684e52d8836fab5417fe3280417aac0d12b82e271ca2306a64760d19adf455b439b0acd86795b780909154847f0e4b7ffc847e3ab4998f08020b2dc22ffb4076","ssdeep":"96:zJaKDlRb9/G070EycCwbqOx2dDbZ4cvEU5rNnFN+qGtuDs/:vlRb9ePEYwu+0Dd4cvNNnBo/","tlshash":"cd91f8439c6ad40e0e834dd176e5a79c376ac0138b06cc187dec65729f86bac46776ec","first_seen":"2026-05-08T10:43:36.677938Z","last_seen":"2026-05-08T10:43:36.677938Z","times_seen":1,"resource_available":true,"data":null}},"time_used":1209,"timings":{"blocked":497,"dns":52,"connect":213,"send":0,"wait":215,"receive":0,"ssl":230},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:10.011Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7378,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5951)","md5":"a02fea9652fbaf3a7ec9ea444605e22b","sha1":"9fc8c7107b662d9f88eea4de042ca9e96845f6fc","sha256":"b78b9a584956e9b8cc79241a0b88b820f3bad3ad1a94114a972651f545d815ec","sha512":"a4b24ddd3460d522aced7cc6e2a2109d0bbed16ea551ea24d28a51f09746d8444cfb6e688f334f0c5e96674598bb8ba0d7cd1df033e7939e549f38dcfc4513fc","ssdeep":"192:gGFQHTqoN60k88kjMvvGgDVeQ0a4NieGghLdWJ+:gGF6qoNg8RAvGgDVZQNiLghLdWA","tlshash":"6be129c4ba95623043db62b240eb8c8fa23ea434350d045cb529e9f63575c6d867bfb9","first_seen":"2025-09-19T08:25:05.601775Z","last_seen":"2026-05-08T10:43:36.671381Z","times_seen":601,"resource_available":false,"data":null}},"time_used":221,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":221,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/tj.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.235Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /tj.js HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 0\r\nlast-modified: Fri, 11 Aug 2023 02:32:50 GMT\r\netag: \"64d59dd2-0\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T12:53:20.27382Z","times_seen":14838021,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/images/column-bg.png","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.258Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/images/column-bg.png HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 1352\r\nlast-modified: Thu, 21 Jul 2022 02:56:58 GMT\r\netag: \"62d8c07a-548\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1352,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 66 x 80, 8-bit/color RGBA, non-interlaced","md5":"af286c5324453d9734092d880a763764","sha1":"0a9c70efff6474485441660eb9ffa0e13d77774f","sha256":"f51a5d9e13fff4683480624a03bd0a6d422980ae8338e1899161e4d7e8a86aa6","sha512":"4fb1e1d0421d044bc2d05753bfdee570677989980602e691af0bf1b95ee5ed5728f657328bab56e6ade9d1b8143b2bd6d115d3579cf8ec6ab2b9227558b947a6","ssdeep":"","tlshash":"af21d5871d5eab1846b3b03343137055282c8ac456b50a25e530cf92339aa85aa4ec6b","first_seen":"2025-06-07T02:24:34.199216Z","last_seen":"2026-05-08T10:43:36.678968Z","times_seen":33,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan//css_image/video-mask.png","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan//css_image/video-mask.png HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/theme/ladan/css/main.css\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: image/png\r\ncontent-length: 3609\r\nlast-modified: Thu, 21 Jul 2022 02:56:54 GMT\r\netag: \"62d8c076-e19\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3609,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced","md5":"59ccc1a88e827c6a029d7f9c8e9a2e3a","sha1":"b4d3a5b5213c39dcce67cde4a4283336cf82a36d","sha256":"898d309484992ae8cbdf59e1c2e0c4e859e67675c6242485b339528804b90929","sha512":"3f5bff99ee0aa7a18b21eff7f6538e703b4849aede855b0f3d7211111ced6711fd5f1456152a2143d7d6f6bdedd75ced7d62387e5871e5153c8ae2416bde99aa","ssdeep":"","tlshash":"9e716c889844481f040e477a3a3bae09066b9bc4d32d2e0cecbe430e8a75cd13d79b69","first_seen":"2025-09-25T18:48:42.079651Z","last_seen":"2026-05-08T10:43:36.679547Z","times_seen":26,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/locales/en.json","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:09.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/locales/en.json HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:09 GMT\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5630,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c56ae0b6f72f0437ca39e0f044f6d518","sha1":"11491b35166ac3fe8e8be27547c5ee8ba5020627","sha256":"1e7bc10f8c46bd794e72a6ba0cb0f3f51d6fb7545958b7d89f9c9ae6dc05b1cb","sha512":"779087d8bf39d3a9928129f6c6b33ffabd64104ec39d626202205e1f355304baaec5902c26e2a31e39ea3c031e042d3479be014b08632115ef28e6762646aacf","ssdeep":"96:iD8r9nFYpVV+qGtsA+XpRV7ZkvRpUDIeqAODR3N5tJxgnXa1BNw:Rr9OVVZBXp/7Zkpq8eEDRntXAqc","tlshash":"1bc1a82bd948112709c202d1a245a6e7bb51ce6b4320371c5b8b612f16de93f8377dfd","first_seen":"2026-02-23T07:27:07.586252Z","last_seen":"2026-05-08T10:43:36.680159Z","times_seen":299,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:10.013Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T12:53:20.27382Z","times_seen":14838021,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/css/font-awesome.min.css","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/css/font-awesome.min.css HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 Jul 2022 02:56:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d8c076-7995\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31125,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (30962)","md5":"a771b2f330253ed7ec530cbbeb8085e4","sha1":"cff3969eb7202a25fb50f98518e8e015101e1217","sha256":"26285459f49a362501ae578ac265dc78a00685e2def58aa3e96dd0618de6a83b","sha512":"fd3ac9d2d49bfc39117de69dd093f6bde39831b36b3ff5dbd3b58c7e4b8936c22a04bcc88fdd7f7dd56e3b48f38cedd39f12034267bb51a62155e6d816e8db55","ssdeep":"384:EHu5yWeTUKW+KlkJ5de2UxDyVfwXUas2l8yQ/8dwmaU8G:Ewlr+Klk3YD+fwXUf2l8yQ/e9vf","tlshash":"40e242e8e54c01d66731c48bff81b36862b6fb3dc5854da9f01f690c29d226522c5fba","first_seen":"2025-09-25T18:48:42.058971Z","last_seen":"2026-05-08T10:43:36.680674Z","times_seen":27,"resource_available":false,"data":null}},"time_used":218,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":218,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/css/common.css","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/css/common.css HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Tue, 01 Aug 2023 05:15:32 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64c894f4-39e9\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":14825,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (14655), with no line terminators","md5":"48e77c2997dd610d1f5b046c0509faa7","sha1":"efa4741cc6b682f16b494ecdaf814aa63ed2bacd","sha256":"fe7353a281547188cdd676ec6b8adfd57e90de82682ba29404e8234b990c3c6b","sha512":"e0895cc5a7c96d366587902c55703f7ff1f65edf907953247a88c01e04be49f4d1d4b842c7586fe7732d527e8ce74010910569bf7bb0fcb9fcb0715fb47d79d4","ssdeep":"192:uxUqAAC60OTmTpbJiCxuiYsm3dPxPAVIn623w+Iwu4ZpHLcnC9y4rz:uMLui52dPxPAVIHz","tlshash":"84620d16a923371ca0034c7ee5940f6e7a767253d30340bef7c0655fc3da694b7a2a95","first_seen":"2025-09-25T18:48:42.075717Z","last_seen":"2026-05-08T10:43:36.681223Z","times_seen":27,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":219,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/css/main.css","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.229Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/css/main.css HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Fri, 04 Aug 2023 04:17:56 GMT\r\nvary: Accept-Encoding\r\netag: W/\"64cc7bf4-c978\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51576,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"461ec5d702a2cb2aa7b53e333a4176d0","sha1":"849df527745f3531f46e224d06b1498059b778f2","sha256":"dc636735679bd656a82393c0510ae16221a7319ac32982a254a8786527664ccb","sha512":"ee4de389945b2c9c6d7c2fa7ba1383ffa403286bb321db937b77283e7f96fbca7e42c1495c52ebd033b3a20f99f04218d9c19262707a7c9c7eab433c73f02be7","ssdeep":"384:+R7q9GzEJffyQ1zyxoSoCrVrx6si4RtWolOC/sYqiwadv5P/9:+/xc4RtWolVXX","tlshash":"7533eb648f13147ab2fa857d77592a4a6e56e033d30b65fdfae0d008c3cc9572261e8d","first_seen":"2025-09-25T18:48:42.080707Z","last_seen":"2026-05-08T10:43:36.681752Z","times_seen":27,"resource_available":false,"data":null}},"time_used":224,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":224,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/theme/ladan/css/swiper.min.css","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /theme/ladan/css/swiper.min.css HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: text/css\r\nlast-modified: Thu, 21 Jul 2022 02:56:54 GMT\r\nvary: Accept-Encoding\r\netag: W/\"62d8c076-2dd6\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11734,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11476)","md5":"29ecc1f70d9f52e23d3489e697b9846a","sha1":"9e68decae0b8db4ed3cbb5f69c7c656a4007f1af","sha256":"42703138aa531999d683be44b3bced16d2227bf24654994e1e39013cd875a43d","sha512":"399bc9fb31afe26b9089be3eb79fa7673d6658a0dc8cc6436166ea826a5a4be0ee03f82743ae7b8cf4c1d40e84ed1b34a2d0598e5ee9b80547c26e78f771b434","ssdeep":"192:FX7zOTOgx9BUSdPBX/M/XCjoFif65W/1mXA8wBLJH8x:FX7zOqgx9BU0m/XCQif65W/1mXA82FHw","tlshash":"6f32f05417403837f3b74f2e46a1e7b59b60cc838a934dadb2c0dd44d6fa8b9221eb95","first_seen":"2025-09-25T18:48:42.070439Z","last_seen":"2026-05-08T10:43:36.682286Z","times_seen":27,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":226,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/favicon.ico","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:09.062Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:09 GMT\r\ncontent-type: text/html\r\ncontent-length: 150\r\nstrict-transport-security: max-age=63072000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":150,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"597ba0d4396e9c906225140ce907092c","sha1":"28ae2ba65ccdb583d79f85b8cc9509fae697493b","sha256":"ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6","sha512":"8898f14bd6cb5c72d6ee5878af3700be6d03b56a5a21a3d58ef347f008acf4ac68a46a908903e1d42999c1e259e77d7df686c94765865ae07361b2c4e04adf2c","ssdeep":"","tlshash":"18c02b2d24137c0c8663307636c37050c1978337a67e10210400805330cf1998ac33af","first_seen":"2023-04-05T14:00:46Z","last_seen":"2026-05-08T12:36:27.661467Z","times_seen":34596,"resource_available":true,"data":null}},"time_used":539,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":539,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-08T10:43:10.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\nx-cache: HIT\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":115684,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (5841), with LF, NEL line terminators","md5":"f1d01f4beb46c0ecad8808a147df6be2","sha1":"72f64c55f43c62691b51a74150125bcc477feac7","sha256":"6579b4d191a87a583cb266fc103baab50c33b860e1f43c142a1cc824fe658db3","sha512":"9f5b7c0b8b479bea5026e2617d6a50add9b0a5068c3584c005b8b6bdd4c4c141801f5ff48bbb0356ce02b53ff97e75410ad60396ac88b06178b8f1b0ab6d9b1e","ssdeep":"1536:LDIxpCHB2WZrvJv7vJuUvJEFvJTWvXYPvz4cvzN/vzeNvz4GvT6rvzoUvzoFvzoQ:XyOh","tlshash":"49b345e421e016be051b86e5b8366bd77ef0f44fe6816034762d2d8a5fd8e324806fc5","first_seen":"2026-05-08T10:43:36.682829Z","last_seen":"2026-05-08T10:43:36.682829Z","times_seen":1,"resource_available":true,"data":null}},"time_used":298,"timings":{"blocked":75,"dns":0,"connect":0,"send":0,"wait":223,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/jquery1.11.3.min.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /jquery1.11.3.min.js HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 13 Jun 2025 02:27:06 GMT\r\nvary: Accept-Encoding\r\netag: W/\"684b8c7a-176d8\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":95960,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32038), with CRLF line terminators","md5":"ef3d5fb2358872750b0655941fb0a9a5","sha1":"b661751c7aa065e2e159df6103bca974b1111409","sha256":"ce32707c0d679b8ed56b5dc8c498e1b1667e5b1905b8aeff42151e3f6667d73d","sha512":"c137085a0151bbe316526d971ca8b367894838428b29f737bdf93ab2534f6484e34024380eab1c0959ecc2be7b3c6a634712df5ff11c974167651e63fbe7a24c","ssdeep":"1536:zP10iSi65U/dXXeyhzeBuG+HYE0WEeLzFoNqLTW8+S5VRZIVI6xSb8Ch2ZbQnRmS:q+41VqLTW8xRrqSb8dGH77da98Hr3","tlshash":"1693d8d9b7d67162977730b850bf510bb13a98eab80c4ca0f0a4d8e47d74a89507bf2d","first_seen":"2023-03-07T12:26:02Z","last_seen":"2026-05-08T12:53:48.147936Z","times_seen":898,"resource_available":true,"data":null}},"time_used":453,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":453,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.jonsoutreach.com/ad.js","fqdn":"www.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.jonsoutreach.com/","date":"2026-05-08T10:43:11.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /ad.js HTTP/1.1\r\nHost: www.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://www.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:11 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 447\r\nlast-modified: Fri, 11 Aug 2023 08:59:34 GMT\r\netag: \"64d5f876-1bf\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":447,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (447), with no line terminators","md5":"bba4010b7d7d8e047af1d8b38b36ba74","sha1":"bcc2b5646e7d4f8bf7735ddf8a15384bdfd86827","sha256":"acb8514c95edcb669a5c5019b15693ef09be665eea719e5b423155cdd8cb6ad8","sha512":"b53f8bb8841c155c22f928a98ea7a49717a7d80f3f8900288a76dcbf61ac2f87c53cff510c9eba0ede2b770b6f20fe17a9ee53d6a4c91a614c9f7e8d54d14f22","ssdeep":"","tlshash":"f4f0ec2303a0210d813550ddcab1dd5c745b5529cb8a4cd6d5f3765eb247e415c796fc","first_seen":"2023-10-15T17:16:33Z","last_seen":"2026-05-08T10:43:36.684345Z","times_seen":341,"resource_available":true,"data":null}},"time_used":541,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"www.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/img/happy.webp?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:08.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/img/happy.webp?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:08 GMT\r\ncontent-type: image/webp\r\ncontent-length: 30584\r\naccept-ranges: bytes\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30584,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bbbb61f590a7ea79f8baea4c5cd4cd91","sha1":"48e8d2436fce0dca568610473c9260fab0b8986b","sha256":"7eaf5ecd666f0a53978c93eb2693e1f95aeb1ff610715b0e89b433f6b214a713","sha512":"56c3be3e9b5b24585e51320878f72e633788dceb1a2f49afe15754ea05e3bfe34dc2f09b0caf381db444127b1b3c729026d204efd3c5dd899b4ff4370ab51d87","ssdeep":"768:uTABTrVboaJ6bx21hPnfXwk6PAHLa5OSTnrWWQO463xxKmziz:Tf9AxiPnv97m5JTnKfD6KYiz","tlshash":"c8d2e1516be220d4811c9afc93eaa3ebc7e3c30891e88749e19532dd8179ce19c5c7da","first_seen":"2025-04-14T12:39:56.203258Z","last_seen":"2026-05-08T10:43:36.684909Z","times_seen":634,"resource_available":false,"data":null}},"time_used":910,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":844,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://gefyx.jonsoutreach.com/","date":"2026-05-08T10:43:09.984Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET /.within.website/x/cmd/anubis/static/js/worker/sha256-purejs.mjs?cacheBuster=v1.25.0 HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nvary: Accept-Encoding\r\ncache-control: public, max-age=31536000\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7378,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (5951)","md5":"a02fea9652fbaf3a7ec9ea444605e22b","sha1":"9fc8c7107b662d9f88eea4de042ca9e96845f6fc","sha256":"b78b9a584956e9b8cc79241a0b88b820f3bad3ad1a94114a972651f545d815ec","sha512":"a4b24ddd3460d522aced7cc6e2a2109d0bbed16ea551ea24d28a51f09746d8444cfb6e688f334f0c5e96674598bb8ba0d7cd1df033e7939e549f38dcfc4513fc","ssdeep":"192:gGFQHTqoN60k88kjMvvGgDVeQ0a4NieGghLdWJ+:gGF6qoNg8RAvGgDVZQNiLghLdWA","tlshash":"6be129c4ba95623043db62b240eb8c8fa23ea434350d045cb529e9f63575c6d867bfb9","first_seen":"2025-09-19T08:25:05.601775Z","last_seen":"2026-05-08T10:43:36.671381Z","times_seen":601,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"gefyx.jonsoutreach.com/","fqdn":"gefyx.jonsoutreach.com","domain":"jonsoutreach.com","tld":"com"},"ip":{"addr":"156.234.195.168","port":443,"asn":138415,"as":"Yancy Limited","country":"Hong Kong","country_code":"HK"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-08T10:43:10.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jonsoutreach.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Wed, 06 May 2026 07:13:14 GMT","end":"Tue, 04 Aug 2026 07:13:13 GMT"},"fingerprint":{"sha1":"23:07:D7:F7:20:51:18:C5:47:74:96:3A:30:1E:73:02:70:DA:A2:52","sha256":"F1:8D:63:F7:4B:9C:02:DE:41:93:7F:4D:BD:F2:E0:C8:6E:0E:50:B0:76:72:BC:20:CF:40:0B:EC:AC:44:5A:16"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: gefyx.jonsoutreach.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://gefyx.jonsoutreach.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: techaro.lol-anubis-cookie-verification=019e072f-1beb-7b75-b6fe-c6e9f9ee6e63; techaro.lol-anubis-auth=eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJhY3Rpb24iOiJDSEFMTEVOR0UiLCJjaGFsbGVuZ2UiOiIwMTllMDcyZi0xYmViLTdiNzUtYjZmZS1jNmU5ZjllZTZlNjMiLCJleHAiOjE3NzgyMzc1OTAsImlhdCI6MTc3ODIzNjk5MCwibWV0aG9kIjoiZmFzdCIsIm5iZiI6MTc3ODIzNjkzMCwicG9saWN5UnVsZSI6ImFjOTgwZjQ5YzRkMzVmYWIiLCJyZXN0cmljdGlvbiI6ImRhOWFkZDU5MmQ3ZWI5Y2NhNzcwNWNiNDg3MGQ3ZmQ0ZTk3MThjY2Q1MTQ4NmM0MjYxYTcyN2E4ZDU2Njk2MGQifQ.qI4rKR7cuy71cEPAxKIHdcDyZey9ZJ43YxyPzQNvwT4WKy_GCwZWir8udk6tSFr8bKjVgXWNbtlSltyqqC2HBw\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 301 Moved Permanently\r\nserver: openresty\r\ndate: Fri, 08 May 2026 10:43:10 GMT\r\ncontent-type: text/html\r\ncontent-length: 166\r\nlocation: https://www.jonsoutreach.com/\r\nstrict-transport-security: max-age=63072000\r\nreferrer-policy: no-referrer-when-downgrade\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115684,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T12:53:20.27382Z","times_seen":14838021,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"gefyx.jonsoutreach.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}