{"report_id":"539e56b7-d0e4-484f-b64e-dae1fc026e4c","version":6,"status":"done","tags":[],"date":"2026-01-16T15:53:38Z","url":{"schema":"http","addr":"trackoptimise.com/?a=12125\u0026c=64411\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s2=wln7k6ka2qfjgnkf347h99a2","fqdn":"trackoptimise.com","domain":"trackoptimise.com","tld":"com"},"ip":{"addr":"34.198.200.159","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"title":"Hetetreff.com","dom":{"size":39,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with no line terminators","md5":"086707e4369f60afedcafb16050a7618","sha1":"8216b0cc6876cbd44f01c158e7dff3833ceccd41","sha256":"a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e","sha512":"aade21843813e2cab329b99185c6f61db7907a556ea974e0315dcf3ad967cab20fee66d4f10db0d0ec43a71e086ce6d700d5524103deaefa3ce5f6be74ba5737","ssdeep":"","tlshash":"6a9000fee0a2000efc303bc00cc2238a0c28c3a830028e002ac038b8c80822bcc032c8","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"trackoptimise.com/?a=12125\u0026c=64411\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s2=wln7k6ka2qfjgnkf347h99a2","fqdn":"trackoptimise.com","domain":"trackoptimise.com","tld":"com"},"ip":{"addr":"34.198.200.159","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-20T15:53:38Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":4}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"www.hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"trackoptimise.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"pleaseclickmenow.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null},"summary":[{"fqdn":"fonts.gstatic.com","ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-01-11T22:14:24.773767Z","alert_count":0,"request_count":2,"received_data":81926,"sent_data":1086,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.google.com","ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22,"first_seen":"2015-05-10T13:11:19Z","last_seen":"2026-01-11T22:25:40.990476Z","alert_count":0,"request_count":3,"received_data":96495,"sent_data":1883,"comment":"","tags":null,"fingerprints":null},{"fqdn":"trackoptimise.com","ip":{"addr":"34.198.200.159","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2018-09-24","domain_rank":0,"first_seen":"2018-10-16T18:40:04Z","last_seen":"2025-12-03T02:58:54.877021Z","alert_count":1,"request_count":1,"received_data":30088,"sent_data":610,"comment":"","tags":null,"fingerprints":null},{"fqdn":"samlesamtykke.com","ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2018-05-22","domain_rank":5170506,"first_seen":"2018-05-31T09:13:35Z","last_seen":"2026-01-15T14:27:40.805707Z","alert_count":0,"request_count":2,"received_data":196826,"sent_data":969,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]},{"fqdn":"api.samlesamtykke.com","ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2018-05-22","domain_rank":0,"first_seen":"2018-05-31T09:13:36Z","last_seen":"2026-01-15T14:27:40.68542Z","alert_count":0,"request_count":12,"received_data":18182,"sent_data":6280,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}]},{"fqdn":"www.hetetreff.com","ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2018-06-01","domain_rank":1280663,"first_seen":"2018-08-31T20:32:56Z","last_seen":"2025-12-01T12:39:06.801227Z","alert_count":3,"request_count":3,"received_data":22285,"sent_data":1339,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"www.gstatic.com","ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":146047,"first_seen":"2012-05-29T15:36:17Z","last_seen":"2026-01-11T22:26:49.271833Z","alert_count":0,"request_count":5,"received_data":2658680,"sent_data":2403,"comment":"","tags":null,"fingerprints":null},{"fqdn":"tsyndicate.com","ip":{"addr":"167.235.113.12","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"domain_registered":"2017-03-08","domain_rank":1289,"first_seen":"2017-03-16T09:04:54Z","last_seen":"2026-01-14T13:10:47.51756Z","alert_count":0,"request_count":1,"received_data":917,"sent_data":481,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"sync_events.atsptp.com","ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"domain_registered":"2020-02-13","domain_rank":0,"first_seen":"2021-04-17T07:57:10Z","last_seen":"2026-01-11T21:51:24.02979Z","alert_count":0,"request_count":1,"received_data":646,"sent_data":487,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"tracksrouting.com","ip":{"addr":"52.72.87.177","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2018-09-24","domain_rank":0,"first_seen":"2018-10-04T21:46:28Z","last_seen":"2025-11-13T23:19:33.694479Z","alert_count":0,"request_count":1,"received_data":30472,"sent_data":658,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ad.twinrdengine.com","ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2023-06-07","domain_rank":79586,"first_seen":"2024-01-20T17:03:24Z","last_seen":"2026-01-14T20:48:07.939657Z","alert_count":0,"request_count":3,"received_data":735,"sent_data":1390,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"pleaseclickmenow.com","ip":{"addr":"52.72.87.177","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2015-03-23","domain_rank":6805828,"first_seen":"2015-11-18T23:18:42Z","last_seen":"2025-12-25T21:18:08.970795Z","alert_count":1,"request_count":1,"received_data":30558,"sent_data":658,"comment":"","tags":null,"fingerprints":null},{"fqdn":"hw-cdn2.adtng.com","ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2018-07-20","domain_rank":157324,"first_seen":"2020-02-20T16:50:17Z","last_seen":"2026-01-15T14:27:40.832501Z","alert_count":0,"request_count":1,"received_data":56130,"sent_data":433,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cybermeetme2.com","ip":{"addr":"188.166.38.225","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"domain_registered":"2018-04-16","domain_rank":7041568,"first_seen":"2019-07-08T12:32:24Z","last_seen":"2026-01-15T15:39:53.570508Z","alert_count":0,"request_count":1,"received_data":30289,"sent_data":631,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.15.7","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"pixel.rtbix.com","ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2020-07-30","domain_rank":4337019,"first_seen":"2021-07-26T09:42:36Z","last_seen":"2026-01-14T20:48:07.048539Z","alert_count":0,"request_count":2,"received_data":1195,"sent_data":890,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"hetetreff.com","ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2018-06-01","domain_rank":1113123,"first_seen":"2018-08-31T20:32:55Z","last_seen":"2025-12-01T12:39:06.64107Z","alert_count":12,"request_count":12,"received_data":726366,"sent_data":6768,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"ExoClick","description":"ExoClick is a Barcelona-based online advertising company, which provides online advertising services to both advertisers and publishers.","website":"https://www.exoclick.com","common_platform_enumeration":"","icon":"ExoClick.png","categories":["Advertising"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]}]},{"fqdn":"sync.atsptp.com","ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"domain_registered":"2020-02-13","domain_rank":369566,"first_seen":"2020-06-17T16:56:18Z","last_seen":"2026-01-12T03:28:09.721469Z","alert_count":0,"request_count":3,"received_data":1834,"sent_data":1533,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-01-11T22:20:23.507747Z","alert_count":0,"request_count":2,"received_data":769923,"sent_data":882,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"be812bf746c8e7a3a66c88d236594975","sha1":"73689320385f35ae31e5f51a999ca9c9eed05943","sha256":"3683bc447c46edd71dc2ae41607055e7e100d0c0a3cbcacabce01a018359de23","sha512":"ff02eca5435a22f1b8139addf9756c1e87f32151b912bdc90003ab238020cb927a9d589c40da1e6dc2e8cda3b628e676eb51c9518d76ca5281719ea7157cc819","ssdeep":"","tlshash":"84c08c0ca92f96a0072b28da79d2e318243484aaf084ca4435be05014f607dc0d0ed04","size":148,"data":"","first_seen":"2025-04-16T01:09:11.68596Z","last_seen":"2026-04-03T20:24:15.1636Z","times_seen":717,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"01665c33920c5ee581551224f3591a8c","sha1":"9af5d4823a59026ca0df663736595d146e5d19a7","sha256":"09a3131c9fa426597dbbd20c15ff1ccd01126f8beddd06c30d66019861d282c5","sha512":"fb055814d69e701accf1c8fd1e86cbbf16bbf5ef51c188053ef379e431c0b94aa8ba5d8990435eb026ab774851bac4c28a5e67bf894681661758114520156a31","ssdeep":"","tlshash":"83d0129ae650b22b32b1102d33aef2077206bb93519a2906181ea1417aa7503acd164f","size":198,"data":"","first_seen":"2025-11-21T14:55:13.200608Z","last_seen":"2026-03-19T00:25:42.249842Z","times_seen":506,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"dca9d53787fff314e5bd1a123b28906a","sha1":"1350c858f60bbb03d1b53b05cbad6cea82ff29d1","sha256":"2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f","sha512":"4f123c356eec731b4f3653afdc258b385c8a0040ea14831893fa850c1275efe1fd49c51d4acb5f7541e01f2b9e46bbac0266e5893a6987b568f6aa2e0b0d492a","ssdeep":"","tlshash":"41a002f3187682224e93c660d963fb88d952515dfd4985cc60259e5ae7e29dbc010e90","size":75,"data":"","first_seen":"2023-03-07T01:15:59Z","last_seen":"2026-04-04T15:35:02.115554Z","times_seen":77864,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"cc6af87c34c2c88fbae1421dfd398916","sha1":"e4cb091850689e4152dff98dbe783bf5f6b3e547","sha256":"6b5f27788cde8c54dde18c0dac69fcd5d6fcff455d572780112a24d8b37469b5","sha512":"76baff5e4439f40210e6eb995d9792bcfecf5d609144f501b53a1e58cb038ddd07feb36914ec3a125f94417a087738516976eb6394c04fb6103f9f3af84e397a","ssdeep":"384:HhzJpiHIiFBIGxf5r3tHruTC1wRkQwQiAnaezqU9BB7/r62dfuj:Hhzyr3EmikTQTaefB7zhZuj","tlshash":"c8c2d7d4f1a1f167c1b3b2b4502b055af2be2a06dd4524acf221c9e46f3494e906ff7a","size":26415,"data":"","first_seen":"2025-12-12T23:14:45.968975Z","last_seen":"2026-01-16T15:53:44.304998Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ee61ab1b9ef59a50d529bef69fb5e89","sha1":"7ce0a12098ccb2eee49526e252b077a407a9560d","sha256":"4b9641dd65de7096031f9dff0897dd6f412eb8b7a00689e1367caf384f219e98","sha512":"e5aaf1d21da9c7752a709cdfa7cc1aadeb2493699be8998f8001de66c56aa4cdfb18eeac45f57e2598b015e1cfc9c75227191530d7415246b25fd79acb0ef3ba","ssdeep":"3072:Lgv/rKtGTln5O/j06lnHEL/KQvwUcDqNFZ+AUGWNo3HDoH4fc1Ygd7dpX878cJy3:LeJn5YNGvjHjUG6ozDfc1YgdxpX875y3","tlshash":"b87418cdb3c6742683a3a474503f018ba57b28d2b44cd895f18accd42e74aaa5277f7d","size":359413,"data":"","first_seen":"2026-01-16T15:53:44.290934Z","last_seen":"2026-01-17T02:51:00.582493Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"fd2ade1d73ac3b875614763496e6f29b","sha1":"bda8a0fdb4da75712f0e46ad503c1b9b6a6bc03a","sha256":"d43f77a4a46fca0b44747dc6fd5b92ea77873a595841a3eb35414c365171529b","sha512":"aa399597c7c0598105f9a2ed997ce6434ea0fb39bb206f22ed0861915c2f17e45881f6492b2180488851825ec1961cbdfdefa0bd08e71cd4147be5cf1734541e","ssdeep":"","tlshash":"b2a0025872417838422f361633bbf75f751715a01a07150cc20914463630247f9ddbce","size":64,"data":"","first_seen":"2024-10-11T08:45:33.687432Z","last_seen":"2026-04-03T20:48:22.804086Z","times_seen":902,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"33a1c56d538f9b34b1ccad91d9340381","sha1":"aaa9da6bd113a026850e6b83bcd276b7e4220a4e","sha256":"a34e566b972c1db886974f439763ce6c74dd7c4f3506283d1b9abfe83653468e","sha512":"56fc445b3db7960b10c9306188543d6875cd56a3424214b4e260b6d9d8ca025b519d4904c6ea3b76361d5b12312d84fa1254a93566ea1e86c487bf85a4a69657","ssdeep":"","tlshash":"9a21c1b21706907a0ab209f5f1facb71ec52701cb15c89dca502ea991ebaccfce15595","size":1200,"data":"","first_seen":"2026-01-15T14:27:55.725714Z","last_seen":"2026-01-27T12:08:13.463159Z","times_seen":31,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"4d6101e1ce3570f14d1769b409590bca","sha1":"1f0db63a51db951ccec9eefa6abc423a98e6928e","sha256":"af3b59311fd5733bd68857f47415a8cf389aedecd033ac97ea7f2e4989876c0f","sha512":"b37e9f7584d8c7fc43452230933aa37d30cf8964935d74a44e7c0155f3c69c0145866133946bf33b6a32f71ee506bfe4776f43bb1a04ab2bf809f1f8e97ae4da","ssdeep":"1536:DXJJY/2pQ4JGgKQ/5RyFa4rPfRuNDhjP8ebsFoPDaOSbZ0:8JWp4LENDhDbWAMZ0","tlshash":"3a73be1bfb8334e7efbd9b409be65b68137d9106219a06cc16eb16d2452cee371690cc","size":74196,"data":"","first_seen":"2026-01-16T15:53:44.306418Z","last_seen":"2026-01-16T15:53:44.306418Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"ccb2bbd757b1b95692901fbdcc73e7eb","sha1":"fe8c2419a3fe8b23701bb383018aa927bf147006","sha256":"5e299b4bce6410f11772169e68e0e091b7df5cbcaeeef22d54af358e1ba72c29","sha512":"64b9dcb4f2832769687bb73e4d6054f028bc96fe9d861bc193ece38e8a44136454153fe486077b04e3534b3d0ec90d2a1692ff12dceb4bd8df863900b5370c68","ssdeep":"384:0hzJpiHIiFBIGxf5r3tDruTC1wRkQwQiAnaezqU9BB7/r62dfK7:0hzyr3UmikTQTaefB7zhZK7","tlshash":"be9208d472e1f167c1b3b2b4542b051af2be2a065d4924acf221c9e46f3494e906ff7b","size":19722,"data":"","first_seen":"2025-12-11T08:18:03.942757Z","last_seen":"2026-01-17T07:58:50.231143Z","times_seen":13234,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"fc7fe1d5fef7191c1b116b758c96ae7e","sha1":"c769deaed2e65aa904de6dd0a984b31fc09e5a14","sha256":"ce7fe5181bce079b7a5c8c45f15afe03d37da3a5639b17b6a4107c300e27c586","sha512":"17023c0cf7313145566dd7201d7cfcc45293a7998d163057b4af9d23a31e3b81f9bcf3140d47972be3efc8894f99a66fbf00e3105a6177981e6f0c38a3903831","ssdeep":"192:EDtNkrxRmcx3z4cZGBUezFcx6ACRwLCuTg:2s3zRgl5860u","tlshash":"660230ae39e751664293703ea7afa118713288172844ec007e9c46105fb731da7f5fde","size":8411,"data":"","first_seen":"2026-01-16T15:53:44.307779Z","last_seen":"2026-01-16T15:53:44.307779Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"0518d9543df1ab22429f53744e750cb7","sha1":"b6b08022a37310c40be855717069be0252f6f3f4","sha256":"267c2bb34ea4a7689f9deb73c39a165ad12be77f0ed16bd1aabcea5ebd8e485f","sha512":"2ea878af3b314602c38bcc987c1af605b0960524fa77ee53f8c1ef765587f462af3e99b8594cf65dfc1fa918c7230bf43284dae74bcc21de305b1cd21b80b0f0","ssdeep":"","tlshash":"25a002453c5554e7d137746264071636989a134f1242088061616bd46e3a04dd8cacd7","size":62,"data":"","first_seen":"2025-12-11T08:18:03.946537Z","last_seen":"2026-01-17T07:58:50.241957Z","times_seen":13261,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"c4c99e692c4334e6743e85c2a7a55dd3","sha1":"a4b0a55091f5723db7eba7e25f574b3c64d26d70","sha256":"90b9dd026ed4e6a1fcf18a5003840166ca6586f53a03fd9ef9431a3c749eed68","sha512":"666f6717783b07520bee856864afa6b3940aa65dc81b0713160ebad6010675f8607c63ec68dae9cf33eb6252ab213973dd0a6efe78e20bd4c57e16253fb5e5a2","ssdeep":"","tlshash":"5c7000282c88220080b23020802f00082022000000002c80088028c00c3000a2002c2b","size":22,"data":"","first_seen":"2025-12-11T08:18:04.018405Z","last_seen":"2026-01-17T07:58:50.18195Z","times_seen":13271,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3\u0026cx=c\u0026gtm=4e61e1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0a8f3a24e24b1a2148809e6c6e48fc5a","sha1":"519f5a29155a0911b359e4e422520444ca771247","sha256":"f5c13506a9029f36b173f69ac40079a36d7b2fb8b52b4b33f00d27e85adbc65b","sha512":"67ac0eb6443412d7454a9909932c252034c0599e51b29db8044cfa8c5f2646ee98c4dfd6e98b5ece31836a9826cb44dc41c41c6d92711cb0e6f36a74b2c4ad3b","ssdeep":"6144:cyRnbh1DGvjHjUG2tonsYDfc1YgdxBX83ofpwVK7Gy:lbTDwjFBns3X83Y9","tlshash":"619419ce73c674269396e078503f018ba57b29a2f45cc895f189cce42e74a9a4177f7c","size":409276,"data":"","first_seen":"2026-01-16T11:56:14.291938Z","last_seen":"2026-01-16T15:53:44.297745Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3a7059ff8a74a0f1a0b8265fb0740a86","sha1":"1ed31b1a68886375036b89608b209ab01631b6f4","sha256":"dc5ea5caa8ddf8ff97e6c272fa8f8ea7f6cb39fb9fb5a79525e139f65d098b31","sha512":"10c155c0b69755ab3eae25954fcf120842f8b87dccebcaf5ad5acc498a7cd796e5b075a1949ad61f5dd8cf9c734e5ed8b0c256b65f3351434796e5b1104e5753","ssdeep":"","tlshash":"4571638778c1623a47e51071407f673cf62958964b044464753deaa6eb38fe77923acc","size":3494,"data":"","first_seen":"2025-04-11T13:51:33.914989Z","last_seen":"2026-04-03T20:24:15.165409Z","times_seen":718,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/js/vendor.js","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0689f0929eb5c64d73047a0bfea7d070","sha1":"466f523bdf7318546336a3c8c3d6539b0ae88d82","sha256":"9e476352b0539fcfcbf44cca128d2053c81873825c559640c74229151d9c37d2","sha512":"0abf5c5a77103cedf065f59759496288a136fe8e9810c653cc9d519be84f24d1133128e78e726c7ebf6ad769d9c706d648e5888eddb8dd210bf36906ab352a5e","ssdeep":"1536:L7LiB3wGnUL6oXHUbxmyBWpsbm1Tmu9dnI9ETHCRlNzDnXEYsSBuPTn8GlDKUQTk:HlmKi6TCtErPTnoL02U","tlshash":"f0c329ce72c6706247ab31ba046f550bf23a5959384d8840f169e4e5bc71b8e8277f3e","size":123566,"data":"","first_seen":"2026-01-13T15:59:55.540422Z","last_seen":"2026-01-20T00:17:05.047035Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"01a39bba6df66b9b6c1ce105b37d948c","sha1":"cc4c7d59b3ce8ec9d8ddb107b19b42f2052a7d94","sha256":"d89a3b683ad06f027eaf33c886083c7d6f0fe88ee28e646059c4f521a166cde3","sha512":"4e644ffbbda98fe7ba928b7ba56d5e7bdec3c6320bac4c5518e4a2671ccc0c1192f11f0148949f54be666368f7ffb062296135145dca1f01fa1c3259d4a080e1","ssdeep":"12288:CcrIRP7yj+Ql2v2ZQqbrH4SJoR4yjom71o:jIhyj+RRqbrYSJw4yT71o","tlshash":"9a0529ca721275f94332b4f92037142a936daa25940c0d5db259c8f52ff2c6931beeb7","size":856260,"data":"","first_seen":"2026-01-15T01:58:18.084345Z","last_seen":"2026-03-27T14:07:59.271507Z","times_seen":25478,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/media-registry.js","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8bcf3092d18e8387a8f9b94041da6125","sha1":"db3c93abbaf69de5838eb6d5d5f34e8fc8e50c7b","sha256":"f898695ebf362fd204903025871bbeed0d419ac845a22508ddf71bb6c99559c3","sha512":"a59d8cede4eb74b44e107310441245c434e85d730302df793789ac8a5ce40b0728e0cfa2756085aed392ceb5da855eeb554e58fe1e216560d37c9e0c921330d4","ssdeep":"3072:VR+xx141g+V1zDgXlxikzVuDfqjPxTHzH7HFb7:VR+xx141g+V1zDgXlxikzVuDfqjPx5b7","tlshash":"06c3a107b65cbe2bfb3cfd652da29d0168ec34002447f0a0b2ead85549de5d417caeda","size":127421,"data":"","first_seen":"2026-01-13T15:59:55.523551Z","last_seen":"2026-01-20T00:17:05.0797Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"6fe51bf5bdf9cb4d47a750f9d341ca7a","sha1":"8049673666fecc9b492f92676dfdf905fa8809ef","sha256":"810adf302af0867a0b59481d32b448d138b915c8dc66e5628f9475ec70e27d04","sha512":"6e96744db3c39811d77e6907eeaaa9bbdc6897b23fc85310826c4f3d58703815d1754c4cc0c03b43711d7b492598d7461abd34607ff9c0ca829700cbacf3482b","ssdeep":"","tlshash":"8dd0227e24b233c0e08e30bccf1aea033530a2b3b1918820b9ee0e001f2580b4329a64","size":214,"data":"","first_seen":"2024-06-06T19:28:29Z","last_seen":"2026-04-03T20:24:15.166535Z","times_seen":1001,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b375c74456053411ec5414e21ecf870f","sha1":"00a6b32dd64dbf1470f439ce9fa89c712500eebc","sha256":"a200a9bc6b415237c4571f14eb0eaa8f0f0fcfcd7eeafa8860441a805e4a144f","sha512":"1eac7d01125e86bf9c830911887999c922e321b80d1cfab8b000940dd75b088baa19d8fd2f905c9a68bd5dbbec45882e8c309f8f677f754c2a4a33c342a34ac9","ssdeep":"","tlshash":"dab0121c67b15242a033a07c971bd0e41013501778c1d560bf0c17903f30103d07f95e","size":103,"data":"","first_seen":"2023-03-07T12:09:25Z","last_seen":"2026-04-03T20:24:15.171009Z","times_seen":903,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"909426d7f34fa8bb06daf6761e618100","sha1":"c0500ebe7822c34e1077091a8513855e65988e37","sha256":"8ceb26fa784bec10e13dbfc9fab75aa73259695ae27162542095bdc2399b5931","sha512":"f505d7d64919ef80a7f2678c3faf2a4a7e13cf658495b4e956abf210d8143deb6c844590b01f75bcdd5567c0a4f0ba8f10df3543f14cc9622f773ea1d80a7b11","ssdeep":"","tlshash":"e4113a647b308530c3fb30c7575a9b6c0876b3863c024a90bc0c19556caacf5f95e6f0","size":922,"data":"","first_seen":"2024-11-14T14:17:07.220696Z","last_seen":"2026-04-03T20:24:15.171572Z","times_seen":494,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hw-cdn2.adtng.com/delivery/idsync/idsync.min.js","fqdn":"hw-cdn2.adtng.com","domain":"adtng.com","tld":"com"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"314cda749bceaf674446b0b6e294595a","sha1":"691325db17552447e53fb6a090a736955edaebc5","sha256":"875c9225e41341067eee9916c855e4e636ce8554784aecddcddee14a4467098e","sha512":"4dbef550be549df2aa5640cf8f91611d7e42d4551516863f293ba08c6d10ae37cc5441cc763440949d5cf4f4686e93ad1b67fc827c3b0766ff2bac41178ac640","ssdeep":"768:66VT558z8h4yo3pc9NwlJWDNEqLcgOKq8wOElg+:6qZxo3peNMJWZEqLcBZ","tlshash":"874318c9b2c3b06852a338b9443f200ab23e7e56641d8851e562d5d1bc79e5f9233fbd","size":55335,"data":"","first_seen":"2025-09-03T22:43:19.182619Z","last_seen":"2026-03-28T10:16:01.915212Z","times_seen":949,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samlesamtykke.com/cc.js?wId=28oTX6uLXHkFoLq9L7hglB\u0026domain=hetetreff.com\u0026languageCode=nb\u0026languageTerritory=NO\u0026sessionId=c1af4dd267844d3a8be5a69281ae74f5","fqdn":"samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"86fa9ec341841dde29843bc7b3c5cbe9","sha1":"4305f0088ed1301b8ec116c1617feee2577b3365","sha256":"ed9cb5d7296b35778354efb600955858f57f5a459a0f2abda265d176b3a21b94","sha512":"c31e2dbe8cf26f10b412a7821810b5a939cd2171f2c1d6fddd17b9c33dc2cf5e5bd3d8769f41f0e328a1da53fac71937201d345ab61d8a478bb36e883de32674","ssdeep":"1536:kDA9ANwksb7jGaxkGCNMPWiaDQnNJ/rsdNJOTfn5aLNTiTeVdT0k1WfEV1mBHRMo:0Atksb7jGa1bH510wj","tlshash":"1af32e4a35e7563242df707e5e4f609cb134852714099800bcac97d88fb5f2866fafea","size":159182,"data":"","first_seen":"2026-01-16T15:53:44.289901Z","last_seen":"2026-01-16T15:53:44.289901Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/js/landing005.js","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cb2f95ccf7e7a42c1ed8ca6af66062e3","sha1":"501db90ac94380aa56a659440ae59807fb4b7a56","sha256":"6459dcdc71fc4f0454acd90919e8d9d7e3ca6c51c0fad147735fa3f62527bc8b","sha512":"4d8fb1801b8b88bfeec2516301132c802ca753b51568a13c53d4d3912aa3ff11bfee2736bb749fd81b62523c6c4a03fa3e578b429749a6fce409933dcd861469","ssdeep":"768:VmGJss4y2mPLvVOAizVSofFceBIrzXF+/ZCanGxuhu6e+s5yVSHQp4HhACI5Fea4:Vm2t4y2tA1SCLhigg+b","tlshash":"d563fa8cf2a5f1a2039360f8112f1106b277a9686c0994a4f714c9d13db9d4bb6b7f7e","size":68909,"data":"","first_seen":"2026-01-15T15:39:54.353946Z","last_seen":"2026-01-19T15:55:41.608422Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"01a39bba6df66b9b6c1ce105b37d948c","sha1":"cc4c7d59b3ce8ec9d8ddb107b19b42f2052a7d94","sha256":"d89a3b683ad06f027eaf33c886083c7d6f0fe88ee28e646059c4f521a166cde3","sha512":"4e644ffbbda98fe7ba928b7ba56d5e7bdec3c6320bac4c5518e4a2671ccc0c1192f11f0148949f54be666368f7ffb062296135145dca1f01fa1c3259d4a080e1","ssdeep":"12288:CcrIRP7yj+Ql2v2ZQqbrH4SJoR4yjom71o:jIhyj+RRqbrYSJw4yT71o","tlshash":"9a0529ca721275f94332b4f92037142a936daa25940c0d5db259c8f52ff2c6931beeb7","size":856260,"data":"","first_seen":"2026-01-15T01:58:18.084345Z","last_seen":"2026-03-27T14:07:59.271507Z","times_seen":25478,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2611427ce493b5ca22b8a447174aa250","sha1":"d71376b9cd7f484afd3ecf8e5a95b6372631d6c2","sha256":"b3a9427cc535b8d8ea1fab759fd526120fd0ce297f0d00db771e32209087e1ce","sha512":"610c1b194e6b1ddea9cceabb57b6a201a1b6f724b376e5e0a33ec4521d988589653c78b96dab9b5a874b621d77d42d682d83a670f09daae81bdc1141093f375a","ssdeep":"","tlshash":"024150a477197135a9ff137a432f6345293471aae9002c70ae38e4ca32acd07a992cdc","size":1920,"data":"","first_seen":"2025-10-10T15:27:13.104265Z","last_seen":"2026-04-03T20:48:22.795269Z","times_seen":800,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"eval","is_inline":false,"md5":"61c7d5c740d838d95a72354ecc6767ee","sha1":"8d5eed97b42a880391a184b1ee1775a0112acc0b","sha256":"8661d56413531912b82885d3a21e22c29b7af6fc560b342ae7e0733f58948fc3","sha512":"7fa4713aaa6a6c9975bfc12903d359c31ea0c9eb1373964871eef127362eadf30f4142e33119775036d0b200eb7554b80f9d266e4ed0abd63c51aa4e41044cfa","ssdeep":"","tlshash":"eb7000a82c88220080b2302080ef00082022000000002080088008c00c3000a200282a","size":22,"data":"","first_seen":"2025-12-11T08:18:04.0202Z","last_seen":"2026-01-17T07:58:50.084707Z","times_seen":13247,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"8a81377a647bdea836809865c62d171b","sha1":"dd72dda89aacfe74746d2c73421ea55a23ab313d","sha256":"9c7aa944eeb31b5765d0c1674cdc445dff6dd572a6fe897f6d5137ce181d44a9","sha512":"1fcef0b6d8ed19dbf0bb930941854233c028b6f894cf63955fd49e8e9514c601ed1a328a6c842c8ffbe5eea505e4c10f99e96a933a2f65a4ad484a7bb70946a5","ssdeep":"","tlshash":"89e05e1e56ba0d426667294c8a5fc0027d93635308cdea103f5cab181f9051fbaa929c","size":308,"data":"","first_seen":"2023-03-07T12:09:25Z","last_seen":"2026-04-03T20:24:15.173807Z","times_seen":1466,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"407403468961a963270546f9c670e5b1","sha1":"424d65b3e27e0976197b799f16455fe134142321","sha256":"6c674b585b406a37fc2c37ca2a9ef3257e8d8c0b45261d170b28f950a2462ba2","sha512":"1a268b8169e819a5255dac2b7936fb465971926ce2079afc1c130ca904e2b8a60c8f56dd6e015aff56456d6b2f1af73cb9064d90692a32695009f20497b2fd29","ssdeep":"","tlshash":"13e0aba6a2560d304d73bebe8ad7b324282c725f18d980467bce8d80df1a99bb0149c4","size":427,"data":"","first_seen":"2025-09-10T13:05:02.205071Z","last_seen":"2026-04-03T20:24:15.174429Z","times_seen":517,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"7db842f39fcdf32b368b26303b5fb7a4","sha1":"28252dfd2a6b01cfc723ae869ed621163abb1bd2","sha256":"709d8269f75e74638e8c60ae542b4ddb09031d6fc9284d411b07e45d9e19e6f5","sha512":"47039fad374932b433ec06110616b4e73e5b4b9481db9f411a2e02b4d6be281599113ba918cf4c30c6279e9dcb24a70b0ac77329f11f01499ba2a6c57d941263","ssdeep":"","tlshash":"db412d8fb0261a6d96e36029b6bf3630a17262507504d0327129c4083d78f1b437bbfb","size":2099,"data":"","first_seen":"2025-12-20T01:13:15.996826Z","last_seen":"2026-03-19T00:25:42.263426Z","times_seen":348,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/loadSegment","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.730Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"OPTIONS /consent/loadSegment HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://hetetreff.com/\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/loadSegment","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"POST /consent/loadSegment HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 225\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":225,"data":"{\"identification\":{\"wId\":\"28oTX6uLXHkFoLq9L7hglB\",\"dId\":\"26tpDQf3rxsxHGHd7oprun\",\"sId\":\"3teMKOo1DhokblXBNjSg7P\"},\"locale\":{\"languageCode\":\"nb\",\"languageTerritory\":\"NO\"},\"key\":\"privacyStatement\",\"segmentKey\":\"privacyReminder\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 360\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":360,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"c8609b141cf0533da2605b1ac1537c6c","sha1":"ed8b101e71286c3e582b8f6ed4162c2077b3fd88","sha256":"99eccbc41e04b151073613276ac5248e10ff2dcd4c9b3049df4c6ebd8b4de5aa","sha512":"10b68994046570ca339099c30f2e40fc96bcf80e9aa3201fd4165c3b9e13ab7a090f6ac289f88721601a7cb7e2b2a1645bf77a8f5b29fef27d738c3bb8209617","ssdeep":"","tlshash":"90e0c0f656aee3b25d4283c3251ef742338553a44a58025884a98c0a10e0664654e6c1","first_seen":"2025-04-11T13:51:33.911951Z","last_seen":"2026-04-03T20:24:15.143996Z","times_seen":486,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/css/theme/pornhub.css","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/css/theme/pornhub.css HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: text/css;charset=UTF-8\r\nx-powered-by: PHP/7.2.34\r\nx-host: hetetreff.com\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 14358158\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":15648,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"9e8e7e0be17f3ddff8ce61f0bc49cd5c","sha1":"cf6cebaa9cc67f986c8f67f97c45dd08479ad73e","sha256":"fb0ce04260f2b23aaa35b9d7c815fb6304aa1d773b44051c8f764ffabf79016e","sha512":"c6ccbd6e4201db7fd2006fc7c28df17d992a32020306e6a001ad59e6335b447eb1c0cb4185683976c2a697ab25e89a24e5ec0063a00a41abbe082556b41505ff","ssdeep":"192:/qIQJ0SVZmnyEDB1DBt58I5jvay2+JYhakJS0ZJhHEuQ5un:KOvDB76aEbx3R","tlshash":"f1628e62e2f1990b312396ac52529958333c42e4d48e5f3df37e34f8a6dd5c478ba8c6","first_seen":"2025-06-18T05:49:55.128666Z","last_seen":"2026-01-18T15:18:49.490142Z","times_seen":12,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":342,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.hetetreff.com/favicon/apple-touch-icon-180x180.png","fqdn":"www.hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /favicon/apple-touch-icon-180x180.png HTTP/1.1\r\nHost: www.hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: Apache/2.4.58 (Ubuntu)\r\nvary: X-Forwarded-Proto\r\nlast-modified: Wed, 14 Jan 2026 12:30:00 GMT\r\netag: \"3d57-6485844538029\"\r\naccept-ranges: bytes\r\ncontent-length: 15703\r\nx-ua-compatible: IE=edge,chrome=1\r\ncontent-type: image/png\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":15703,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced","md5":"65c9dbd279a72122a2909857638dcb19","sha1":"409979f5f3d9164abb51d6fb04b4bb19910d193f","sha256":"fcb3bf42ec7f58515ea10b14839ac8070c9d962d1838f325e1ae496197763bee","sha512":"4b2b11700890894527f5ff18945453afe609ceaeed4c483abf971c745580813a6a0e714da66842e4e68a3214f555a35dcb0ff29d337633b4ecd99a6331318163","ssdeep":"384:bX+LHKFsXiXsVZKkf9e3ijG028MAl/G+eUIQgHL:L+LHnyXcZZfEl0Jlijhr","tlshash":"7f62d1666ac83bc1f2472fd08a6658d1f1bc391f4a6abc5b1dc836417b905e8086735f","first_seen":"2023-10-22T04:57:53Z","last_seen":"2026-01-18T15:18:49.478169Z","times_seen":16,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"www.hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/enterprise/webworker.js?hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ","date":"2026-01-16T15:53:18.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 364933\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 16 Jan 2026 09:04:03 GMT\r\nexpires: Sat, 16 Jan 2027 09:04:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 12 Jan 2026 01:00:14 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 24555\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":856260,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (670)","md5":"01a39bba6df66b9b6c1ce105b37d948c","sha1":"cc4c7d59b3ce8ec9d8ddb107b19b42f2052a7d94","sha256":"d89a3b683ad06f027eaf33c886083c7d6f0fe88ee28e646059c4f521a166cde3","sha512":"4e644ffbbda98fe7ba928b7ba56d5e7bdec3c6320bac4c5518e4a2671ccc0c1192f11f0148949f54be666368f7ffb062296135145dca1f01fa1c3259d4a080e1","ssdeep":"12288:CcrIRP7yj+Ql2v2ZQqbrH4SJoR4yjom71o:jIhyj+RRqbrYSJw4yT71o","tlshash":"9a0529ca721275f94332b4f92037142a936daa25940c0d5db259c8f52ff2c6931beeb7","first_seen":"2026-01-15T01:58:18.084345Z","last_seen":"2026-03-27T14:07:59.271507Z","times_seen":25478,"resource_available":true,"data":null}},"time_used":51,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/images/landing005/default/default/slide03.webp?geo=no","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:27.691Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/images/landing005/default/default/slide03.webp?geo=no HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_QXFHHE16V3=GS2.1.s1768578798$o1$g0$t1768578798$j60$l0$h0; _ga=GA1.1.816410706.1768578798; d_fs=1; d_uid=143150d2-a325-a027-0a53-0d9d4052708d; d_uidb=143150d2-a325-a027-0a53-0d9d4052708d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:27 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 50842\r\nlast-modified: Fri, 16 Jan 2026 08:49:13 GMT\r\netag: \"6969fb89-c69a\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 11582474\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":50842,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"130aa977805b1c91767111cabd12a621","sha1":"a89dc1ed72b00b20fd3d2c94d05db26d9bc2af9c","sha256":"49b20e45adabf8523da1f48a127b450c9b9c929537e2530dbe1b4bcf9145f204","sha512":"4498fecfc5d6db7fe2dc8283ff8e600c07e756302149803c57f22134e1eb3d13bfe6ceec5a51cf57de6153f8beb9fa411c2ee41267d5537c28f1a693e0dcf163","ssdeep":"1536:5u5a2e8NCvmc5alyAAVpbxH6Je6xBQSLfc:I5exolyvVpCeDWc","tlshash":"9133f18b09783866db791ffd0194cb4f8f0b042875b503d92ae82a2ef4153c76f51da9","first_seen":"2025-03-04T11:41:41.914214Z","last_seen":"2026-03-14T15:37:32.964267Z","times_seen":27,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":89,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tsyndicate.com/api/v2/retargeting/set/bff23756-21d2-46e2-8261-55d262650959","fqdn":"tsyndicate.com","domain":"tsyndicate.com","tld":"com"},"ip":{"addr":"167.235.113.12","port":443,"asn":24940,"as":"Hetzner Online GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tsyndicate.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Mon, 12 Jan 2026 21:10:37 GMT","end":"Sun, 12 Apr 2026 21:10:36 GMT"},"fingerprint":{"sha1":"B6:15:12:29:67:B2:79:BB:B9:27:2A:13:2A:52:49:F1:5E:B1:57:B2","sha256":"1E:44:91:DA:31:86:64:64:2C:35:4F:C0:5C:4D:5C:04:4A:36:8D:81:12:62:10:C9:80:81:64:3A:1B:4E:35:05"}}},"request":{"raw":"GET /api/v2/retargeting/set/bff23756-21d2-46e2-8261-55d262650959 HTTP/1.1\r\nHost: tsyndicate.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\ncontent-type: image/gif\r\ncontent-length: 43\r\npragma: no-cache\r\nexpires: 0\r\nvary: *\r\nx-api-version: 2\r\nset-cookie: ts_rt_bff23756-21d2-46e2-8261-55d262650959=AAMC; expires=Sat, 16 Jan 2027 15:53:16 GMT; domain=.tsyndicate.com; path=/; HttpOnly; secure; SameSite=None\r\ncache-control: no-cache, no-store, no-transform, must-revalidate, no-transform\r\nx-robots-tag: none, noindex, nofollow\r\nreport-to: { \"url\": \"https://pxl.tsyndicate.com/api/v1/heavy-ad/report\", \"max_age\": 86401 }\r\naccept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64\r\npermissions-policy: ch-ua-model=(self \"https://tsyndicate.com\"), ch-ua-platform-version=(self)\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"ba036c43037cfe89320d1ef7b64cd43f","sha1":"88c72d3e26047eb1e45e5564a76427734f120efe","sha256":"42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb","sha512":"aa80ccd27c05eb729f730b9d830b011650bcf12cbb25d19edf29efcf962c7465bb5685a5ff5d084356c6710c08e829d16b59e7a59a41767eb14744f326b6c124","ssdeep":"","tlshash":"19900403f5400003d175d03107170340134cd110057c0307405d505cdc553510c01010","first_seen":"2023-05-10T09:10:20Z","last_seen":"2026-04-04T15:56:24.100722Z","times_seen":14421,"resource_available":false,"data":null}},"time_used":226,"timings":{"blocked":92,"dns":36,"connect":27,"send":0,"wait":25,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hetetreff.com/favicon/favicon.ico","fqdn":"www.hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /favicon/favicon.ico HTTP/1.1\r\nHost: www.hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: Apache/2.4.58 (Ubuntu)\r\nvary: X-Forwarded-Proto\r\nlast-modified: Wed, 14 Jan 2026 12:30:00 GMT\r\netag: \"232-6485844547a2f\"\r\naccept-ranges: bytes\r\ncontent-length: 562\r\nx-ua-compatible: IE=edge,chrome=1\r\ncontent-type: image/vnd.microsoft.icon\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":562,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"0de4e3f2ad67ba43ab2a686af1986cf7","sha1":"66d9c1216fc216e137718b0d86738b0f0827c625","sha256":"d1ec9030746b9a1255573a1316fc677925e511c2c3f6f81b20c7e9176fe37b06","sha512":"4ac3a0118776f71178820ab2492032d8c0fbc965e6f7f33aa5bc1f8f9139577e7ce561f5610af72d578319839e2b2d0932d88fb6dd66670b18a1b064102d414d","ssdeep":"","tlshash":"3ff026dd137c6e489742c192cd5f5c20f71f55d684551180eb27404c2d1714aad5e662","first_seen":"2023-10-22T04:57:53Z","last_seen":"2026-02-08T04:48:32.676994Z","times_seen":24,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"www.hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/styles__ltr.css","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","date":"2026-01-16T15:53:17.751Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/styles__ltr.css HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 42553\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 16 Jan 2026 09:04:01 GMT\r\nexpires: Sat, 16 Jan 2027 09:04:01 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 12 Jan 2026 01:00:14 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nage: 24556\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":83364,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"0e6fd8b6da2dcf5ca36317d505430750","sha1":"4909b6a1aa64d81acf66992af2f963a2ad82600d","sha256":"08003ec505dd59b8ccc0207938aa40d0ee43099fbaff76d2301cfe614b997e9f","sha512":"10b39a632b56defdca12f351df51b32d94ffc82939997fe087601f1016fc441788c0dc8559e8090c9bff30890587aabd0c59a2e7171ae7b6f63096acc2e43bab","ssdeep":"1536:1fGNbFoZJSUYOOaLnAW8+IcTOImIdthXwW5l1Dx7:1GRFauOxLA/+IcTOiLX1","tlshash":"b5838e7338513b39fc2b9b616186b9edf21cc423e5514bfab5497a20c3db19a8253b07","first_seen":"2026-01-15T01:58:18.135687Z","last_seen":"2026-03-14T22:28:56.485509Z","times_seen":21668,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":22,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/translations/nb-no2.json","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.392Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/translations/nb-no2.json HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nX-Requested-With: XMLHttpRequest\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:11:20 GMT\r\nserver: nginx/1.14.2\r\ncontent-length: 129904\r\nx-guploader-uploadid: AJRbA5W7ku0wusXCxw2DtoILw9ZUEItbwWSskViK9AngIP6khB_3Mh62UQCoGhPO44XUcamhXWvOOyg\r\nx-goog-generation: 1768327897983076\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 129904\r\nx-goog-hash: crc32c=2K6OZQ==, md5=eSmbYxowuFNHqMkI2QVSpw==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nvia: 1.1 google, 1.1 google\r\nage: 2517\r\nlast-modified: Wed, 14 Jan 2026 11:54:35 GMT\r\netag: \"79299b631a30b85347a8c908d90552a7\"\r\ncontent-type: application/json\r\ncache-control: public,max-age=3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":129904,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (940)","md5":"a9758043c224612d430833b0c7555e85","sha1":"5744ced659a0dfa289867dc9f9bf7e533a82f217","sha256":"7ffb7f41fb1a6641baf8f2f463b286ae01d4150e59aee849b76d3a658d1ec906","sha512":"ebcd36826ef16cfb42e9b338e943f2c493d288955f19d7c80f8df663ec6519df810045fbf4127064d16657485d56fd7417d8c3b42ee02a602e3a5c7994cc95ad","ssdeep":"1536:VvlrsWSiUPlfNqd7R8BP6uDryT04BCpXllYZnLmje1vqiv4sDEv6o9U:xlYXfPtw3MPNDryI4yagepqGd","tlshash":"0cc370b1e4929f2350d01674f8a56503953c856b9f84b0e5b78c876e0fcf96f38ba24e","first_seen":"2026-01-13T15:59:55.502228Z","last_seen":"2026-01-18T16:45:57.168299Z","times_seen":11,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sync_events.atsptp.com/p/e","fqdn":"sync_events.atsptp.com","domain":"atsptp.com","tld":"com"},"ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:19.101Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"atsptp.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 16:49:58 GMT","end":"Wed, 04 Mar 2026 16:49:57 GMT"},"fingerprint":{"sha1":"7A:37:DF:38:C5:79:84:EE:14:E6:AD:B5:9F:22:A6:F7:96:48:74:67","sha256":"01:7A:0B:E1:99:12:7D:A5:4A:8E:E5:29:1B:86:90:62:7A:B6:AC:7F:6A:73:B7:86:84:DF:AF:74:C9:24:C5:20"}}},"request":{"raw":"POST /p/e HTTP/1.1\r\nHost: sync_events.atsptp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nContent-Length: 516\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":516,"data":"eyJkbXBfdWlkIjoiMTQzMTUwZDItYTMyNS1hMDI3LTBhNTMtMGQ5ZDQwNTI3MDhkIiwicHJvZHVjdF9pZCI6MzUwNjIsInByb2R1Y3RfaWRfdHlwZSI6bnVsbCwic291cmNlIjoicGl4ZWwiLCJldmVudF9uYW1lIjoiUHJlc2VsbCBQYWdlIFZpc2l0IiwiZXZlbnRfdmFsdWUiOiIwLjAwMSIsImV2ZW50X3R5cGUiOiJJbnF1aXJ5Iiwib3B0aW9ucyI6eyJpZGVudGlmaWVycyI6eyJkbXB1aWQiOlsiMTQzMTUwZDItYTMyNS1hMDI3LTBhNTMtMGQ5ZDQwNTI3MDhkIl19fSwiZ2xvYmFsIjp7fSwibWV0YWRhdGEiOnsidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQ7IHJ2OjEzNC4wKSBHZWNrby8yMDEwMDEwMSBGaXJlZm94LzEzNC4wIn19"}},"response":{"raw":"HTTP/3 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET, POST\r\naccess-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With\r\naccess-control-allow-origin: https://hetetreff.com\r\nset-cookie: d_uidb=143150d2-a325-a027-0a53-0d9d4052708d\r\ndate: Fri, 16 Jan 2026 15:53:19 GMT\r\ncontent-type: application/json\r\ncontent-length: 8\r\nvia: 1.1 google\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nalt-svc: h3=\":443\"; ma=3600\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":8,"size_decoded":0,"mime_type":"application/json","magic":"ASCII text, with no line terminators","md5":"c5946eb9400717fd6f40e26e36cdb498","sha1":"38428a698ab1222540680e7ab78e1d739e9afd1c","sha256":"318c5ad51e9b36ff5924ae323dd59031245413a3e0f2aa3e03cc42902e9e7acc","sha512":"f2e79b59e286405076bdaffa56310693bf20fa909a5acaed6c11c901e09bbb9bd2eb4fea8b83daa7ecf5d1346997167785222ed645b15ae9435c6a6c2d4f44cf","ssdeep":"","tlshash":"8f500000000300030000000000003000000000c0030000c00cfc000000000300000000","first_seen":"2023-04-06T21:19:48Z","last_seen":"2026-04-03T20:24:15.157475Z","times_seen":1216,"resource_available":true,"data":null}},"time_used":140,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":139,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/images/landing005/default/default/slide02.webp?geo=no","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:22.688Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/images/landing005/default/default/slide02.webp?geo=no HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: _ga_QXFHHE16V3=GS2.1.s1768578798$o1$g0$t1768578798$j60$l0$h0; _ga=GA1.1.816410706.1768578798; d_fs=1; d_uid=143150d2-a325-a027-0a53-0d9d4052708d; d_uidb=143150d2-a325-a027-0a53-0d9d4052708d\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:22 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 81796\r\nlast-modified: Fri, 16 Jan 2026 08:49:13 GMT\r\netag: \"6969fb89-13f84\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 22258085\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":81796,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0395c497184c11b5027587ddda56ca31","sha1":"bf3579f873a53ecb49b9bbc9c0dbfbc8f66cec1a","sha256":"ea1d86fe689e7ffdeb29747b9ec2c6c6f88e18b045a702edc0c9bf8755f2e8db","sha512":"2220642ff46b8c693a326af8975d2b219532b2965d31f207a403aee9f5a8d47705c27c156a48c422b69a4b74bc630eccd8616e1f2f2a474fb81732bd79db08bd","ssdeep":"1536:omBhHaZ7qDmlJX1KJplxKXVGRAslHL3io9t4VMEfaaqqXdio4Q1t:vBhqfl+n0XVGRAIL3iYetPXdNt","tlshash":"e483f1b7e4cccc90e90df4be127496ec4e688ab3d7e83703a4155a2c0451a977b7a64f","first_seen":"2025-03-04T11:41:41.903644Z","last_seen":"2026-03-14T15:37:32.972293Z","times_seen":27,"resource_available":false,"data":null}},"time_used":99,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":87,"receive":11,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/css/landing005.css","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/css/landing005.css HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: text/css;charset=UTF-8\r\nx-powered-by: PHP/7.2.34\r\nx-host: hetetreff.com\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 16667454\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":28638,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"d65bca54a25ffe0a15bab7c6434a1878","sha1":"8d942b6bf6a2aa7cc3eefcc13713eab6a282edf4","sha256":"f24736cb4047186d0880c664017a6bb87a8833ed8b1e193bf9ce3b82106a6b58","sha512":"284d5925c201d8981482a9e0f638980a0eae4f044a39eae553784345545071e09bd95d391ebf5d13293af9b6091339b4d35f7922b55face12b71429158a73e80","ssdeep":"768:zeCZmqjUFKSFGFeFpBoCSJWt9ReFMjzbFHr:DZM0SIEPBoCSovReCjzbFHr","tlshash":"c9d211ae2af11108626b895427de2b34371cc8a3661feceaf1d1249dcfd1b9d16c534b","first_seen":"2026-01-16T15:53:44.28706Z","last_seen":"2026-01-16T15:53:44.28706Z","times_seen":1,"resource_available":false,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":280,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/js/landing005.js","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/js/landing005.js HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 16 Jan 2026 08:49:14 GMT\r\netag: W/\"6969fb8a-10d2d\"\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 21824130\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":68909,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65473), with no line terminators","md5":"cb2f95ccf7e7a42c1ed8ca6af66062e3","sha1":"501db90ac94380aa56a659440ae59807fb4b7a56","sha256":"6459dcdc71fc4f0454acd90919e8d9d7e3ca6c51c0fad147735fa3f62527bc8b","sha512":"4d8fb1801b8b88bfeec2516301132c802ca753b51568a13c53d4d3912aa3ff11bfee2736bb749fd81b62523c6c4a03fa3e578b429749a6fce409933dcd861469","ssdeep":"768:VmGJss4y2mPLvVOAizVSofFceBIrzXF+/ZCanGxuhu6e+s5yVSHQp4HhACI5Fea4:Vm2t4y2tA1SCLhigg+b","tlshash":"d563fa8cf2a5f1a2039360f8112f1106b277a9686c0994a4f714c9d13db9d4bb6b7f7e","first_seen":"2026-01-15T15:39:54.353946Z","last_seen":"2026-01-19T15:55:41.608422Z","times_seen":3,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/loadSegment","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"OPTIONS /consent/loadSegment HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://hetetreff.com/\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/confirmExplicit","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:19.040Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"OPTIONS /consent/confirmExplicit HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://hetetreff.com/\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:19 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cybermeetme2.com/?utm_campaign=n30CDtGmuM\u0026s2=wln7k6ka2qfjgnkf347h99a2\u0026aid=12125\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s4=","fqdn":"cybermeetme2.com","domain":"cybermeetme2.com","tld":"com"},"ip":{"addr":"188.166.38.225","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-16T15:53:15.112Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cybermeetme2.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Sun, 04 Jan 2026 11:06:58 GMT","end":"Sat, 04 Apr 2026 11:06:57 GMT"},"fingerprint":{"sha1":"69:E8:88:69:27:6F:9E:36:3D:F2:48:FC:90:BB:3C:5C:B9:5C:3B:1E","sha256":"9E:00:3F:FD:A7:F0:A4:B2:DD:B3:46:47:31:DF:36:9E:A2:AD:F4:A5:58:E6:BF:B8:91:A1:E7:7A:E9:25:8A:48"}}},"request":{"raw":"GET /?utm_campaign=n30CDtGmuM\u0026s2=wln7k6ka2qfjgnkf347h99a2\u0026aid=12125\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s4= HTTP/1.1\r\nHost: cybermeetme2.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://tracksrouting.com/?c=58564\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s5=ZEU-c7a98f61-6174-4862-88ea-7bb1ae8f4fcf\u0026s2=wln7k6ka2qfjgnkf347h99a2\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s4=\u0026a=12125\r\nreferrer-policy: no-referrer\r\nserver: nginx/1.15.7\r\nset-cookie: sess-2dbe9c0896cf69471e4cb07941a3a69e=MTc2ODU3ODc5NXxtMXlWcVprT3l6ZG03MEF6LUpJVGJsUDliWGJjNHhMNTFZTEVRS29kOW1vSk9raGE2UWZ6dUprPXyW7uuiTPqZHiU-s09sOSPITo8F8N61t2kGwl0cQheAwA==; Max-Age=31536000; HttpOnly\r\ncontent-length: 0\r\ndate: Fri, 16 Jan 2026 15:53:15 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx:1.15.7","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29715,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":95,"dns":38,"connect":21,"send":0,"wait":28,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixel.rtbix.com/r?hash=dYmamhQsJL3dBvu","fqdn":"pixel.rtbix.com","domain":"rtbix.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rtbix.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 15:52:47 GMT","end":"Tue, 07 Apr 2026 16:51:38 GMT"},"fingerprint":{"sha1":"CB:9B:31:32:46:1C:5B:B7:78:B1:79:32:01:DF:F1:FB:F9:09:21:FB","sha256":"6A:74:5F:A3:4C:84:85:7E:8E:45:AC:7D:33:0A:AB:73:E0:58:C7:9C:47:2A:11:E4:61:8F:99:16:FE:B8:29:4F"}}},"request":{"raw":"GET /r?hash=dYmamhQsJL3dBvu HTTP/1.1\r\nHost: pixel.rtbix.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nserver: cloudflare\r\npriority: u=4,i=?0\r\ncache-control: private, max-age=0, no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=J9LEEWeL1FNpcNcIgEgc0nrTbd1J2QtU1jSfawGZeFOObdhyyA%2FBORv%2Bsx4ckBWPLM36aMj0F7O47wycwWqFbWfb3BDNeIiSrj0e4fo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9beec8ea3df556c5-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":48,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":48,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/load","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"OPTIONS /consent/load HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://hetetreff.com/\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":50,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":49,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"sync.atsptp.com/d/product/35062/jsfp/cc3a645ed66bed135b90b805ff3c8a75","fqdn":"sync.atsptp.com","domain":"atsptp.com","tld":"com"},"ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"atsptp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 16:52:36 GMT","end":"Wed, 04 Mar 2026 16:52:35 GMT"},"fingerprint":{"sha1":"E7:87:CB:AA:82:80:59:4A:55:CD:86:88:32:2D:F1:C0:D7:7F:C6:04","sha256":"46:E2:CC:07:05:D7:C2:B5:1D:F4:91:AC:FC:88:03:CD:34:E9:48:B3:02:C5:31:F8:77:8F:36:F5:88:2D:62:9F"}}},"request":{"raw":"GET /d/product/35062/jsfp/cc3a645ed66bed135b90b805ff3c8a75 HTTP/1.1\r\nHost: sync.atsptp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nset-cookie: d_uidb=143150d2-a325-a027-0a53-0d9d4052708d; Max-Age=31536000; Expires=Sat, 16 Jan 2027 15:53:18 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\naccess-control-allow-origin: https://hetetreff.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncontent-length: 36\r\nvia: 1.1 google\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nalt-svc: h3=\":443\"; ma=3600\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":36,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"99e5f241bb61f15778688b123f2f2086","sha1":"f2f1641d868b44d89a0f2712878bba2b8f145b22","sha256":"45b3d956bffeb8d3ce32daf0fd65969bc927256041d8857d40352cffb5a9dffb","sha512":"0aad35e4f691f09961195f8ed570bda49b0525eff86b234d7eba4f1e3a56603988165c3e08a3df6bd480c90926f7e5405f57d32a6cbab34db53ca09447d0c7a6","ssdeep":"","tlshash":"1880044070004703f5014f471005c10c013c450500415144c5154704d053705dc40d14","first_seen":"2026-01-06T15:21:44.207257Z","last_seen":"2026-04-03T20:24:15.138197Z","times_seen":261,"resource_available":false,"data":null}},"time_used":243,"timings":{"blocked":51,"dns":1,"connect":19,"send":0,"wait":140,"receive":0,"ssl":29},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tracksrouting.com/?c=58564\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s5=ZEU-c7a98f61-6174-4862-88ea-7bb1ae8f4fcf\u0026s2=wln7k6ka2qfjgnkf347h99a2\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s4=\u0026a=12125","fqdn":"tracksrouting.com","domain":"tracksrouting.com","tld":"com"},"ip":{"addr":"52.72.87.177","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-16T15:53:15.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.tracksrouting.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 06 Oct 2025 02:02:12 GMT","end":"Sat, 07 Nov 2026 02:02:11 GMT"},"fingerprint":{"sha1":"23:0B:3A:14:1A:D9:C3:79:9F:4F:CA:C2:27:FD:48:F5:7D:11:8B:22","sha256":"1E:76:0B:2C:B1:4E:11:C9:70:28:47:6B:AD:29:A8:14:8D:EB:E4:CA:26:12:60:94:DD:1E:89:97:65:57:8C:99"}}},"request":{"raw":"GET /?c=58564\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s5=ZEU-c7a98f61-6174-4862-88ea-7bb1ae8f4fcf\u0026s2=wln7k6ka2qfjgnkf347h99a2\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s4=\u0026a=12125 HTTP/1.1\r\nHost: tracksrouting.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Length: 219\r\nContent-Type: text/html; charset=utf-8\r\nDate: Fri, 16 Jan 2026 15:53:15 GMT\r\nLocation: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nP3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nSet-Cookie: sid=5KxOjr7yHQTSXH2F3Ah0962dARtvZoLRuJt/Iz9ooQrkctefQD3fwA==; domain=.tracksrouting.com; path=/; HttpOnly\ntrk=8BUgb+2iOupw4eEvSeg92a2dARtvZoLRuJt/Iz9ooQrkctefQD3fwA==; domain=.tracksrouting.com; expires=Sun, 16-Jan-2028 15:53:15 GMT; path=/; HttpOnly\nc15453=5KxOjr7yHQRMpMS2mMWfA8gBvbczDL/y9tbS2/OJTxl3g4rnTMuwvg==; domain=.tracksrouting.com; expires=Sun, 15-Feb-2026 15:53:15 GMT; path=/; HttpOnly\r\nConnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":29715,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1317,"timings":{"blocked":518,"dns":26,"connect":93,"send":0,"wait":279,"receive":2,"ssl":396},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hw-cdn2.adtng.com/delivery/idsync/idsync.min.js","fqdn":"hw-cdn2.adtng.com","domain":"adtng.com","tld":"com"},"ip":{"addr":"151.101.67.52","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.adtng.com","organization":"AYLO Premium Ltd"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 30 Jun 2025 00:00:00 GMT","end":"Tue, 28 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:67:8C:D2:F3:88:16:3D:99:D4:20:FD:1B:49:11:66:D1:6A:9F:43","sha256":"1A:A3:49:5D:8F:EA:EA:8E:F5:2F:82:5F:FF:33:C6:FF:50:0C:CF:FF:CA:65:5C:0A:74:2F:DB:27:1B:12:CF:EA"}}},"request":{"raw":"GET /delivery/idsync/idsync.min.js HTTP/1.1\r\nHost: hw-cdn2.adtng.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty/1.19.9.1\r\ncontent-type: application/javascript\r\nlast-modified: Wed, 03 Sep 2025 18:59:06 GMT\r\netag: \"d827-63dea32e8ecb5\"\r\nexpires: Mon, 05 Jan 2026 04:16:56 GMT\r\ncache-control: max-age=10660606, stale-while-revalidate=86400, stale-if-error=86400\r\nvia: 1.1 varnish, 1.1 varnish\r\nlei-timing: fetch=29451,misspass=106,do_stream=0\r\nlei-origin: shield=AMS,alternate_path=0,port=80,name=shield_cache_ams2100142_AMS,reason=OK,method=GET,host=hw-cdn2.adtng.com\r\nbackend_is_origin: 0\r\naccept-ranges: bytes\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\nage: 1520946\r\nx-served-by: cache-ams2100142-AMS, cache-hel1410020-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 67, 895\r\nx-timer: S1768578797.865822,VS0,VE0\r\naccess-control-allow-origin: *\r\ncontent-length: 55335\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"OpenResty:1.19.9.1","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":55335,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (55328), with no line terminators","md5":"314cda749bceaf674446b0b6e294595a","sha1":"691325db17552447e53fb6a090a736955edaebc5","sha256":"875c9225e41341067eee9916c855e4e636ce8554784aecddcddee14a4467098e","sha512":"4dbef550be549df2aa5640cf8f91611d7e42d4551516863f293ba08c6d10ae37cc5441cc763440949d5cf4f4686e93ad1b67fc827c3b0766ff2bac41178ac640","ssdeep":"768:66VT558z8h4yo3pc9NwlJWDNEqLcgOKq8wOElg+:6qZxo3peNMJWZEqLcBZ","tlshash":"874318c9b2c3b06852a338b9443f200ab23e7e56641d8851e562d5d1bc79e5f9233fbd","first_seen":"2025-09-03T22:43:19.182619Z","last_seen":"2026-03-28T10:16:01.915212Z","times_seen":949,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":60,"dns":14,"connect":28,"send":0,"wait":27,"receive":30,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.twinrdengine.com/beh.engine?b=551\u0026o=1\u0026x=\u0026s=","fqdn":"ad.twinrdengine.com","domain":"twinrdengine.com","tld":"com"},"ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ad.twinrdengine.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Dec 2025 15:32:51 GMT","end":"Mon, 23 Mar 2026 16:28:46 GMT"},"fingerprint":{"sha1":"02:0E:19:90:FE:EB:CD:15:18:37:00:35:AD:34:18:E3:6A:DA:D8:A3","sha256":"81:FD:A2:C7:B7:0F:12:79:16:29:FF:78:75:2F:D7:3D:5D:C7:4C:52:D1:27:21:05:6B:C5:69:BD:CA:25:85:2F"}}},"request":{"raw":"GET /beh.engine?b=551\u0026o=1\u0026x=\u0026s= HTTP/1.1\r\nHost: ad.twinrdengine.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":119,"dns":13,"connect":27,"send":0,"wait":56,"receive":0,"ssl":89},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixel.rtbix.com/r?hash=dYmamhQsJL3dBvu","fqdn":"pixel.rtbix.com","domain":"rtbix.com","tld":"com"},"ip":{"addr":"188.114.97.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"rtbix.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 07 Jan 2026 15:52:47 GMT","end":"Tue, 07 Apr 2026 16:51:38 GMT"},"fingerprint":{"sha1":"CB:9B:31:32:46:1C:5B:B7:78:B1:79:32:01:DF:F1:FB:F9:09:21:FB","sha256":"6A:74:5F:A3:4C:84:85:7E:8E:45:AC:7D:33:0A:AB:73:E0:58:C7:9C:47:2A:11:E4:61:8F:99:16:FE:B8:29:4F"}}},"request":{"raw":"GET /r?hash=dYmamhQsJL3dBvu HTTP/1.1\r\nHost: pixel.rtbix.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\ncontent-type: text/plain; charset=utf-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: private, max-age=0, no-cache\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=mi0ai%2BK2OwDDuZB4h47nK4lMTXOcpsZYfyEFuq004uj4xiBg52JncOthyVAPXzjpltxMyHnm6sed%2FvzvskExEKNzJV0MzKeX%2BXPYAEFKHg%3D%3D\"}]}\r\ncontent-encoding: br\r\ncf-ray: 9beec8e82a09b28a-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":39,"dns":34,"connect":1,"send":0,"wait":103,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"trackoptimise.com/?a=12125\u0026c=64411\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s2=wln7k6ka2qfjgnkf347h99a2","fqdn":"trackoptimise.com","domain":"trackoptimise.com","tld":"com"},"ip":{"addr":"34.198.200.159","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-16T15:53:13.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.trackoptimise.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2025","organization":"GlobalSign nv-sa"},"validity":{"start":"Tue, 07 Oct 2025 01:58:11 GMT","end":"Sun, 08 Nov 2026 01:58:10 GMT"},"fingerprint":{"sha1":"CB:EB:76:DF:79:9C:10:52:B3:73:9D:42:53:B0:03:95:A4:CA:0D:69","sha256":"9A:E7:2D:1B:63:52:78:F7:D5:66:15:F6:D2:12:8B:1C:A7:A8:C2:C1:9F:73:99:1D:F7:34:2B:CC:65:F7:82:32"}}},"request":{"raw":"GET /?a=12125\u0026c=64411\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s2=wln7k6ka2qfjgnkf347h99a2 HTTP/1.1\r\nHost: trackoptimise.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Length: 335\r\nContent-Type: text/html; charset=utf-8\r\nDate: Fri, 16 Jan 2026 15:53:14 GMT\r\nLocation: https://pleaseclickmenow.com/?a=12125\u0026c=64411\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s2=wln7k6ka2qfjgnkf347h99a2\u0026ckmguid=100a3a12-118a-4059-90aa-f9919acbfb86\r\nConnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":29715,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1701,"timings":{"blocked":760,"dns":28,"connect":92,"send":0,"wait":173,"receive":0,"ssl":645},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"trackoptimise.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 364933\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 16 Jan 2026 09:04:03 GMT\r\nexpires: Sat, 16 Jan 2027 09:04:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 12 Jan 2026 01:00:14 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 24554\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":856260,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (670)","md5":"01a39bba6df66b9b6c1ce105b37d948c","sha1":"cc4c7d59b3ce8ec9d8ddb107b19b42f2052a7d94","sha256":"d89a3b683ad06f027eaf33c886083c7d6f0fe88ee28e646059c4f521a166cde3","sha512":"4e644ffbbda98fe7ba928b7ba56d5e7bdec3c6320bac4c5518e4a2671ccc0c1192f11f0148949f54be666368f7ffb062296135145dca1f01fa1c3259d4a080e1","ssdeep":"12288:CcrIRP7yj+Ql2v2ZQqbrH4SJoR4yjom71o:jIhyj+RRqbrYSJw4yT71o","tlshash":"9a0529ca721275f94332b4f92037142a936daa25940c0d5db259c8f52ff2c6931beeb7","first_seen":"2026-01-15T01:58:18.084345Z","last_seen":"2026-03-27T14:07:59.271507Z","times_seen":25478,"resource_available":true,"data":null}},"time_used":157,"timings":{"blocked":54,"dns":1,"connect":8,"send":0,"wait":9,"receive":39,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samlesamtykke.com/cc.js?wId=28oTX6uLXHkFoLq9L7hglB\u0026domain=hetetreff.com\u0026languageCode=nb\u0026languageTerritory=NO\u0026sessionId=c1af4dd267844d3a8be5a69281ae74f5","fqdn":"samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"GET /cc.js?wId=28oTX6uLXHkFoLq9L7hglB\u0026domain=hetetreff.com\u0026languageCode=nb\u0026languageTerritory=NO\u0026sessionId=c1af4dd267844d3a8be5a69281ae74f5 HTTP/1.1\r\nHost: samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 20678\r\ncontent-type: application/javascript\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":159182,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text","md5":"86fa9ec341841dde29843bc7b3c5cbe9","sha1":"4305f0088ed1301b8ec116c1617feee2577b3365","sha256":"ed9cb5d7296b35778354efb600955858f57f5a459a0f2abda265d176b3a21b94","sha512":"c31e2dbe8cf26f10b412a7821810b5a939cd2171f2c1d6fddd17b9c33dc2cf5e5bd3d8769f41f0e328a1da53fac71937201d345ab61d8a478bb36e883de32674","ssdeep":"1536:kDA9ANwksb7jGaxkGCNMPWiaDQnNJ/rsdNJOTfn5aLNTiTeVdT0k1WfEV1mBHRMo:0Atksb7jGa1bH510wj","tlshash":"1af32e4a35e7563242df707e5e4f609cb134852714099800bcac97d88fb5f2866fafea","first_seen":"2026-01-16T15:53:44.289901Z","last_seen":"2026-01-16T15:53:44.289901Z","times_seen":1,"resource_available":true,"data":null}},"time_used":360,"timings":{"blocked":132,"dns":42,"connect":27,"send":0,"wait":86,"receive":8,"ssl":61},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KBRH6NB","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.711Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtm.js?id=GTM-KBRH6NB HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nexpires: Fri, 16 Jan 2026 15:53:17 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Fri, 16 Jan 2026 15:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 118236\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":359413,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (13390)","md5":"9ee61ab1b9ef59a50d529bef69fb5e89","sha1":"7ce0a12098ccb2eee49526e252b077a407a9560d","sha256":"4b9641dd65de7096031f9dff0897dd6f412eb8b7a00689e1367caf384f219e98","sha512":"e5aaf1d21da9c7752a709cdfa7cc1aadeb2493699be8998f8001de66c56aa4cdfb18eeac45f57e2598b015e1cfc9c75227191530d7415246b25fd79acb0ef3ba","ssdeep":"3072:Lgv/rKtGTln5O/j06lnHEL/KQvwUcDqNFZ+AUGWNo3HDoH4fc1Ygd7dpX878cJy3:LeJn5YNGvjHjUG6ozDfc1YgdxpX875y3","tlshash":"b87418cdb3c6742683a3a474503f018ba57b28d2b44cd895f18accd42e74aaa5277f7d","first_seen":"2026-01-16T15:53:44.290934Z","last_seen":"2026-01-17T02:51:00.582493Z","times_seen":2,"resource_available":true,"data":null}},"time_used":236,"timings":{"blocked":71,"dns":3,"connect":20,"send":0,"wait":31,"receive":56,"ssl":51},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/collector","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.718Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"OPTIONS /consent/collector HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://hetetreff.com/\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":215,"timings":{"blocked":82,"dns":38,"connect":12,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/collector","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"POST /consent/collector HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 169\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":169,"data":"{\"identification\":{\"wId\":\"28oTX6uLXHkFoLq9L7hglB\",\"dId\":\"26tpDQf3rxsxHGHd7oprun\",\"sId\":\"3teMKOo1DhokblXBNjSg7P\"},\"locale\":{\"languageCode\":\"nb\",\"languageTerritory\":\"NO\"}}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 4967\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4967,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"d678111da28a4479397a3e313ae14ea2","sha1":"a376c52e0d29a29ecb7927de158673158ac8b034","sha256":"101e73e1f64c29449cfba7e126f390c1dceaae81e2240befb76fd605868cc8d8","sha512":"505d91e0cff3fc0bc65987003021b17662c0c4567e982e75520842339f8a40ddf8292cf3618f0bbb50fd2987a7b7101fcc7778237be487e5f965637fa48f4f9b","ssdeep":"48:prsrdYcrhYrpp0SCzsPnWreUbnMJWFEbvPQkrXrs5r9r4rkrStrAn:pyd94X09sPQ/bMjb3QGbKJaGS5A","tlshash":"37a1ed7e056881fdabff71a9c6071958676c11f3b2487c05e99cc1b86cfa1d032b162b","first_seen":"2024-08-21T23:41:03Z","last_seen":"2026-01-18T15:18:49.456144Z","times_seen":36,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","date":"2026-01-16T15:53:18.138Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 14 Jan 2026 21:35:41 GMT\r\nexpires: Thu, 14 Jan 2027 21:35:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 152257\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T15:49:29.357561Z","times_seen":714814,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":64,"dns":1,"connect":20,"send":0,"wait":9,"receive":3,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/webworker.js?hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","date":"2026-01-16T15:53:18.143Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /recaptcha/enterprise/webworker.js?hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq\r\nSec-Fetch-Dest: worker\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\nexpires: Fri, 16 Jan 2026 15:53:18 GMT\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncross-origin-resource-policy: same-site\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":102,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"dc011820123ba7745da88094e558d501","sha1":"ca9ed775a451ed17f426795f4c926fce035a0f4e","sha256":"f1e9611d7795cd326e7d7976787823be8c1a258d2be43c91cdb43d447c5e4ac7","sha512":"58e9da875323ba2577a7263bf4c19cac84fed1386778f6b7793e821dfab0f2857d0cb0ba2691fa7c98c32a5a2399b7d2767e293618e24f5699e2a335571ac74e","ssdeep":"","tlshash":"bfb012a30611cc280c800a93e927dbb8e4066078ead0d0f5b0291ffc55301b74125400","first_seen":"2026-01-15T01:58:18.123308Z","last_seen":"2026-03-14T22:28:56.501982Z","times_seen":21042,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":3,"dns":0,"connect":0,"send":0,"wait":19,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/images/loader/loading.webp","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/images/loader/loading.webp HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 1054\r\nlast-modified: Fri, 16 Jan 2026 08:49:14 GMT\r\netag: \"6969fb8a-41e\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 21824119\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1054,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"32e9921a6e2174afbf4451c49adf1d4d","sha1":"f13214fa19e26a9210f0d237d39533c35eaa184d","sha256":"6a3e1b9c1e7f8766d521750f974dc78fe5ae55174d54c2eebbbe510c5887250e","sha512":"3c5d044b87f7a4e91620b3badbae4527a377a9a111906584f64f5d44ddd015932367620d993657512133457ad8e2593d746c7b06f02a9a5cbbdbee4972cbfd99","ssdeep":"","tlshash":"7b11b6fba396e6c0e1f45dfb60995800f71788148867dd961417b8b6f3a3280f50a7b8","first_seen":"2025-01-27T15:47:23.301014Z","last_seen":"2026-04-03T20:24:15.147791Z","times_seen":642,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sync.atsptp.com/link/143150d2-a325-a027-0a53-0d9d4052708d/origin/a/oldd/143150d2-a325-a027-0a53-0d9d4052708d","fqdn":"sync.atsptp.com","domain":"atsptp.com","tld":"com"},"ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:19.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"atsptp.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 16:49:58 GMT","end":"Wed, 04 Mar 2026 16:49:57 GMT"},"fingerprint":{"sha1":"7A:37:DF:38:C5:79:84:EE:14:E6:AD:B5:9F:22:A6:F7:96:48:74:67","sha256":"01:7A:0B:E1:99:12:7D:A5:4A:8E:E5:29:1B:86:90:62:7A:B6:AC:7F:6A:73:B7:86:84:DF:AF:74:C9:24:C5:20"}}},"request":{"raw":"POST /link/143150d2-a325-a027-0a53-0d9d4052708d/origin/a/oldd/143150d2-a325-a027-0a53-0d9d4052708d HTTP/1.1\r\nHost: sync.atsptp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-type: text/plain\r\nContent-Length: 144\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":144,"data":"W3sicHJvZHVjdCI6MzUwNjIsInByb2R1Y3RJZFR5cGUiOm51bGwsInR5cGUiOiJqc2ZwIiwidmFsdWUiOiJjYzNhNjQ1ZWQ2NmJlZDEzNWI5MGI4MDVmZjNjOGE3NSIsIm5ldyI6dHJ1ZX1d"}},"response":{"raw":"HTTP/3 200 OK\r\nset-cookie: d_uidb=143150d2-a325-a027-0a53-0d9d4052708d; Max-Age=31536000; Expires=Sat, 16 Jan 2027 15:53:19 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax\r\ndate: Fri, 16 Jan 2026 15:53:19 GMT\r\naccess-control-allow-origin: https://hetetreff.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncontent-length: 36\r\nvia: 1.1 google\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nalt-svc: h3=\":443\"; ma=3600\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":36,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"99e5f241bb61f15778688b123f2f2086","sha1":"f2f1641d868b44d89a0f2712878bba2b8f145b22","sha256":"45b3d956bffeb8d3ce32daf0fd65969bc927256041d8857d40352cffb5a9dffb","sha512":"0aad35e4f691f09961195f8ed570bda49b0525eff86b234d7eba4f1e3a56603988165c3e08a3df6bd480c90926f7e5405f57d32a6cbab34db53ca09447d0c7a6","ssdeep":"","tlshash":"1880044070004703f5014f471005c10c013c450500415144c5154704d053705dc40d14","first_seen":"2026-01-06T15:21:44.207257Z","last_seen":"2026-04-03T20:24:15.138197Z","times_seen":261,"resource_available":false,"data":null}},"time_used":135,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":135,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/load","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.650Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"POST /consent/load HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 190\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":190,"data":"{\"identification\":{\"wId\":\"28oTX6uLXHkFoLq9L7hglB\",\"dId\":\"26tpDQf3rxsxHGHd7oprun\",\"sId\":\"3teMKOo1DhokblXBNjSg7P\"},\"locale\":{\"languageCode\":\"nb\",\"languageTerritory\":\"NO\"},\"key\":\"cookieBanner\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 736\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":736,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"58e83cd9d459bbdf182f3352d3ba12c9","sha1":"36c34fa9ff68da624bdcf597e903cd5883b7d7ac","sha256":"0c20c370c27736f4ef840f0c53481365f8aa804893b3009c5a5e605af84f82d7","sha512":"44e0fc3178335b3b7850e33ac5ae270e2ad4ac39b077c89d10bc9909babd6d74d951067b4f8c81cc3ca992d602bcfd3e92433d423da8af59cf3bbd99b72d5ceb","ssdeep":"","tlshash":"84019011b2bff53be05c56977021a59a8e087375e59012ed0864fd7644c2f63a80d3c3","first_seen":"2024-06-25T05:45:48Z","last_seen":"2026-04-03T20:24:15.161674Z","times_seen":627,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/js/vendor.js","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.126Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/js/vendor.js HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: application/javascript\r\nlast-modified: Fri, 16 Jan 2026 08:49:14 GMT\r\netag: W/\"6969fb8a-1e2ae\"\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 7085737\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":123566,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (60065)","md5":"e5c8b7e2bab511c4242c57514c753220","sha1":"be37e5c4232b4d7cafea42573c2da7c8d41d6d12","sha256":"e16fab3d86c35b7224a53dbc1381da63b0f22b98b8effb084c6c1015dd230bd9","sha512":"21b7c08032ab6858c3d4f07620f4bd7dddd6746d752f3645e7a1f738f7a9f21c5016d597701d0a69753c6eb9787b7b38ecbedf12712eab6105316bb7331600d6","ssdeep":"1536:L7LiB3wGnUL6oXHUbxmyBWpsbm1Tmu9dnI9ETHCRlNzDnXEYsSBuPTn8GlDKUQTa:HlmKi6TCtErPTnoL0KU","tlshash":"ecc33ace72c6702247ab31ba046f550af23a5d59384d8840f169e4e5bc71b8e9277f3e","first_seen":"2026-01-16T15:53:44.295054Z","last_seen":"2026-01-16T15:53:44.295054Z","times_seen":1,"resource_available":false,"data":null}},"time_used":108,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":16,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"216.58.207.227","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","date":"2026-01-16T15:53:18.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://www.google.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 14 Jan 2026 21:35:41 GMT\r\nexpires: Thu, 14 Jan 2027 21:35:41 GMT\r\ncache-control: public, max-age=31536000\r\nage: 152257\r\nlast-modified: Thu, 29 May 2025 23:30:55 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-04-04T15:49:29.357561Z","times_seen":714814,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":35,"dns":1,"connect":7,"send":0,"wait":8,"receive":9,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/api2/logo_48.png","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","date":"2026-01-16T15:53:18.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/api2/logo_48.png HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.gstatic.com/recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/styles__ltr.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ncontent-length: 2228\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 10 Jan 2026 18:25:21 GMT\r\nexpires: Sat, 17 Jan 2026 18:25:21 GMT\r\ncache-control: public, max-age=604800\r\nlast-modified: Tue, 03 Mar 2020 20:15:00 GMT\r\ncontent-type: image/png\r\nage: 509277\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":2228,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced","md5":"ef9941290c50cd3866e2ba6b793f010d","sha1":"4736508c795667dcea21f8d864233031223b7832","sha256":"1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a","sha512":"a0c69c70117c5713caf8b12f3b6e8bbb9cdaf72768e5db9db5831a3c37541b87613c6b020dd2f9b8760064a8c7337f175e7234bfe776eee5e3588dc5662419d9","ssdeep":"","tlshash":"c34149bb68287f1be14b501d319001e4b5bb891327c8f24180bf974e4662eaad10f118","first_seen":"2023-04-05T07:17:57Z","last_seen":"2026-04-04T15:47:20.060382Z","times_seen":541595,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":22,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"samlesamtykke.com/cc.css?v=1.0.0","fqdn":"samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"GET /cc.css?v=1.0.0 HTTP/1.1\r\nHost: samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\nlast-modified: Mon, 13 Oct 2025 12:35:57 GMT\r\netag: \"908a-6410982520d0a-gzip\"\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 6443\r\ncontent-type: text/css\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":37002,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, ASCII text","md5":"a42a02e4c42dc1c5d159742686a7c3a4","sha1":"17d3139095fb44e081eef19771b938f0fae6c6d7","sha256":"aa76b8c13bd40cfc80b5381c6b46d8f718f9977215deb39f057141e2f1d1ff27","sha512":"18dca0c2858b56531c7e3e439765ae62f214e3d653ce36e2bab7ee960ad768b5c40ec6220ae9236ee714c1155006e7137c27c218b7d1af9915892bdee0da8502","ssdeep":"768:OFaFB3FxdFy3F1FxFlmUbFaXFOSFsIFaKFOoN+y8Nz5wLM7bbVldi1OqjUBy4ZH2:OYnTd43XDXtybfzjN+y8Nz5wLM7bbVl0","tlshash":"f7f231539e633851253f40ac5f69b206323a5463a78bdd6cf98c641ccfccadc92567ac","first_seen":"2025-10-13T14:39:31.769215Z","last_seen":"2026-04-03T20:48:22.769315Z","times_seen":667,"resource_available":false,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":45,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/collector","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"OPTIONS /consent/collector HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://hetetreff.com/\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST\r\naccess-control-allow-headers: content-type\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":49,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.547Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"47:99:FB:97:02:C2:03:A6:B6:60:07:03:D3:B7:37:4B:99:D1:7F:1F","sha256":"01:72:D6:C3:FA:E5:7E:F5:EF:15:83:1F:EE:A5:BF:37:4C:78:02:B4:CD:BF:8D:EF:62:9F:53:B1:B3:1A:B6:EB"}}},"request":{"raw":"GET /recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/html; charset=utf-8\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-embedder-policy: require-corp\r\nreport-to: {\"group\":\"recaptcha\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha\"}]}, {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: Mon, 01 Jan 1990 00:00:00 GMT\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\ncontent-security-policy: script-src 'nonce-5Txaed3NiWWTUZW5vIGf6w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":92591,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (47163)","md5":"44eb0daa9d858aa8d574e3f31913f392","sha1":"29a42126189bb4f62948f0149925c5a4532a1ec3","sha256":"70465df4419d427d0163715032edd2c6c300a8baad4ed50e0ea9485b8f00cd49","sha512":"c71575eb58f15bce260816f8b21e16026e12a102afdfd1f7195b2eea84b56d55d2e1269fb6cd11b558b6a4fdf8bdf1f5a2b5a07cc2a24ed5838314d9f51bb076","ssdeep":"1536:y+kuj5F1XJJY/2pQ4JGgKQ/5RyFa4rPfRuNDhjP8ebsFoPDaOSbZD:y+kuVUJWp4LENDhDbWAMZD","tlshash":"8893ae165a4330c2dfa78e9127da6f34e73e8201314640a867ff17979d9eda362792cc","first_seen":"2026-01-16T15:53:44.296915Z","last_seen":"2026-01-16T15:53:44.296915Z","times_seen":1,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":33,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.gstatic.com/recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/recaptcha__en.js","fqdn":"www.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://www.google.com/recaptcha/enterprise/anchor?ar=1\u0026k=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s\u0026co=aHR0cHM6Ly9oZXRldHJlZmYuY29tOjQ0Mw..\u0026hl=en\u0026v=PoyoqOPhxBO7pBk68S4YbpHZ\u0026size=invisible\u0026anchor-ms=20000\u0026execute-ms=30000\u0026cb=ppfp6gfniztq","date":"2026-01-16T15:53:17.755Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /recaptcha/releases/PoyoqOPhxBO7pBk68S4YbpHZ/recaptcha__en.js HTTP/1.1\r\nHost: www.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://www.google.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha-scs\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups; report-to=\"recaptcha-scs\"\r\nreport-to: {\"group\":\"recaptcha-scs\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/recaptcha-scs\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 364933\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 16 Jan 2026 09:04:03 GMT\r\nexpires: Sat, 16 Jan 2027 09:04:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 12 Jan 2026 01:00:14 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nage: 24554\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":856260,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (670)","md5":"01a39bba6df66b9b6c1ce105b37d948c","sha1":"cc4c7d59b3ce8ec9d8ddb107b19b42f2052a7d94","sha256":"d89a3b683ad06f027eaf33c886083c7d6f0fe88ee28e646059c4f521a166cde3","sha512":"4e644ffbbda98fe7ba928b7ba56d5e7bdec3c6320bac4c5518e4a2671ccc0c1192f11f0148949f54be666368f7ffb062296135145dca1f01fa1c3259d4a080e1","ssdeep":"12288:CcrIRP7yj+Ql2v2ZQqbrH4SJoR4yjom71o:jIhyj+RRqbrYSJw4yT71o","tlshash":"9a0529ca721275f94332b4f92037142a936daa25940c0d5db259c8f52ff2c6931beeb7","first_seen":"2026-01-15T01:58:18.084345Z","last_seen":"2026-03-27T14:07:59.271507Z","times_seen":25478,"resource_available":true,"data":null}},"time_used":113,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":23,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-QXFHHE16V3\u0026cx=c\u0026gtm=4e61e1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.38.104","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:49:27 GMT","end":"Wed, 25 Feb 2026 15:49:26 GMT"},"fingerprint":{"sha1":"2C:B9:1B:62:2A:F9:04:B9:16:E2:30:B0:A8:B2:85:0C:68:BC:79:25","sha256":"AE:CB:A0:2C:92:1E:CB:D2:CB:6C:0D:37:5E:A2:4E:27:AE:4E:CA:0C:EC:53:D5:50:E6:C1:3D:EB:17:C1:F2:C9"}}},"request":{"raw":"GET /gtag/js?id=G-QXFHHE16V3\u0026cx=c\u0026gtm=4e61e1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nexpires: Fri, 16 Jan 2026 15:53:18 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 138000\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":409276,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6031)","md5":"0a8f3a24e24b1a2148809e6c6e48fc5a","sha1":"519f5a29155a0911b359e4e422520444ca771247","sha256":"f5c13506a9029f36b173f69ac40079a36d7b2fb8b52b4b33f00d27e85adbc65b","sha512":"67ac0eb6443412d7454a9909932c252034c0599e51b29db8044cfa8c5f2646ee98c4dfd6e98b5ece31836a9826cb44dc41c41c6d92711cb0e6f36a74b2c4ad3b","ssdeep":"6144:cyRnbh1DGvjHjUG2tonsYDfc1YgdxBX83ofpwVK7Gy:lbTDwjFBns3X83Y9","tlshash":"619419ce73c674269396e078503f018ba57b29a2f45cc895f189cce42e74a9a4177f7c","first_seen":"2026-01-16T11:56:14.291938Z","last_seen":"2026-01-16T15:53:44.297745Z","times_seen":2,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":19,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/collector","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"POST /consent/collector HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 169\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":169,"data":"{\"identification\":{\"wId\":\"28oTX6uLXHkFoLq9L7hglB\",\"dId\":\"26tpDQf3rxsxHGHd7oprun\",\"sId\":\"3teMKOo1DhokblXBNjSg7P\"},\"locale\":{\"languageCode\":\"nb\",\"languageTerritory\":\"NO\"}}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 4967\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4967,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"d678111da28a4479397a3e313ae14ea2","sha1":"a376c52e0d29a29ecb7927de158673158ac8b034","sha256":"101e73e1f64c29449cfba7e126f390c1dceaae81e2240befb76fd605868cc8d8","sha512":"505d91e0cff3fc0bc65987003021b17662c0c4567e982e75520842339f8a40ddf8292cf3618f0bbb50fd2987a7b7101fcc7778237be487e5f965637fa48f4f9b","ssdeep":"48:prsrdYcrhYrpp0SCzsPnWreUbnMJWFEbvPQkrXrs5r9r4rkrStrAn:pyd94X09sPQ/bMjb3QGbKJaGS5A","tlshash":"37a1ed7e056881fdabff71a9c6071958676c11f3b2487c05e99cc1b86cfa1d032b162b","first_seen":"2024-08-21T23:41:03Z","last_seen":"2026-01-18T15:18:49.456144Z","times_seen":36,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pleaseclickmenow.com/?a=12125\u0026c=64411\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s2=wln7k6ka2qfjgnkf347h99a2\u0026ckmguid=100a3a12-118a-4059-90aa-f9919acbfb86","fqdn":"pleaseclickmenow.com","domain":"pleaseclickmenow.com","tld":"com"},"ip":{"addr":"52.72.87.177","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-16T15:53:14.390Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pleaseclickmenow.com","organization":""},"issuer":{"commonName":"GlobalSign GCC R6 AlphaSSL CA 2023","organization":"GlobalSign nv-sa"},"validity":{"start":"Fri, 24 Jan 2025 01:51:45 GMT","end":"Wed, 25 Feb 2026 01:51:44 GMT"},"fingerprint":{"sha1":"AE:C4:6A:DF:21:11:C9:17:63:F8:3A:2E:9D:F2:24:6F:92:D6:85:5C","sha256":"B8:B3:56:51:86:F1:6C:4A:4C:BF:CA:8E:FF:1B:68:3E:5F:C4:D7:BE:27:E4:9E:20:40:51:85:13:CC:92:11:AC"}}},"request":{"raw":"GET /?a=12125\u0026c=64411\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s2=wln7k6ka2qfjgnkf347h99a2\u0026ckmguid=100a3a12-118a-4059-90aa-f9919acbfb86 HTTP/1.1\r\nHost: pleaseclickmenow.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nCache-Control: private\r\nContent-Length: 308\r\nContent-Type: text/html; charset=utf-8\r\nDate: Fri, 16 Jan 2026 15:53:15 GMT\r\nLocation: https://cybermeetme2.com/?utm_campaign=n30CDtGmuM\u0026s2=wln7k6ka2qfjgnkf347h99a2\u0026aid=12125\u0026s1=7cf37455-0862-4116-80af-a63fa919729e\u0026s3=ef81a8ac-c1f2-4584-88aa-a9625dadd9ae\u0026s4=\r\nP3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nSet-Cookie: sid=5KxOjr7yHQSJEo4wE3/otK2dARtvZoLRZxXRk0WRE7tmy1YBQRxrIQ==; domain=.pleaseclickmenow.com; path=/; HttpOnly\ntrk=8BUgb+2iOuqIEk5n/FrOKq2dARtvZoLRZxXRk0WRE7tmy1YBQRxrIQ==; domain=.pleaseclickmenow.com; expires=Sun, 16-Jan-2028 15:53:15 GMT; path=/; HttpOnly\nc23696=5KxOjr7yHQS7ywldExD3xiBbOFBGV342JPp2L1G4yWJ3g4rnTMuwvg==; domain=.pleaseclickmenow.com; expires=Sun, 15-Feb-2026 15:53:14 GMT; path=/; HttpOnly\r\nConnection: close\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":29715,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":1256,"timings":{"blocked":541,"dns":58,"connect":93,"send":0,"wait":175,"receive":0,"ssl":387},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"pleaseclickmenow.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-16T15:53:16.043Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: text/html;charset=UTF-8\r\nx-powered-by: PHP/7.2.34\r\nx-host: hetetreff.com\r\ncontent-encoding: gzip\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nvary: Accept-Encoding\r\nx-varnish: 7819913\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"ExoClick","description":"ExoClick is a Barcelona-based online advertising company, which provides online advertising services to both advertisers and publishers.","website":"https://www.exoclick.com","common_platform_enumeration":"","icon":"ExoClick.png","categories":["Advertising"]},{"name":"reCAPTCHA","description":"reCAPTCHA is a free service from Google that helps protect websites from spam and abuse.","website":"https://www.google.com/recaptcha/","common_platform_enumeration":"","icon":"reCAPTCHA.svg","categories":["Security"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"PHP:7.2.34","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":29715,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (3163)","md5":"e8e74afbc92463a229d07d4bc6019c39","sha1":"601a0f969a2325b77a7a53abd351d27bc47722f3","sha256":"c8c9821e5cd979cd668b066014f1f398adc7cfeb84655222f06ecb2ad748b181","sha512":"9d30de6e43fc44d850cc2fae3328d6a8ae7295a569230eed2def92de544f84878c07cdc60bc7386194fbeacf2deaa2acaa2469c23092b280adb0662daea677f0","ssdeep":"384:Us3zRgl5860ZNIITeijS9p2X1PnTWpPrFL5D8fK3VpG8nYt:J3zClWeITBjS9p2X1vT2PDeK3V8kYt","tlshash":"1ed2e75a78f54421029394ece23f7308b816f10fee414480b59d47b05fa6ef6b967bae","first_seen":"2026-01-16T15:53:44.298279Z","last_seen":"2026-01-16T15:53:44.298279Z","times_seen":1,"resource_available":false,"data":null}},"time_used":730,"timings":{"blocked":281,"dns":48,"connect":15,"send":0,"wait":168,"receive":0,"ssl":216},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"sync.atsptp.com/d/product/35062/jsfp/cc3a645ed66bed135b90b805ff3c8a75","fqdn":"sync.atsptp.com","domain":"atsptp.com","tld":"com"},"ip":{"addr":"66.254.114.220","port":443,"asn":29789,"as":"REFLECTED","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.951Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"atsptp.com","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Thu, 04 Dec 2025 16:52:36 GMT","end":"Wed, 04 Mar 2026 16:52:35 GMT"},"fingerprint":{"sha1":"E7:87:CB:AA:82:80:59:4A:55:CD:86:88:32:2D:F1:C0:D7:7F:C6:04","sha256":"46:E2:CC:07:05:D7:C2:B5:1D:F4:91:AC:FC:88:03:CD:34:E9:48:B3:02:C5:31:F8:77:8F:36:F5:88:2D:62:9F"}}},"request":{"raw":"GET /d/product/35062/jsfp/cc3a645ed66bed135b90b805ff3c8a75 HTTP/1.1\r\nHost: sync.atsptp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nset-cookie: d_uidb=143150d2-a325-a027-0a53-0d9d4052708d; Max-Age=31536000; Expires=Sat, 16 Jan 2027 15:53:19 GMT; Path=/; Domain=sync.atsptp.com; SameSite=Lax\r\ndate: Fri, 16 Jan 2026 15:53:19 GMT\r\naccess-control-allow-origin: https://hetetreff.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncontent-length: 36\r\nvia: 1.1 google\r\naccept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version\r\nalt-svc: h3=\":443\"; ma=3600\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]}],"data":{"size":36,"size_decoded":0,"mime_type":"text/plain","magic":"ASCII text, with no line terminators","md5":"99e5f241bb61f15778688b123f2f2086","sha1":"f2f1641d868b44d89a0f2712878bba2b8f145b22","sha256":"45b3d956bffeb8d3ce32daf0fd65969bc927256041d8857d40352cffb5a9dffb","sha512":"0aad35e4f691f09961195f8ed570bda49b0525eff86b234d7eba4f1e3a56603988165c3e08a3df6bd480c90926f7e5405f57d32a6cbab34db53ca09447d0c7a6","ssdeep":"","tlshash":"1880044070004703f5014f471005c10c013c450500415144c5154704d053705dc40d14","first_seen":"2026-01-06T15:21:44.207257Z","last_seen":"2026-04-03T20:24:15.138197Z","times_seen":261,"resource_available":false,"data":null}},"time_used":140,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":140,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/images/general/rotate.webp","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.788Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/images/general/rotate.webp HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 5878\r\nlast-modified: Fri, 16 Jan 2026 08:49:13 GMT\r\netag: \"6969fb89-16f6\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 22163853\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish:6.0","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5878,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9582c3b7e1ebb38ab1b07c922b08b640","sha1":"4fe27b10652b9cae783ae82ba5756ece0f774893","sha256":"3cac0de3a00899092c360f3e40dfdd51306af87923201db4df5f1218d373279e","sha512":"a9715a6b243f52a3d9cd57235ab18647bff05720ca9213ff7bf32e1ccfae192642af4b2cbec7cfe18201fcf7e70d9d6bf783bab3ddc50cdef8e6f40f09fafdb3","ssdeep":"96:WKeoum0n2hzX5+gkVpDDVjiIZOjYjKWDZIGN+Ww/8+7Hh+MoazELZzhsx9v2fIv:kouf2Vmf/V+InJDZZNu9HcM7kZzhQR","tlshash":"1cc18d00d504fa2a1c85e91668fea2256411c0a066f890e4afbfe853f535235de890df","first_seen":"2025-04-16T01:09:11.664137Z","last_seen":"2026-04-03T20:24:15.151679Z","times_seen":720,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ad.twinrdengine.com/beh.engine?b=551\u0026o=1\u0026x=\u0026s=","fqdn":"ad.twinrdengine.com","domain":"twinrdengine.com","tld":"com"},"ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ad.twinrdengine.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Dec 2025 15:32:51 GMT","end":"Mon, 23 Mar 2026 16:28:46 GMT"},"fingerprint":{"sha1":"02:0E:19:90:FE:EB:CD:15:18:37:00:35:AD:34:18:E3:6A:DA:D8:A3","sha256":"81:FD:A2:C7:B7:0F:12:79:16:29:FF:78:75:2F:D7:3D:5D:C7:4C:52:D1:27:21:05:6B:C5:69:BD:CA:25:85:2F"}}},"request":{"raw":"GET /beh.engine?b=551\u0026o=1\u0026x=\u0026s= HTTP/1.1\r\nHost: ad.twinrdengine.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Fri, 16 Jan 2026 15:53:15 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/images/landing005/default/default/slide01.webp?geo=no","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.720Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/images/landing005/default/default/slide01.webp?geo=no HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:17 GMT\r\nserver: nginx/1.14.2\r\ncontent-type: image/webp\r\ncontent-length: 56400\r\nlast-modified: Fri, 16 Jan 2026 08:49:13 GMT\r\netag: \"6969fb89-dc50\"\r\nx-cacheable: YES\r\ncache-control: max-age=300\r\nxkey: lander\r\nx-varnish: 11024715\r\nage: 0\r\nx-cache: MISS\r\naccept-ranges: bytes\r\nvia: 1.1 varnish (Varnish/6.0), 1.1 google, 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":56400,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x1080, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"552544a39219bcc0ed840415c27539bc","sha1":"974447171aa7c0de3c5abf75dc41d03d7029a254","sha256":"76614cd7cb48886251f4a313b5188ac30e64e7203117e6d55ba35a7c9f3a8530","sha512":"f65d1af5dc37bbaaf4faf557aaab9e354e6601b121fff3d0de3c043716959b488e7bd6c84754ed693ec4e79f20ec2e68f32bb607ab2c7bb07ecd7400e0872235","ssdeep":"768:l1zQJp7geiKWcqFnyhz/FX7fuqVAK5pPe29gZLhg/tPwT2yuBdSKwGRO+o4zgi+y:3QcaqFQR7GqV7GrqHyN5oEM1kSTV7","tlshash":"0f43e10b9f4b729db5be19bf03f1723509747f8e49aa6b491e8044ef0308ea915e570b","first_seen":"2025-03-04T11:41:41.906255Z","last_seen":"2026-03-14T15:37:32.959422Z","times_seen":27,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":88,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.google.com/recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s","fqdn":"www.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.58.207.196","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:57:20 GMT","end":"Wed, 25 Feb 2026 15:57:19 GMT"},"fingerprint":{"sha1":"13:5B:80:5A:23:15:61:AE:98:37:1B:0A:3C:F6:E2:BD:63:8E:3B:D6","sha256":"22:03:24:94:F7:E3:5F:66:1B:39:CE:18:75:20:3D:01:AC:FE:93:AA:1A:73:8C:D5:34:98:AB:2B:E5:19:37:12"}}},"request":{"raw":"GET /recaptcha/enterprise.js?render=6Lc2aYkcAAAAANp1JsXLqbWbhNIDzi_7RBy95c-s HTTP/1.1\r\nHost: www.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/javascript; charset=utf-8\r\nexpires: Fri, 16 Jan 2026 15:53:16 GMT\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\ncache-control: private, max-age=300\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy-report-only: same-origin; report-to=\"coop_38fac9d5b82543fc4729580d18ff2d3d\"\r\nreport-to: {\"group\":\"coop_38fac9d5b82543fc4729580d18ff2d3d\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d\"}]}\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1200,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1200), with no line terminators","md5":"33a1c56d538f9b34b1ccad91d9340381","sha1":"aaa9da6bd113a026850e6b83bcd276b7e4220a4e","sha256":"a34e566b972c1db886974f439763ce6c74dd7c4f3506283d1b9abfe83653468e","sha512":"56fc445b3db7960b10c9306188543d6875cd56a3424214b4e260b6d9d8ca025b519d4904c6ea3b76361d5b12312d84fa1254a93566ea1e86c487bf85a4a69657","ssdeep":"","tlshash":"9a21c1b21706907a0ab209f5f1facb71ec52701cb15c89dca502ea991ebaccfce15595","first_seen":"2026-01-15T14:27:55.725714Z","last_seen":"2026-01-27T12:08:13.463159Z","times_seen":31,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":41,"dns":0,"connect":8,"send":0,"wait":20,"receive":0,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ad.twinrdengine.com/aud/aHlxTtBjlhQNk8MNH6Oy7YuVwvm4T2wg?noscript=1\u0026cb=437137","fqdn":"ad.twinrdengine.com","domain":"twinrdengine.com","tld":"com"},"ip":{"addr":"34.111.67.216","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ad.twinrdengine.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Tue, 23 Dec 2025 15:32:51 GMT","end":"Mon, 23 Mar 2026 16:28:46 GMT"},"fingerprint":{"sha1":"02:0E:19:90:FE:EB:CD:15:18:37:00:35:AD:34:18:E3:6A:DA:D8:A3","sha256":"81:FD:A2:C7:B7:0F:12:79:16:29:FF:78:75:2F:D7:3D:5D:C7:4C:52:D1:27:21:05:6B:C5:69:BD:CA:25:85:2F"}}},"request":{"raw":"GET /aud/aHlxTtBjlhQNk8MNH6Oy7YuVwvm4T2wg?noscript=1\u0026cb=437137 HTTP/1.1\r\nHost: ad.twinrdengine.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: text/javascript\r\ncache-control: no-cache, no-store, must-revalidate\r\nexpires: Thu, 15 Jan 2026 15:53:18 GMT\r\netag: 79d433b9-f2f3-11f0-9461-75e8531e35a8\r\nlast-modified: Fri, 16 Jan 2026 15:53:18 GMT\r\npragma: no-cache\r\nvary: *\r\ncontent-length: 0\r\ncontent-encoding: gzip\r\nvia: 1.1 google\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/loadSegment","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:18.781Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"POST /consent/loadSegment HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 224\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":224,"data":"{\"identification\":{\"wId\":\"28oTX6uLXHkFoLq9L7hglB\",\"dId\":\"26tpDQf3rxsxHGHd7oprun\",\"sId\":\"3teMKOo1DhokblXBNjSg7P\"},\"locale\":{\"languageCode\":\"nb\",\"languageTerritory\":\"NO\"},\"key\":\"termsAndConditions\",\"segmentKey\":\"declaredRead\"}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:18 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 2887\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2887,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"JSON text data","md5":"397ce7f381805a7bf164b74a6872f2bd","sha1":"5bbdc3992b5be39b7477fa25a6f2207e7fabf97c","sha256":"8ff885ca3ae0630cb486be5b7752b789f46fd860ed9c3389dddd0de6ab6797f8","sha512":"2e34003a195d120691fd1783a4b3ec2a3b56737a66323ebb30509364d088019b160759d1d1b37b0ef3ef35b3f47e3cf1b7f8a2ec43181af44013eba1d46b4d08","ssdeep":"","tlshash":"35514381856ef325efad425fd05c557196af832cc66486bb8dc8c0eb20c3dacd5ca247","first_seen":"2025-11-07T13:31:56.546392Z","last_seen":"2026-04-03T20:24:15.147255Z","times_seen":266,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api.samlesamtykke.com/consent/confirmExplicit","fqdn":"api.samlesamtykke.com","domain":"samlesamtykke.com","tld":"com"},"ip":{"addr":"34.54.44.101","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:19.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"samlesamtykke.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Wed, 26 Nov 2025 02:08:43 GMT","end":"Tue, 24 Feb 2026 03:04:38 GMT"},"fingerprint":{"sha1":"C0:02:64:01:BD:BC:67:7F:70:D9:81:AC:FC:55:5B:C2:2B:DD:11:3F","sha256":"C1:62:E2:E6:12:14:9B:8D:CB:8E:72:DD:E7:22:C8:7B:50:1E:00:A2:6C:1C:19:E9:FB:F4:B0:07:8F:3B:E6:06"}}},"request":{"raw":"POST /consent/confirmExplicit HTTP/1.1\r\nHost: api.samlesamtykke.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 540\r\nOrigin: https://hetetreff.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":540,"data":"{\"identification\":{\"wId\":\"28oTX6uLXHkFoLq9L7hglB\",\"dId\":\"26tpDQf3rxsxHGHd7oprun\",\"sId\":\"3teMKOo1DhokblXBNjSg7P\"},\"userScope\":{\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"referrer\":null,\"requestSchema\":\"https\",\"domain\":\"hetetreff.com\",\"requestUri\":\"/landing5\",\"requestHash\":null,\"requestQuery\":\"?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\"},\"locale\":{\"languageCode\":\"nb\",\"languageTerritory\":\"NO\"},\"key\":\"privacyStatement\",\"segmentKey\":\"privacyReminder\",\"version\":null}"}},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:19 GMT\r\nserver: Apache/2.4.18 (Ubuntu)\r\naccess-control-allow-origin: https://hetetreff.com\r\naccess-control-allow-credentials: true\r\ncontent-length: 0\r\ncontent-type: application/vnd.api+json\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.18","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/vnd.api+json","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T15:49:33.06692Z","times_seen":13337345,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.hetetreff.com/img/logo.png","fqdn":"www.hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:16.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /img/logo.png HTTP/1.1\r\nHost: www.hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hetetreff.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:53:16 GMT\r\nserver: Apache/2.4.58 (Ubuntu)\r\nvary: X-Forwarded-Proto\r\nlast-modified: Wed, 14 Jan 2026 12:30:01 GMT\r\netag: \"1335-6485844554553\"\r\naccept-ranges: bytes\r\ncontent-length: 4917\r\nx-ua-compatible: IE=edge,chrome=1\r\ncontent-type: image/png\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.58","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":4917,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 110, 8-bit/color RGBA, non-interlaced","md5":"42d2ebb7c8bddbd36a0a8a715d0d3df1","sha1":"3bdff8f0db8ced2c769e692a9fb580ed8753bb8e","sha256":"88e946189ee5948dd285ffaf351902ac19d31a7a455b8854ed1922dc0d99b7b3","sha512":"45c822f70b5e2164e7fd35a59d613e739334987689954f4c5a363f20cf5ec742f0a25eb589c3ceff17b52d71b69588fb865fb9f918c1198ade7cb3786dde04de","ssdeep":"96:PSeo7FbqknmWVJo/oH8HzNGeJGpnYAAAAy4xPp4Zad8UvaloLQiWNlLPq:PSP7F2knZcTNa4xPp4ZaW7iLQiw0","tlshash":"9ca15c1db141ac118686ff0135eba1435e573fc045c0e805ac9cc89789956b9a51f9d3","first_seen":"2023-07-08T04:36:26Z","last_seen":"2026-01-28T07:39:30.236565Z","times_seen":19,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":33,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"www.hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hetetreff.com/landers/media-registry.js","fqdn":"hetetreff.com","domain":"hetetreff.com","tld":"com"},"ip":{"addr":"35.227.210.22","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e","date":"2026-01-16T15:53:17.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"hetetreff.com","organization":""},"issuer":{"commonName":"WR3","organization":"Google Trust Services"},"validity":{"start":"Thu, 25 Dec 2025 08:38:54 GMT","end":"Wed, 25 Mar 2026 09:32:07 GMT"},"fingerprint":{"sha1":"0F:C6:45:1A:69:E9:24:75:16:80:BD:32:EE:0A:B3:5F:63:6B:7F:C8","sha256":"9C:AA:D1:66:16:9C:A7:45:B6:59:07:83:DF:7C:64:6F:80:CD:3D:4C:25:9C:F8:34:63:27:94:15:7D:F1:F2:71"}}},"request":{"raw":"GET /landers/media-registry.js HTTP/1.1\r\nHost: hetetreff.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://hetetreff.com/landing5?pi=12125\u0026pt1=4023345182\u0026pe=7cf37455-0862-4116-80af-a63fa919729e\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 16 Jan 2026 15:10:21 GMT\r\nserver: nginx/1.14.2\r\nx-guploader-uploadid: AJRbA5V6tBvbpHk6kgRqsMQM9heHE4eS9k0LIsJERJUvQzcriJjPFpreaJ4br7kFkkQZOLSiM1W5_dg\r\nx-goog-generation: 1768554724553145\r\nx-goog-metageneration: 1\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 127421\r\nx-goog-hash: crc32c=piQ6lg==, md5=i88wktGOg4eo+blAQdphJQ==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\nvia: 1.1 google, 1.1 google\r\nage: 2576\r\nlast-modified: Fri, 16 Jan 2026 09:12:04 GMT\r\netag: \"8bcf3092d18e8387a8f9b94041da6125-gzip\"\r\ncontent-type: application/javascript\r\ncache-control: public,max-age=3600\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000, h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 7084\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":127421,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"8bcf3092d18e8387a8f9b94041da6125","sha1":"db3c93abbaf69de5838eb6d5d5f34e8fc8e50c7b","sha256":"f898695ebf362fd204903025871bbeed0d419ac845a22508ddf71bb6c99559c3","sha512":"a59d8cede4eb74b44e107310441245c434e85d730302df793789ac8a5ce40b0728e0cfa2756085aed392ceb5da855eeb554e58fe1e216560d37c9e0c921330d4","ssdeep":"3072:VR+xx141g+V1zDgXlxikzVuDfqjPxTHzH7HFb7:VR+xx141g+V1zDgXlxikzVuDfqjPx5b7","tlshash":"06c3a107b65cbe2bfb3cfd652da29d0168ec34002447f0a0b2ead85549de5d417caeda","first_seen":"2026-01-13T15:59:55.523551Z","last_seen":"2026-01-20T00:17:05.0797Z","times_seen":19,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-16","alert":"Sinkholed","trigger":"hetetreff.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}