{"report_id":"50d3e410-d7a7-454d-afdc-68105cc87b73","version":6,"status":"done","tags":[],"date":"2026-01-07T10:28:31Z","url":{"schema":"http","addr":"altrix-sync-app.com/","fqdn":"altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"46.8.8.228","port":0,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"final":{"url":{"schema":"https","addr":"ww53.altrix-sync-app.com/challenge?next=/","fqdn":"ww53.altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"title":"altrix-sync-app.com","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"altrix-sync-app.com/","fqdn":"altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"46.8.8.228","port":0,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-11T10:28:31Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":12}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"ww53.altrix-sync-app.com","ip":{"addr":"172.104.251.198","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Germany","country_code":"DE"},"domain_registered":"2023-12-19","domain_rank":0,"first_seen":"2026-01-07T10:28:31.741409Z","last_seen":"2026-01-07T10:28:31.741409Z","alert_count":24,"request_count":4,"received_data":43611,"sent_data":1993,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ep1.adtrafficquality.google","ip":{"addr":"142.250.178.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3093,"first_seen":"2024-07-24T04:17:49Z","last_seen":"2026-01-04T22:48:17.136668Z","alert_count":0,"request_count":1,"received_data":11167,"sent_data":549,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ep2.adtrafficquality.google","ip":{"addr":"142.250.178.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2023-11-17","domain_rank":3229,"first_seen":"2024-08-13T12:56:28Z","last_seen":"2026-01-05T00:30:55.475394Z","alert_count":0,"request_count":2,"received_data":34547,"sent_data":1006,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-01-04T22:24:34.159986Z","alert_count":0,"request_count":1,"received_data":134743,"sent_data":451,"comment":"","tags":null,"fingerprints":null},{"fqdn":"altrix-sync-app.com","ip":{"addr":"46.8.9.224","port":80,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"domain_registered":"2023-12-19","domain_rank":0,"first_seen":"2025-04-17T18:47:35.063837Z","last_seen":"2025-04-17T18:47:35.063837Z","alert_count":24,"request_count":4,"received_data":4467,"sent_data":1816,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"ww53.altrix-sync-app.com/_static/doais8fj34.js?nonce=3575","fqdn":"ww53.altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"172.104.251.198","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"1cceae149f74ec97cc95da4d6035db1e","sha1":"b309ab93f61d126efa47d2bba6a2db45d2beef8e","sha256":"9f7aa6c8bb78dbe852d42707df6c841ede8bd135ed3958215004505493f59756","sha512":"a34258b7eda1fa1419682fd98a40d8e2fc291d25d8f13411ce7fe731c66d49c1240168a413b09d6fbb81f87a94873d8e17cfbce528e8e8311af29d8301775cd0","ssdeep":"384:4qK6nuPD+BLPlouf8gVxV0cG80Bg5eyXOJAFN/h6lmAmAPVe4mOvmLYEq1Mw:3nuDWPyLMiNS5w","tlshash":"47f294191ab3113558b350ae6b5b72063222d0032909fe59bd5cc348afc9ebced73bd9","size":37208,"data":"","first_seen":"2025-09-30T22:13:10.604809Z","last_seen":"2026-02-06T20:09:56.257186Z","times_seen":6061,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026abpgo=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"d2ca6e885b75d0ff0060fec9957ae1ab","sha1":"e70754db262451174bb1bc69b1d75e1e2a90e59a","sha256":"7b786ae59fb8e4f9f2cbca281705651e1bc064d921b9b2d9d5f35db679b162a2","sha512":"64cab43f1ee9eb94c57bd5758ce7e8af3f097f670751506068dc7e9e9e78eb4694d222a3eea00d5ed98c0febed38a6e0f7bb25bf10fe95210cf1a25e53f46771","ssdeep":"1536:pzL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:YuydkXiR5zzTq+bxpD3ZV4T","tlshash":"72d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","size":134027,"data":"","first_seen":"2025-12-11T16:41:57.082479Z","last_seen":"2026-01-07T19:31:18.868862Z","times_seen":14513,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","size":19990,"data":"","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"http","addr":"altrix-sync-app.com/","fqdn":"altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"46.8.9.224","port":80,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T10:28:09.133Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: altrix-sync-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\ncontent-length: 0\r\nlocation: http://altrix-sync-app.com/challenge?next=/\r\ncache-control: no-cache\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":16,"dns":1,"connect":15,"send":0,"wait":16,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"altrix-sync-app.com/challenge?next=/","fqdn":"altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T10:28:09.174Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET /challenge?next=/ HTTP/1.1\r\nHost: altrix-sync-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":38,"dns":0,"connect":15,"send":0,"wait":0,"receive":0,"ssl":22},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww53.altrix-sync-app.com/challenge?next=/","fqdn":"ww53.altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"172.104.251.198","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T10:28:09.515Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww53.altrix-sync-app.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 08:08:43 GMT","end":"Sun, 29 Mar 2026 08:08:42 GMT"},"fingerprint":{"sha1":"33:CB:61:67:07:69:96:AA:E3:3D:2B:FC:C5:05:C1:83:3D:59:6B:8E","sha256":"D7:D3:CA:9B:A8:25:45:EB:3D:38:C4:1F:6E:5A:C9:8D:8A:BC:49:5C:48:DC:85:B9:E9:1C:96:C5:95:4A:FC:2B"}}},"request":{"raw":"GET /challenge?next=/ HTTP/1.1\r\nHost: ww53.altrix-sync-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Wed, 07 Jan 2026 10:28:09 GMT\r\ncontent-type: text/html; charset=utf-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4196,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"eee8613d2d7c3620706e88993d6eddcd","sha1":"677af6c04794c671bc0108379588b4437ed11e53","sha256":"afdd048ab1067a6734cc035a449314fa9f3aa23c263bbfe781eab74594f03f11","sha512":"789af0707c5bbfeee8849c771d9df56f3f4bf0a05e26ea34951beff7a0323178454896afd37ecce2e14be4fea68d862418f5395a0bc05a43ab2dc59f347f8699","ssdeep":"96:/kmZnb6EGo0QT7EAOc7uV1g/zDE14lZyxIW:/LZnb6EGo0QT7EAOcK0G43yxIW","tlshash":"5a812e1559f3101a6553e03837eaa25a1a68ea1b930fdde83ecc4240cfc57a99dd3388","first_seen":"2026-01-07T10:28:33.322495Z","last_seen":"2026-01-07T10:28:33.322495Z","times_seen":1,"resource_available":false,"data":null}},"time_used":281,"timings":{"blocked":127,"dns":68,"connect":25,"send":0,"wait":26,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ep1.adtrafficquality.google/getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=XeI4Vq+5RYuWwczCBXKdBA==\u0026sde=1","fqdn":"ep1.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.98","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://ww53.altrix-sync-app.com/challenge?next=/","date":"2026-01-07T10:28:10.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:00:04 GMT","end":"Wed, 25 Feb 2026 16:00:03 GMT"},"fingerprint":{"sha1":"3F:6B:79:EB:6A:36:69:37:B8:80:08:17:24:3C:C7:A5:F2:4C:1D:A6","sha256":"C1:88:6A:43:5F:52:63:57:56:27:18:5B:53:42:8D:AC:C0:80:AB:8C:59:0D:49:81:7A:83:6D:01:14:14:78:6E"}}},"request":{"raw":"GET /getconfig/sodar?sv=200\u0026tid=afs\u0026tv=1234567890\u0026st=env\u0026sjk=XeI4Vq+5RYuWwczCBXKdBA==\u0026sde=1 HTTP/1.1\r\nHost: ep1.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://ww53.altrix-sync-app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww53.altrix-sync-app.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\ncontent-type: application/json; charset=UTF-8\r\nx-content-type-options: nosniff\r\ncontent-disposition: attachment; filename=\"f.txt\"\r\ncontent-encoding: br\r\ndate: Wed, 07 Jan 2026 10:28:10 GMT\r\nserver: cafe\r\ncontent-length: 8014\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":10610,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"747e505d63a212c25a097d8517d42e54","sha1":"3ef36a1ce9ef9b61b9bf044c56b5cb5faa343d02","sha256":"50b412d5ca8767b58fe27e9761435c43b96844cde2324c527187a7ed1f92900d","sha512":"bbcb177a2167dbbb1af1daf226533b26516a1d0e10eeb405a679209c651d9f3b7c6f3539f340afb3fed5c2f72a3e74e24819e9e1543871cf18f314150ab38076","ssdeep":"192:ngCkKsmAOOiioLEJxYA7104lM7zdoh8ZFsXtQJnC1r3eiFRpaCOPplq3vwTE:gCPFTwJ51N8z6hFdQCtB7paxPHeYQ","tlshash":"3222c0650e6cde1a2c770fc391614a24c61299b898c3de47fe651d97f48fe26305e0b7","first_seen":"2026-01-07T10:28:33.325011Z","last_seen":"2026-01-07T10:28:33.325011Z","times_seen":1,"resource_available":false,"data":null}},"time_used":308,"timings":{"blocked":127,"dns":0,"connect":27,"send":0,"wait":53,"receive":1,"ssl":96},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2/237/runner.html","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://ww53.altrix-sync-app.com/challenge?next=/","date":"2026-01-07T10:28:10.638Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:00:04 GMT","end":"Wed, 25 Feb 2026 16:00:03 GMT"},"fingerprint":{"sha1":"3F:6B:79:EB:6A:36:69:37:B8:80:08:17:24:3C:C7:A5:F2:4C:1D:A6","sha256":"C1:88:6A:43:5F:52:63:57:56:27:18:5B:53:42:8D:AC:C0:80:AB:8C:59:0D:49:81:7A:83:6D:01:14:14:78:6E"}}},"request":{"raw":"GET /sodar/sodar2/237/runner.html HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww53.altrix-sync-app.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 5044\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 07 Jan 2026 10:04:19 GMT\r\nexpires: Wed, 07 Jan 2026 10:54:19 GMT\r\ncache-control: public, max-age=3000\r\nage: 1431\r\nlast-modified: Tue, 13 May 2025 23:17:50 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":13159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with very long lines (2024)","md5":"0120a1d624ff8fc3ec792d93a7133947","sha1":"1e3bd23df78ff2c60b187b40a0c6505be9ab889f","sha256":"14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966","sha512":"84286e299ebc6690ee904b5581cd6aaf6b59d06200b61156923301484d1b75fa517894167c4f4777553ba09c840a2d74a723e3ff112448f00514d910dfd172c5","ssdeep":"192:pl/6xS2OASROqI3wgh5MXDc9EAOaK3qzfaGDCiMgIcTa1mx:rz2NQJIVsTiMH3qzfcOIr1mx","tlshash":"4842a7ccbad2b0210353b4f1a13f400ff13ea8aae44c9954b181e8e17cb56a94667f7d","first_seen":"2025-05-19T23:59:48.478548Z","last_seen":"2026-02-26T18:27:55.136579Z","times_seen":169945,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":28,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"altrix-sync-app.com/","fqdn":"altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T10:28:09.044Z","timestamp":0,"http_version":"","security_state":"broken","security_info":null,"request":{"raw":"GET / HTTP/1.1\r\nHost: altrix-sync-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":0,"dns":40,"connect":16,"send":0,"wait":0,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"http","addr":"altrix-sync-app.com/challenge?next=/","fqdn":"altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"46.8.9.224","port":80,"asn":60592,"as":"Gransy s.r.o.","country":"Czechia","country_code":"CZ"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-07T10:28:09.265Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /challenge?next=/ HTTP/1.1\r\nHost: altrix-sync-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nlocation: http://ww53.altrix-sync-app.com/challenge?next=/\r\ndate: Wed, 07 Jan 2026 10:28:09 GMT\r\ncontent-length: 0\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":4196,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T02:31:02.170255Z","times_seen":13313751,"resource_available":true,"data":null}},"time_used":239,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":238,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww53.altrix-sync-app.com/_static/doais8fj34.js?nonce=3575","fqdn":"ww53.altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"172.104.251.198","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww53.altrix-sync-app.com/challenge?next=/","date":"2026-01-07T10:28:09.946Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww53.altrix-sync-app.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 08:08:43 GMT","end":"Sun, 29 Mar 2026 08:08:42 GMT"},"fingerprint":{"sha1":"33:CB:61:67:07:69:96:AA:E3:3D:2B:FC:C5:05:C1:83:3D:59:6B:8E","sha256":"D7:D3:CA:9B:A8:25:45:EB:3D:38:C4:1F:6E:5A:C9:8D:8A:BC:49:5C:48:DC:85:B9:E9:1C:96:C5:95:4A:FC:2B"}}},"request":{"raw":"GET /_static/doais8fj34.js?nonce=3575 HTTP/1.1\r\nHost: ww53.altrix-sync-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww53.altrix-sync-app.com/challenge?next=/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Wed, 07 Jan 2026 10:28:09 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 30 Sep 2025 20:00:48 GMT\r\nvary: Accept-Encoding\r\netag: W/\"68dc36f0-9158\"\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":37208,"size_decoded":0,"mime_type":"application/javascript","magic":"C++ source, ASCII text","md5":"1cceae149f74ec97cc95da4d6035db1e","sha1":"b309ab93f61d126efa47d2bba6a2db45d2beef8e","sha256":"9f7aa6c8bb78dbe852d42707df6c841ede8bd135ed3958215004505493f59756","sha512":"a34258b7eda1fa1419682fd98a40d8e2fc291d25d8f13411ce7fe731c66d49c1240168a413b09d6fbb81f87a94873d8e17cfbce528e8e8311af29d8301775cd0","ssdeep":"384:4qK6nuPD+BLPlouf8gVxV0cG80Bg5eyXOJAFN/h6lmAmAPVe4mOvmLYEq1Mw:3nuDWPyLMiNS5w","tlshash":"47f294191ab3113558b350ae6b5b72063222d0032909fe59bd5cc348afc9ebced73bd9","first_seen":"2025-09-30T22:13:10.604809Z","last_seen":"2026-02-06T20:09:56.257186Z","times_seen":6061,"resource_available":true,"data":null}},"time_used":27,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":27,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww53.altrix-sync-app.com/apple-touch-icon.png","fqdn":"ww53.altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"172.104.251.198","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://ww53.altrix-sync-app.com/challenge?next=/","date":"2026-01-07T10:28:09.986Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww53.altrix-sync-app.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 08:08:43 GMT","end":"Sun, 29 Mar 2026 08:08:42 GMT"},"fingerprint":{"sha1":"33:CB:61:67:07:69:96:AA:E3:3D:2B:FC:C5:05:C1:83:3D:59:6B:8E","sha256":"D7:D3:CA:9B:A8:25:45:EB:3D:38:C4:1F:6E:5A:C9:8D:8A:BC:49:5C:48:DC:85:B9:E9:1C:96:C5:95:4A:FC:2B"}}},"request":{"raw":"GET /apple-touch-icon.png HTTP/1.1\r\nHost: ww53.altrix-sync-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww53.altrix-sync-app.com/challenge?next=/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: openresty/1.27.1.2\r\ndate: Wed, 07 Jan 2026 10:28:09 GMT\r\ncontent-type: text/html\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":159,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"1620e905665c273e91a8cb2a00df1509","sha1":"e0ea169369ad349affad0f6d41987a73fea0280f","sha256":"5a41c6b1c3d5061adbd15744312c919ee4a639abc0572a2927b06838bec1a6ed","sha512":"e68b327c2831cbadcf332943242c8c800b82a888960465fbf394e2b790b71694dc99ad26dc35326e9bde0b322e1a835fff997b7656772edf4e1e261acd13cfda","ssdeep":"","tlshash":"32c02b6d2c137e0c86a330b636c37490c1878337f57e41114480805770cf1998ac33ab","first_seen":"2025-04-14T16:48:50.204909Z","last_seen":"2026-04-04T01:17:48.32814Z","times_seen":7994,"resource_available":true,"data":null}},"time_used":25,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":25,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ww53.altrix-sync-app.com/_d","fqdn":"ww53.altrix-sync-app.com","domain":"altrix-sync-app.com","tld":"com"},"ip":{"addr":"172.104.251.198","port":443,"asn":63949,"as":"Akamai Connected Cloud","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://ww53.altrix-sync-app.com/challenge?next=/","date":"2026-01-07T10:28:09.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ww53.altrix-sync-app.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 29 Dec 2025 08:08:43 GMT","end":"Sun, 29 Mar 2026 08:08:42 GMT"},"fingerprint":{"sha1":"33:CB:61:67:07:69:96:AA:E3:3D:2B:FC:C5:05:C1:83:3D:59:6B:8E","sha256":"D7:D3:CA:9B:A8:25:45:EB:3D:38:C4:1F:6E:5A:C9:8D:8A:BC:49:5C:48:DC:85:B9:E9:1C:96:C5:95:4A:FC:2B"}}},"request":{"raw":"POST /_d HTTP/1.1\r\nHost: ww53.altrix-sync-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://ww53.altrix-sync-app.com/challenge?next=/\r\nContent-Type: application/json\r\nContent-Length: 338\r\nOrigin: https://ww53.altrix-sync-app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":338,"data":"{\"referrer\":\"\",\"current_location\":\"https://ww53.altrix-sync-app.com/challenge?next=/\",\"redirect_count\":0,\"user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"window_info\":{\"href\":\"https://ww53.altrix-sync-app.com/challenge?next=/\",\"hostname\":\"ww53.altrix-sync-app.com\",\"pathname\":\"/challenge\"}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.27.1.2\r\ndate: Wed, 07 Jan 2026 10:28:10 GMT\r\ncontent-type: application/json; charset=utf-8\r\nvary: Accept-Encoding\r\nset-cookie: session_id=246cfe42e79f191436823b6eabb003fd; Max-Age=86400; Path=/; HttpOnly; SameSite=Lax\r\nstrict-transport-security: max-age=0; includeSubDomains; preload\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty:1.27.1.2","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":856,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"6178ee4e40ba33fbc107a0e6df88c9ba","sha1":"d1bcfed892175776bfcd2bcad724642d8c6518d2","sha256":"5ac330bc5596bbdea03e86f3b10ce1e0cc55e2c779fc6acf6fe4f3785a1caef5","sha512":"bb2081156e2f0bac36c49ead119cdd6f1cf1628e3351260948519dec52fb2552da3e6b8a494b8d6e6e922bf92864ad430cb0a8e57b61864e214979810545dd11","ssdeep":"","tlshash":"e611ab05c0346cb609e2c3ee914bfe1a18eb991291c86b5eae7cce241ade9dc335021d","first_seen":"2026-01-07T10:28:33.330231Z","last_seen":"2026-01-07T10:28:33.330231Z","times_seen":1,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2026-01-07","alert":"Sinkholed","trigger":"ww53.altrix-sync-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/adsense/domains/caf.js?abp=1\u0026abpgo=true","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"142.250.178.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww53.altrix-sync-app.com/challenge?next=/","date":"2026-01-07T10:28:10.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:31 GMT","end":"Wed, 25 Feb 2026 15:57:30 GMT"},"fingerprint":{"sha1":"68:80:26:07:1C:4F:AC:C8:FF:32:F4:DD:86:41:D6:6E:85:27:90:D4","sha256":"6D:27:81:39:F2:6D:26:4E:B8:CE:4F:0B:02:95:B6:5D:C4:E2:58:C9:A9:A0:80:1D:02:70:91:FB:E9:98:E6:8B"}}},"request":{"raw":"GET /adsense/domains/caf.js?abp=1\u0026abpgo=true HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww53.altrix-sync-app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-type: text/javascript; charset=UTF-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"ads-afs-ui\"\r\nreport-to: {\"group\":\"ads-afs-ui\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/ads-afs-ui\"}]}\r\ndate: Wed, 07 Jan 2026 10:28:10 GMT\r\nexpires: Wed, 07 Jan 2026 10:28:10 GMT\r\ncache-control: private, max-age=3600\r\netag: \"6022745352614002532\"\r\nx-content-type-options: nosniff\r\nlink: \u003chttps://syndicatedsearch.goog\u003e; rel=\"preconnect\"\r\ncontent-encoding: gzip\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":134027,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (2840)","md5":"d2ca6e885b75d0ff0060fec9957ae1ab","sha1":"e70754db262451174bb1bc69b1d75e1e2a90e59a","sha256":"7b786ae59fb8e4f9f2cbca281705651e1bc064d921b9b2d9d5f35db679b162a2","sha512":"64cab43f1ee9eb94c57bd5758ce7e8af3f097f670751506068dc7e9e9e78eb4694d222a3eea00d5ed98c0febed38a6e0f7bb25bf10fe95210cf1a25e53f46771","ssdeep":"1536:pzL751Jqc2HyP0SuRPmym0pO1s8dsR5qxyzT/ghgOKWYZjAartrvpD3pduCxAXtB:YuydkXiR5zzTq+bxpD3ZV4T","tlshash":"72d33acdb3a1342643a3a5b5607f414fb139b8a5a40c88a4f199d8e87c74dad4237fbd","first_seen":"2025-12-11T16:41:57.082479Z","last_seen":"2026-01-07T19:31:18.868862Z","times_seen":14513,"resource_available":true,"data":null}},"time_used":300,"timings":{"blocked":136,"dns":1,"connect":15,"send":0,"wait":28,"receive":0,"ssl":117},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ep2.adtrafficquality.google/sodar/sodar2.js","fqdn":"ep2.adtrafficquality.google","domain":"adtrafficquality.google","tld":"google"},"ip":{"addr":"142.250.178.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://ww53.altrix-sync-app.com/challenge?next=/","date":"2026-01-07T10:28:10.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"adtrafficquality.google","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 16:00:04 GMT","end":"Wed, 25 Feb 2026 16:00:03 GMT"},"fingerprint":{"sha1":"3F:6B:79:EB:6A:36:69:37:B8:80:08:17:24:3C:C7:A5:F2:4C:1D:A6","sha256":"C1:88:6A:43:5F:52:63:57:56:27:18:5B:53:42:8D:AC:C0:80:AB:8C:59:0D:49:81:7A:83:6D:01:14:14:78:6E"}}},"request":{"raw":"GET /sodar/sodar2.js HTTP/1.1\r\nHost: ep2.adtrafficquality.google\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://ww53.altrix-sync-app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: text/javascript\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"adspam-signals-scs\"\r\nreport-to: {\"group\":\"adspam-signals-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs\"}]}\r\ncontent-length: 7188\r\ndate: Wed, 07 Jan 2026 10:28:10 GMT\r\nexpires: Wed, 07 Jan 2026 10:28:10 GMT\r\ncache-control: private, max-age=3000\r\netag: \"1747411493688989\"\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19990,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1398)","md5":"a8fe3ea2f81e289e6b14222e898086c5","sha1":"0e9a1227955675736e02c596906bee72bc33d7d6","sha256":"a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623","sha512":"3bd99998aa1b5d7543775769952adc52809f861ca023b6daadf6b7d23411411a6a9470d98c7b8543573e9a6047a24e14b5feaf45e14a22d98e64d0f019718670","ssdeep":"384:dxSMqC/d0d0lxDKyqdeWFy3Wxy9cT4nGllKnnk0TEYRWjfJtncu:i0qKlYyqdeWk3Z9w4G+tFWjfJtnZ","tlshash":"8892c6cab6d2f4624363b9b1a13f100ff13eaca9d84c5464a084e4e0bd759a94367f7c","first_seen":"2025-05-19T23:59:48.474751Z","last_seen":"2026-02-26T18:27:55.354921Z","times_seen":175417,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":77,"dns":1,"connect":27,"send":0,"wait":38,"receive":1,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}