{"report_id":"61a90f13-2b5d-4833-90c6-8a44950d98e4","version":6,"status":"done","tags":[],"date":"2026-01-03T17:25:23Z","url":{"schema":"http","addr":"wallstreet30.icu","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"wallstreet30.icu/","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"title":"Flare is the blockchain for data","dom":{"size":64969,"mime_type":"text/html; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (384)","md5":"0e223085e971c73c0765661c9c584aba","sha1":"1ca0e153e3211124507535d94b3763cb56852b94","sha256":"b37481b3717120812643523def72ed1301fbff9a167a2431cdef0260da820278","sha512":"6573d62c4815ee124aba0a37c7caf5d421b6c540a904f83138bd222d3564aaae8dba43043897a43f4f9a83ea59bdec11dfc6c6c346f3e92dcb27d1cd8c88eb74","ssdeep":"384:Mcuh119BePN/YAW95r3WC5pIV6NfJ1LymNuQftGFAbs8IhVIjs2I9mt:/G1ruNUnrGC7NfJD/bs8YVOs2Cmt","tlshash":"4253c67091f2266b537382d232a09a69b545aa03ce1715d9b3ec57db6fcacd2dc3318c","dom_hash":"domhash550d64b8bc1f22b20414e86f34a88744","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wallstreet30.icu","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":0,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-02-07T17:25:23Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-01-03T17:25:01Z","timestamp":1767461101,"ip_dst":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.25","port":35766,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET INFO Suspicious Domain (*.icu) in TLS SNI","source":"{\"timestamp\":\"2026-01-03T17:25:01.762846+0000\",\"flow_id\":844301733819697,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.25\",\"src_port\":35766,\"dest_ip\":\"162.222.225.119\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2026889,\"rev\":4,\"signature\":\"ET INFO Suspicious Domain (*.icu) in TLS SNI\",\"category\":\"Potentially Bad Traffic\",\"severity\":2,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2019_02_06\"],\"deployment\":[\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_11_21\"]}},\"tls\":{\"sni\":\"wallstreet30.icu\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"15af977ce25de452b96affa2addb1036\",\"string\":\"771,4866,43-51\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3506,\"start\":\"2026-01-03T17:25:01.488753+0000\"}}"}],"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"wallstreet30.icu","ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":52,"request_count":52,"received_data":707685,"sent_data":23479,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-12-28T22:26:34.892336Z","alert_count":0,"request_count":2,"received_data":1422,"sent_data":897,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"bootstrap.smartsuppchat.com","ip":{"addr":"3.125.249.105","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2014-02-02","domain_rank":425291,"first_seen":"2018-01-29T06:10:36Z","last_seen":"2025-12-30T23:21:46.0477Z","alert_count":0,"request_count":1,"received_data":379,"sent_data":525,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.smartsuppchat.com","ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"domain_registered":"2014-02-02","domain_rank":491650,"first_seen":"2017-01-30T05:24:57Z","last_seen":"2025-12-30T03:48:52.923338Z","alert_count":0,"request_count":1,"received_data":18644,"sent_data":421,"comment":"","tags":null,"fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wallstreet30.icu/","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"10b0755e5bd1bf0626eebbd163897d27","sha1":"508873cd9aec2b247c5b201bd6a00cad63eb5adf","sha256":"6e11981dd43a1304bf25a3cc8e2f89d6240fe35b814fddeee78713bc3fcc86fa","sha512":"7f3c4af60a0994433cc315fade311c55df78f74a68e5764a1836c8a7c884e4aa4a3bd33ddecc251959a203392dcb2b67f1196f6ce42247d934603ccc383376a5","ssdeep":"","tlshash":"3bf0ab2e3c3790804bd310b583bbf228392630b34054d45bb85dc86a5fb0fcaad14a98","size":490,"data":"","first_seen":"2026-01-03T17:25:30.754585Z","last_seen":"2026-01-03T17:25:30.754585Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"258f350cafc8023e5243b97395fd1bd2","sha1":"21b284f674c332f78559b21e5e2e76bd9962a1dc","sha256":"0522bb166aada3a666a47d7f4defa03484bade1d908e72f8fad37193bdd5792e","sha512":"6caebe9a28c0c895ba385c8e990d5c3402e78ba91613a68d697c7918897e8bb015b29e6dd3018e52e5dc135f048d1136ab79f3b255f0ec56fbd661f0bf664d8f","ssdeep":"","tlshash":"75e0c951266461660623ada2165e661094300047792fbc7a79cd8b81ef1f22ca6bbb86","size":298,"data":"","first_seen":"2026-01-03T17:25:30.758942Z","last_seen":"2026-01-03T17:25:30.758942Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"50daa9a9579534f1bb66f06e6782b3d4","sha1":"fd0135ef11f32812a102907923ad2b094407cbaa","sha256":"fb260df2d46d42e38c37f193a38f847b28000dd821f8c0dcbc6d6afbc1565a7b","sha512":"2d2d63593a2b4610652e69cd15dbc7abef480dc0559de74a5da0985be7b666b9f79f4bafc367bfeecbb73d31f9369f3aea03a1eb4032f9409a8868e226060570","ssdeep":"96:cWGTql3J9QoqCj2VsVSlGCqU5kbsdc3uB:c5QJRtGFBmbs0k","tlshash":"0c91045916be213007af83b3e2d729ba6120440b7506d5a236fd469e1ff1b51e4f36ca","size":4227,"data":"","first_seen":"2026-01-03T17:25:30.765417Z","last_seen":"2026-01-03T17:25:30.765417Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.smartsuppchat.com/loader.js?","fqdn":"www.smartsuppchat.com","domain":"smartsuppchat.com","tld":"com"},"ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"b67300767490ee626178325c8efa3b14","sha1":"4378b772ab209e5280e60af15dd03414f2578f3d","sha256":"e3ccd7d38ffd01f14809ed081950d4a8c964d31fd6abb90a4433fb3574b9c8e0","sha512":"3c8acd1d71e685e71b69de130506fe13326f0908310caf3ac0bdf205cae4824c0dd0ef54eed3a7041cb37bd623308877df76973a28c8e691904e055e46fa706f","ssdeep":"384:fUx/y2k3g7xT7dWbEelfE4YYdWbE0rIcvCSI/a4GUpG:fUx/y2k3gli84YY8JeabB","tlshash":"4482a5ccb791a16543eb61b4843f710ff237692970098821ba65dae13c7898ee037f78","size":18141,"data":"","first_seen":"2025-05-05T10:50:11.676089Z","last_seen":"2026-06-08T07:14:05.856774Z","times_seen":9276,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"wallstreet30.icu/img/bitpay.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/bitpay.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 646\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":646,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"66266e2f622705809b9b99eae8cba7e9","sha1":"b5eb496357b8e8d3a4de88a12bc04dc2247296e5","sha256":"51b29ea0ee4ac91c0b883351713ad19a9532871e9b92f9a5acf9464ec14595dc","sha512":"411e6d0bc06e0179bd9aca6934b43a1d522c73a375fd31212a8856ff5ccaeb7ac8f73dd3e912f9141d23d818e505bd45b15726ac2443c71171a67df42ae537c0","ssdeep":"","tlshash":"fff068f59bed75c2de9d7941b41dcc057fcb31204126ba52944495d6c46e6cecb0103f","first_seen":"2026-01-03T17:25:30.3288Z","last_seen":"2026-02-17T18:52:15.423015Z","times_seen":3,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/huobi.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/huobi.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 564\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":564,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"5b583540b7a6419dab927ad646335e04","sha1":"996e6dc4c006236d6d48c9bc2e45075eace1b95f","sha256":"8f0a0b93f470b5dfcb8cb852babb47e5e9ebf9cadc3d1122595ef6f515319ee2","sha512":"9ff1b34d2cb17318bc73ed74ce4feebac77ce5b1565f0c1e0062fd3fad4c79a89eda6de30b71c3fe6cc86b0c23c120cc9d7102fc9763da431e7dc6aa8d4f4530","ssdeep":"","tlshash":"83f0e16c8411d2d57c14214d29d5dd252427d811f154d5c639a3485ebaf630aeac2f35","first_seen":"2026-01-03T17:25:30.345394Z","last_seen":"2026-02-17T18:52:15.406103Z","times_seen":3,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":676,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/cool_wallet_s.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.319Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/cool_wallet_s.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 492\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":492,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c10752ef26b451a40cf0da5fa9942f60","sha1":"f7549bab57d16c7e3d609151c12d7e6cc1047f60","sha256":"08f4d29efe6567ee93df9cfc331f086f95900ecf5599fe20aeb4e103d4052b59","sha512":"857aa0caa65496b7a1460d3377d041648025af5a66f42bd25c620feb7401ba8067b2144a0199dc0022af94efb4cb0c543c7e63c4b3971d48b35e20d1b9e01fa5","ssdeep":"","tlshash":"fcf054fa973086f7840303813424093a445106622c80a58583e5d5cde9c9e874707943","first_seen":"2026-01-03T17:25:30.354991Z","last_seen":"2026-02-17T18:52:15.428428Z","times_seen":3,"resource_available":false,"data":null}},"time_used":667,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/math_wallet.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.312Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/math_wallet.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 808\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":808,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"36f755692936c636ba847dacd13d34ba","sha1":"f893c1ae14b3c482b2edbc10b4bb212b2c0b768b","sha256":"050e9fa10ab18dcab3876e1725fad1679b65366657ba93b7203685d84bb950a7","sha512":"c1a573c69a505b0cf4e330d2fbfabf7aefde18dbafc31194d46db7d2efeb8e9699bd2373721ae71c4aa18feaa492da406bd5a2bc8468455db638d8832a205bc5","ssdeep":"","tlshash":"bf01c59fa208c1945193fee6ba8fa42124821e053bf82ec9503c79413ca12590a9b1cb","first_seen":"2026-01-03T17:25:30.362429Z","last_seen":"2026-02-17T18:52:15.403406Z","times_seen":3,"resource_available":false,"data":null}},"time_used":674,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":674,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/ellipal.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/ellipal.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 1072\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1072,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x62, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bbb1424bd9090337d9e17a1b5b9154ef","sha1":"fb86823899db6d8a3c809ba6e7db8686405f2659","sha256":"8572ee90c655fd07d4d44671b2d0d57807dbaf5da8f29d0bae8f38237ea7028e","sha512":"df92843f00bd9e1fc979ae9dd8378c33f60a28d034e3c70224c06a31acbfaf7e67327ce16ccebc2676bbde1ca4774db45590573bcd3c8087b6d90ced90da6ffd","ssdeep":"","tlshash":"a711e93386fc211fb9e32c6a9d7ac8c5336d50af7a9070e33086d0396c3a42872583c9","first_seen":"2026-01-03T17:25:30.368917Z","last_seen":"2026-02-17T18:52:15.423546Z","times_seen":3,"resource_available":false,"data":null}},"time_used":663,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":663,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/safepal.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.331Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/safepal.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 1164\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1164,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"23264b58b213da9174afb66924235a8d","sha1":"85034bf1c459a0f5309e97cba2ad06dbd6a254c5","sha256":"19e6c7555df78fd101566b8891deb201b76bc6ca9e24c854bcd743a75886072c","sha512":"9259bc70e15f981952791935cc07c41f582026f0f91181710bf06411a5ab7ed0f4ea6bc502a3c2142525d35eaf71880d2ef50755211d9629e00e8402e7353120","ssdeep":"","tlshash":"c321968c572479e9caa038e6389f6692c0422957ef5718b42a4f8f75ccd46566dc370c","first_seen":"2026-01-03T17:25:30.374662Z","last_seen":"2026-02-17T18:52:15.410636Z","times_seen":3,"resource_available":false,"data":null}},"time_used":659,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":659,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/polygon.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/polygon.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 812\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":812,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0b0fc916585c56148e051a0c3fdd67bb","sha1":"c34b47ba842e51cbf40de1642ecb59817cf71730","sha256":"c399a287fd3bed411c94b3e6d80029d145132ec447b603cde67d0fef722313f7","sha512":"ac47ca99728f2d99ea50f1f07d6b62c8fe0b6d5db5194880af8709168774801283eb07183771897eefea32ef1e9b708ab43d5381adf1c3dbe10b0bdddc266093","ssdeep":"","tlshash":"ed01868ce5016e079bc744416cf797140470956b130b5f8badd2d8205075c936b65572","first_seen":"2026-01-03T17:25:30.383912Z","last_seen":"2026-02-17T18:52:15.426124Z","times_seen":3,"resource_available":false,"data":null}},"time_used":679,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":670,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-01-03T17:25:01.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:01 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 17135\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Swiper","description":"Swiper is a JavaScript library that creates modern touch sliders with hardware-accelerated transitions.","website":"https://swiperjs.com","common_platform_enumeration":"","icon":"Swiper.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}],"data":{"size":64980,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (384)","md5":"c39d1647005a1e16f2838d5c2c4b8a52","sha1":"fe3aca3fe30a7dfd419c3291c7b95b730095215c","sha256":"5104ba0ba38e50e22cde0fae1dbb9fcf15781786b24de2d37811dc3ccb48933e","sha512":"020698b5c5d3dbb53f3a28d6e967d06ab50efb83ba9e2ed30db779293f33b147ef200eab097359742e627de08072f4688ff55d59b3243931b9b972241d66dab0","ssdeep":"384:oNkuh11ircP/60AV9523TC5eIV6NfJ1LymNuQftGFAbs8IhVIjs2I9mD:6kG1Ye/an2jCoNfJD/bs8YVOs2CmD","tlshash":"1a53b570a1f1266a53b382d222609a69b445aa03cf1716d9b7ed57cb6fcacd1dc331cc","first_seen":"2026-01-03T17:25:30.393276Z","last_seen":"2026-01-03T17:25:30.393276Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1305,"timings":{"blocked":504,"dns":226,"connect":135,"send":0,"wait":295,"receive":1,"ssl":140},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/css/11663eb5ca3c6d95.css","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/css/11663eb5ca3c6d95.css HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3944\r\ncontent-type: text/css\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11554,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (11554), with no line terminators","md5":"5fec5f13e551d8dd0440eb15bae99ab0","sha1":"c2210205584c05315bc811897c4b5d1e7130b4a1","sha256":"b9d513a9610d8b1a5ca9898d9faae496f32f81d3aca849a12df47eff322b97bc","sha512":"27d8a516dee84d34dc74c1152335581a74654d4ec7f52fe0f1af08285bbe322d33fda71335313a5c88ebeb41bd26c1e2096b56e3022e3898276ad9e2d6f6f024","ssdeep":"192:3mUJbiKneTJTLdKSme+jeHo0v2GZHcE5Dfufs:2UbeTJndKW+SIg2WTRWfs","tlshash":"5d32dda86310281352134f3247b59bb4ddb4489207d3cd7ea1c1ad84d6bacbd276f6b9","first_seen":"2024-10-26T05:47:07.31475Z","last_seen":"2026-06-06T23:53:08.287952Z","times_seen":36,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/swiper@9.1.0/dist/swiper.min.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.277Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/swiper@9.1.0/dist/swiper.min.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=86400, s-maxage=86400\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"40-Dc7wksuMWD4aT6MPPGZw6SgN7QQ\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 2586\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nx-served-by: cache-fra-etou8220107-FRA, cache-hel1410027-HEL\r\nx-cache: HIT, MISS\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 62\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":68,"dns":36,"connect":26,"send":0,"wait":53,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/swiper@9.1.0/dist/swiper.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.1.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.279Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/swiper@9.1.0/dist/swiper.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=86400, s-maxage=86400\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: text/plain; charset=utf-8\r\netag: W/\"3f-r+SV2h6REmNzuSRKLCkmlU1gT7Y\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 2586\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nx-served-by: cache-fra-etou8220072-FRA, cache-hel1410027-HEL\r\nx-cache: HIT, MISS\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 62\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-08T19:34:27.179619Z","times_seen":16247994,"resource_available":true,"data":null}},"time_used":224,"timings":{"blocked":68,"dns":35,"connect":29,"send":0,"wait":52,"receive":0,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/saitomask.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/saitomask.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 3086\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3086,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c6160cbd995dd58e262519e5cc82140d","sha1":"8c9cce0871cbc9ae01719bc47a594d91467e140e","sha256":"a793745ae85af86257dd9d516fc950536d8778c40b66930bb43d52c5876e72e2","sha512":"b18deb7d6a95077f0b0c8c0decee78e4b9a62f64f51f1a0e1a9cc5833899dd381a262fd48f173d7933ef17b2a10a0a466cd8fa7c482a93bfba2cfb964a1475c3","ssdeep":"","tlshash":"f7517d694130746c3d1284ea99135dabde8b0c2b2c22bb05f6454873f2e7cb0e7c24d6","first_seen":"2026-01-03T17:25:30.415644Z","last_seen":"2026-02-17T18:52:15.417818Z","times_seen":3,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":676,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/encrypted_ink.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/encrypted_ink.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 410\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":410,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"390cbfa07f958273bfa33e465c371351","sha1":"2dbaa61ce05bf7604829bb3220cb7f6967c2bf9b","sha256":"8883db03805fcbff737631b53ee20477a61c93f26ca1e52ffdf4521d4114ca78","sha512":"ddb7f2cf455bcee847ba18180deb2462c9bf86696e9508ab63981ba05be8b7ca5e0af8e84ae9935205318223388599e08b301286da766341f3ebdf2932fbbab0","ssdeep":"","tlshash":"eae081a1640870b053be7004fd1cc1984f003501d1f3d9fcf3bae08a00a8ee03588a32","first_seen":"2026-01-03T17:25:30.424055Z","last_seen":"2026-02-17T18:52:15.415244Z","times_seen":3,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":676,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/tangem.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/tangem.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 238\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":238,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ac7d4502551480e920d61cd87ed955dd","sha1":"80f6ccfd0f8e22b34a50d2fc35c569a786a634ff","sha256":"fc16214f033e80c7eb50541a0473690fb4ffee0b7e5683d50ed53c299ffab23a","sha512":"34d33cdce235642d9bdd0ddd599cdd5a3be59b2055d736f082c950418763d020a344b82372f7ed58c4f9e19f6b52684e9460b73bd507d6b622add50ed4e286d2","ssdeep":"","tlshash":"a7d0a7e7e5d15de4ed6dba7671d122a524532485d10e43dc699c4d75c0499487d0203c","first_seen":"2026-01-03T17:25:30.43495Z","last_seen":"2026-02-17T18:52:15.400451Z","times_seen":3,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":657,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/1inch.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/1inch.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 986\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":986,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"84ce9c012d56eb9452c93c4f971a03c2","sha1":"14f51364a624ee347b747d24a1014abb5a6f6c13","sha256":"5c0b2b3b9bcaed0584a0d4b6269398ffe4d2710c9368efc58105ad7bd5943742","sha512":"aa08fef85a0ff466683ef58ea49892d24e6fb592489c931d50eaec3a1b7e40d1f98d444598c6562803b737b3494782991c879a3f8366c818ef10e1b18c36d894","ssdeep":"","tlshash":"2e116582c1d8aa8cd5675a38035c42c3b2793f788518f5ff951394c4422ee516a1a1e7","first_seen":"2026-01-03T17:25:30.44344Z","last_seen":"2026-02-17T18:52:15.433515Z","times_seen":3,"resource_available":false,"data":null}},"time_used":673,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":673,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/atomic.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/atomic.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 966\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":966,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"990569e2e966bd401940495c6af3bc0c","sha1":"b1a2ec0f99f5844bee418600ac3005c3edc8af3d","sha256":"5e7b2f64f17c6e0f009f88b2b1c9a5a4f145e5dbc85123dad5c68c848bc96801","sha512":"22a9d6c14e6d4bcbc97da6cf9470500352edb8719744ac4f0a8157673006767e4379028348b1effa46158d3b471c67ceed08b19587d4471e61087af375bb4088","ssdeep":"","tlshash":"ee11c4b40c8456f74ab22fe0da7a96e0f151074612eb269278631831bf285f493fda46","first_seen":"2026-01-03T17:25:30.455873Z","last_seen":"2026-02-17T18:52:15.404271Z","times_seen":3,"resource_available":false,"data":null}},"time_used":666,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":666,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/gridplus.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/gridplus.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 830\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":830,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1d71274b87ae89c7f6ce715b534472c7","sha1":"eff40b67e23427cedf6333755c8219f81c0210a7","sha256":"4b2b04bb891198976821c759edd8ab47def06b62871c796f8272e09aee7638df","sha512":"312e8c18cc245ebcd888949592e7e0deac0bb801f8d5a0e8e748bdf3559cb9ff081ef2bac397b73309b406879b983d29e7dd3e4cb1b8a73830f65c674d94e37f","ssdeep":"","tlshash":"2d01d6ae8eb5378cc5ebf80295bc421483b86885db3827c342edb8fc0a10823033c304","first_seen":"2026-01-03T17:25:30.461809Z","last_seen":"2026-02-17T18:52:15.413453Z","times_seen":3,"resource_available":false,"data":null}},"time_used":661,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":660,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/exodus.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/exodus.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 2414\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2414,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c7e4b2afe2b71915a1d09d3d49650ace","sha1":"01a331305b7caabbbcaaa24129aeb6d492395c79","sha256":"a253c0fd531e6a3fa2c8fb00e59d915a4c2afb40c5312713e9ca24b30b66d2cc","sha512":"b766a939ca93cd96a1f0db9de41860f94cbb29aac51bcc932fa8c74df585af73fd7ad8eefe9185c844fb506811b56f3033a34545ba4b913f9b496588dce129c7","ssdeep":"","tlshash":"bd415d8e39131bfeacac53137b6c4b0cb65317ba5b49ceac095661c520c43e69f160eb","first_seen":"2026-01-03T17:25:30.465979Z","last_seen":"2026-02-17T18:52:15.418923Z","times_seen":3,"resource_available":false,"data":null}},"time_used":655,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":655,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/ngrave.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/ngrave.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 448\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":448,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1e7d405c88fa2d810b78d389e438fe17","sha1":"f354f4c8d8835965fb9b58e5ca00deb45d8b85cb","sha256":"cc75d455114c80dbb202fdd086b69fc1c2de2bd57077ef6885d61345a8e496f9","sha512":"53e708f6abcb515e51b59497a74d68b5bc76804b1283126694b7968bd46049f5353d3bb2fc87032ef38b4d691c43b6019bb255cacb4af43d531376927a0294b3","ssdeep":"","tlshash":"d7f054cd81e58391d4ca64f834b6b476d149783441b6e57370063574d35567463c0dd6","first_seen":"2026-01-03T17:25:30.470934Z","last_seen":"2026-02-17T18:52:15.43305Z","times_seen":3,"resource_available":false,"data":null}},"time_used":658,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":658,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/media/close.87aa692d.svg","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.546Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/media/close.87aa692d.svg HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 624\r\ncontent-type: image/svg+xml\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":624,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6c8d0332012ff6e9e352f736fd659d12","sha1":"db5bc0eaa9231dd8d35c6fa9d330c11cc27016dc","sha256":"7538f529e343b9d6a2cc23066c9077db6f8ef91eff40d9b23430b2660ecd91c3","sha512":"cc70360b908fcde50f960e1bde57dd3e24adc5fad85b2eca9dd06eeebc2527a3919849bef207f5f80d0111dd2c90114bb4a852721a5bf32f0ccc782b56edb61c","ssdeep":"","tlshash":"13f040eca1ef082f20bbbf70ffa3a04681001bf882ed0834b814e8647c0c3886d50a48","first_seen":"2026-01-03T17:25:30.47561Z","last_seen":"2026-01-03T17:25:30.47561Z","times_seen":1,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/media/state-connector.438a9248.svg","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.554Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/media/state-connector.438a9248.svg HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 11731\r\ncontent-type: image/svg+xml\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":11731,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"71d9fc122007357d73691d212941c3e5","sha1":"ecaa6a3f3c8a8bb0efdd1eb6b4c47bef24c9abc8","sha256":"78e77133168af0dae171cca1b50d2b2d38b20961e45d2831401ae46fdd6dcb78","sha512":"0d80b38ed9fe691fd664011aac1673cf8eee4549591d44783b3039158ac91248acac3b5108fcb3b8299715890005d436a6c66e4fdf892472190cc37a98e0cac0","ssdeep":"192:oCdm55oBrJ2JzEh+rR1KsjD5X9/RBA1T+N2hlop207yDR2Rh0Cz5PiupW:oCdiaRqQhCHjA1iNI62qyDwkupW","tlshash":"b2325592e39517bcae478f6d80f454a23593146fb176e2fccbb79342b40aaf1049487e","first_seen":"2025-01-07T21:31:31.246348Z","last_seen":"2026-05-15T02:00:58.46514Z","times_seen":35,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":379,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"bootstrap.smartsuppchat.com/widget/d20c6dac52c21b1b39b87a69a9711311d1a8591a.json","fqdn":"bootstrap.smartsuppchat.com","domain":"smartsuppchat.com","tld":"com"},"ip":{"addr":"3.125.249.105","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.smartsuppchat.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 02 Dec 2025 00:00:00 GMT","end":"Wed, 30 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"DC:47:26:FC:2D:4B:14:19:23:BC:B7:70:14:DA:60:A6:21:B0:1E:81","sha256":"0D:5E:FD:70:25:9E:DE:DD:47:CF:0C:58:1C:08:A2:A1:05:AC:A6:7E:0C:43:6F:50:E7:49:E0:A1:60:D0:0E:0F"}}},"request":{"raw":"GET /widget/d20c6dac52c21b1b39b87a69a9711311d1a8591a.json HTTP/1.1\r\nHost: bootstrap.smartsuppchat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nOrigin: https://wallstreet30.icu\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 403 Forbidden\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 57\r\nx-version: 144a363f30d9c9165f08f3a591e8e2bf34692360\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: private, max-age=0, must-revalidate\r\nx-hit: redis\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"403","status_text":"Forbidden","fingerprints":null,"data":{"size":57,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"471ad8674b65ae0302f71602143789ca","sha1":"8cbb927ffa584a95af053f00149b47d8295719f3","sha256":"1e3f60d29de08e299aa39aadee4c5c47414c0e6108298deb9ec78d14d62ed238","sha512":"717b067945c9b8d6fed624f98c70d1e534d76801934db5975cc13ebd86b1f1b592fb4e7f377e996893b4a7e78cd111044f49990a427bc5c42f2ebce6fa6bf7a9","ssdeep":"","tlshash":"fe90022f05291cba7f3245053c6851cc025404a1518074d6ccec917d064f540c022112","first_seen":"2023-04-19T00:11:12Z","last_seen":"2026-06-08T12:28:44.022189Z","times_seen":2964,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":111,"dns":20,"connect":21,"send":0,"wait":23,"receive":0,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/metamask.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/metamask.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 716\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":716,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ae1c12f4f423cb2bd4d339566b44ad4b","sha1":"45823ddc10da7ec48fd7c20c6a8e23f64779fc0c","sha256":"ac37697f4fd7490c54f48ff9b5a7d56fcb77e7fbb6d25bdbd4e856f4be47aae6","sha512":"279dfa977a45d93e1e775a19ffbd16db7fc1c02d709bdc066073f46177d8b42bb83cf759791d59cbe71f980bc9335be5f0bf2d22c93d16ef205157c746bf8612","ssdeep":"","tlshash":"5901992551d040395ce3b49773bed5d09d434181cd64c5b7f743eaf72652c20f503284","first_seen":"2026-01-03T17:25:30.496586Z","last_seen":"2026-02-17T18:52:15.398963Z","times_seen":3,"resource_available":false,"data":null}},"time_used":536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":412,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/xaman.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/xaman.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 936\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":936,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"29456b89e37951ec5899cc6614d7191a","sha1":"cf35fd6833cab9036ea26bad0caa0b541d513d58","sha256":"13637f352f5e0146063824a2a9bffbe4d9db5e1527dbfb9df9505a473d920127","sha512":"362ca77d6a4f663497c365a39af74c4909cd7f0acbbd8b28df441022686514c173a796a01291edcddf9ed636b04f684fd7f9fa8727544bf2a78580bc9cbc0bd5","ssdeep":"","tlshash":"6411c84178f10ece8d06011aa536e1723317d968f317cba0c0ece06286653e93086f66","first_seen":"2026-01-03T17:25:30.517333Z","last_seen":"2026-02-17T18:52:15.402844Z","times_seen":3,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/saito-pro.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.294Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/saito-pro.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 836\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":836,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d673470cfeda2b3d206fc3cd0dd7334d","sha1":"04e4344b9243ab27759868dd069b77219892fcb5","sha256":"8bbb92bffe180cb310a9cce6442cbd3ac60847355480d3b7b296192d8042c1c4","sha512":"9f59ceeb1deabce5decd349bd70b3e0c5efa9b66e723bc7f7e934170e3cc0914f763731efbf321da7c4e279929003ce190f7f9b2eb2b297bc91b17b00f3b36b4","ssdeep":"","tlshash":"6e015289d034f4f1ed39b4170f4b66ceaad1db05e434c62988569d4822f8669385e03f","first_seen":"2026-01-03T17:25:30.525801Z","last_seen":"2026-02-17T18:52:15.431928Z","times_seen":3,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":667,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/compound.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/compound.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 740\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":740,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c1a7213e6ab59f67d48934933939444c","sha1":"deb12329bca1b2d581225031b4699ce77bf01e50","sha256":"65e83ddd44ea96ab452416624e14a777af72e5a7260644d08eb5f3d2ff96c737","sha512":"2a223dfb624e3d7336927140d0c86bd333e95ba91ce221e1f1972f27dc0cc725d135e7e85140a0e7ea54e3f3dce7c27ad76b3735620db160b8723409ba6c1957","ssdeep":"","tlshash":"0d0199b0513de63ddc867d70d8b4c55f3ee077901296d9cb99d1c4b5c584244d294c6c","first_seen":"2026-01-03T17:25:30.532467Z","last_seen":"2026-02-17T18:52:15.415901Z","times_seen":3,"resource_available":false,"data":null}},"time_used":674,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":674,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/trust_vault.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/trust_vault.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 930\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":930,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"177c00a1c5fb8691b7d806099af6ba20","sha1":"d496581f8bf1cf62cc1d3a7d1d2703b72e7e0511","sha256":"08dc78b32c60448d266bc249c9edfa5e28991919753a8c4316b291e3f61b29dd","sha512":"cd8bb1bf2cd5cca270826df768e4a6f6a98f5f1b64f35b59c5821efba9a6645669743d96fca79da8377aa037adf7b83ddf73db022f39b1781f30cbf1917ebb6d","ssdeep":"","tlshash":"cb11f7aa00d00d007373af0b7acfef180112a2ed4743862e4dae60d093a935b3c4a7b1","first_seen":"2026-01-03T17:25:30.542853Z","last_seen":"2026-02-17T18:52:15.410068Z","times_seen":3,"resource_available":false,"data":null}},"time_used":672,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":672,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/coinbase.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.307Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/coinbase.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 796\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":796,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"09e023118d6b13a38c5b4ad2685b331d","sha1":"b86faca8c52b2ceed3cc608d4b941be1f854bd38","sha256":"8f1f2a3c6b92d02f7156b318821994340178334e1a84e927daa62b76a14eae25","sha512":"1b5be6cf65669fd586172fb50d2d96c8f483859a35c84048c08e31af376d484ed6dc6a7a3f257558113cdd4b35621372352f44dd4d3404c5307a9a02e647a8f1","ssdeep":"","tlshash":"53017a2e657d8f5337944ffdfd01023110711344c45596ff413d4da60d1a9fd44181b5","first_seen":"2026-01-03T17:25:30.547865Z","last_seen":"2026-02-17T18:52:15.42097Z","times_seen":3,"resource_available":false,"data":null}},"time_used":671,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":671,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/token_pocket.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/token_pocket.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 400\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":400,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"886c5b40aaa7102cc4eec3cc24ae0a62","sha1":"467fe613c08bb6109503ba10ff1b7fe88b47b853","sha256":"6bfbd7667cf5e25bf808c9eb592adc01a7e3a2a479ff7270132ec7f1b8b23e20","sha512":"1fffbb73747898ac72faa639f430d2e595a6bdfa6ea4868a52147287ed32ffcb80e339f29197bc84dbb666092303b222201a85a7ddd287905746a6ca9ffbadc9","ssdeep":"","tlshash":"34e0f145e3c72e2ad641f8516cb863620f1b2f81a2843287613a58ee845c914d2e1a37","first_seen":"2026-01-03T17:25:30.555742Z","last_seen":"2026-02-17T18:52:15.419449Z","times_seen":3,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":677,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/coinomi.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/coinomi.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 1070\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1070,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"9bc04c223eb4ac137245dc8e90eab2c2","sha1":"f7a04bc4b6d099ece7446eb884a083452b35c2af","sha256":"f195b123830432241fc3c8e846603abaae8dcaaa86c0bf6745de0541dabab850","sha512":"3a5f9e5ff7c3f374e6dbbd37dcdfb23a2b82946cccf2f23cba29537d54cdbf41884980dc4f51bd1cb0bda9bd059c373031289d1698c01b7fc8eb5e624bc2fdb7","ssdeep":"","tlshash":"9f11b9b7fce4779fd8f5c5b27d08215045530f51698384517b8ba1dc10744345999e63","first_seen":"2026-01-03T17:25:30.563798Z","last_seen":"2026-02-17T18:52:15.428962Z","times_seen":3,"resource_available":false,"data":null}},"time_used":664,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":664,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/argent.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/argent.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 316\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":316,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1eb6c4337289dbed2711db66cb0559ab","sha1":"20248ad3b326b04e7f15811ea720aa83a5ffb08e","sha256":"4a926e567d013f8a03f474fcb79504d13af3a7384c11f0ddf91da41f5006395d","sha512":"389f79010bce7a359ef908bbce2ec45df6bd9132df390076ed4091227492253517d7dc5f1e9fb6104f273ca09ff271320744f439649c58b337c9571517de6168","ssdeep":"","tlshash":"39e07d008320967507a66312f5c4239d6a525e50c61cd215633fa26c31fc3f11614a47","first_seen":"2026-01-03T17:25:30.580654Z","last_seen":"2026-02-17T18:52:15.397783Z","times_seen":3,"resource_available":false,"data":null}},"time_used":683,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":683,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/crypto.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/crypto.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 846\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":846,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"4d3faffc7e2ae2a66ed95a1d4776b8bc","sha1":"02b8b439b8b8755d57111e3841536c1641253bc8","sha256":"53ab2d129086ffbfe931420a7e1489e597baf4d21560a17a29a6ba90fe05a1f6","sha512":"7deac90cc60ce4e96b1c2e4e4719be79754355ed36ca2f1ea2f94514e683141b4ac1cd98e6bbeecd7376b64ff1906e62cd824d4571ceb651ea27d0ec8a23f120","ssdeep":"","tlshash":"c1018a11e854d7302cc2645b7b5ce78102a4d5128729fb04f09bcf95e5bc042d75d6cc","first_seen":"2026-01-03T17:25:30.585401Z","last_seen":"2026-02-17T18:52:15.412921Z","times_seen":3,"resource_available":false,"data":null}},"time_used":672,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":672,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/media/logo.ba4b058a.svg","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.549Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/media/logo.ba4b058a.svg HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 2210\r\ncontent-type: image/svg+xml\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":2210,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d158f6530a256de55ff113448c3cdc01","sha1":"004ab4cb47b186b18885d07771c008db2a0c720f","sha256":"d75739a748c0ca4fbb39903a012863cb7cfd019dfff391fe4dde2dc3fde242bb","sha512":"965092eff1b0d7a6274b87095668baf30494571f26562e53e6a39f9fa763be492fa996e44a62802ec277e003df1a373b185b9f851e8a538c9f4d755591573154","ssdeep":"","tlshash":"f941df2543fcd7e9b88a1648dd9835d37f940087c3a5b1d8bb6e1a31ef858f25063535","first_seen":"2026-01-03T17:25:30.590544Z","last_seen":"2026-02-17T18:52:15.413991Z","times_seen":3,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":384,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/media/search.48901353.svg","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.551Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/media/search.48901353.svg HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 594\r\ncontent-type: image/svg+xml\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":594,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f56d16aef3e1bb5f9b63c485eb4b4df7","sha1":"5dc8daee2e85c8ea38ed9796f4a9edb18c9ac4c4","sha256":"006352110d70060749ea9cf4564644cdfec6c51a2a45e2b63264eece7b17380b","sha512":"8feb86ca8ff81263a9e47617aa8bfb9e5d2c4a2167fa0aea0313d0e67921a92a4a52c17003d00bc2b3fb4497a652705bbf9d71d05f37b4d31ee3df255ea9c255","ssdeep":"","tlshash":"36f0288020a9cd2556708004e7e928b596bea186834f36e4f5442437ea314ad31ef3ed","first_seen":"2026-01-03T17:25:30.597226Z","last_seen":"2026-02-17T18:52:15.404945Z","times_seen":3,"resource_available":false,"data":null}},"time_used":382,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":381,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/media/ftso.5081f10a.svg","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.553Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/media/ftso.5081f10a.svg HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\ncontent-length: 26790\r\ncontent-type: image/svg+xml\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":26790,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"958ac6c96c63c7ded52851604ac69d21","sha1":"17602950df43f19db9607ad8b6d6c9d68b915ae6","sha256":"91f09b65d7efd95198581c4dace9ba4f834e17971bee56521ce836c8a795c9b0","sha512":"b81041c3bf39578e534b6178bda6b8bf67a9b8489ad13238655a306a39cbd620e6b4bc6caf8798361dd3f7c12823ad2d5fd35a7377ccb8125448dd59db95fdef","ssdeep":"384:kCH8eYT2g6BlKnf7BA59BU4VJDI4PjxgZi2wiizkoHglhD2KAAQB0HkNbJTqCIlE:dXu2Gn9Av5e2Fg1AzNHIhzHET5oxNE","tlshash":"f8c2400293696778ba830a59c93464a73ec518def179f1eccb779b42b44abf044b4d38","first_seen":"2025-01-07T21:31:31.2702Z","last_seen":"2026-05-15T02:00:58.50857Z","times_seen":35,"resource_available":false,"data":null}},"time_used":380,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":379,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/wallet-connect.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/wallet-connect.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 560\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":560,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"44b956e33be6f8701c3702bea1f9adab","sha1":"3ccee26210eb3589b75a01876afa4558cb30ba7a","sha256":"ce67f89fb2aa71bbe6d94fbfc1f6610a165f98d02709390d7058befae2ac0776","sha512":"2d424019cdc1602f8dcdfcfbf6cc2f7930fb975ede36063cbd6793989659f2cbc4b2c38f586aacb689d35bd837555ac9a446565c55705ab38779825cd8fbca91","ssdeep":"","tlshash":"57f0e1d33f158263ddd4ef60fa487a191f334681e249f39891ca5511af64553c324175","first_seen":"2026-01-03T17:25:30.612911Z","last_seen":"2026-02-17T18:52:15.396864Z","times_seen":3,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":413,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/mykey.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/mykey.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 772\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":772,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"fb3d267e6ac8e28791b9be85d3d33f79","sha1":"5257d612613c7a06b43c83d7a3e7defc895e62ce","sha256":"15bb0f4a440952ff9b507178082f637dd0f3206b8c520c2eb05d031d4468711f","sha512":"7a87b8dd76677e5924c86e6c89191f7a2cb4c16ef689918fea8c27d8fd1dd48f5aa47fb234cb3c315c5ea8c875452fec7502c7946074f7ae2455721a0548822d","ssdeep":"","tlshash":"aa01bac0a302b57579c7676be02683a9738692a5fd79b584fb2df23407745e15488009","first_seen":"2026-01-03T17:25:30.618317Z","last_seen":"2026-02-17T18:52:15.41838Z","times_seen":3,"resource_available":false,"data":null}},"time_used":665,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":664,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/iotex.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/iotex.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 554\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":554,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c4527056340eb4cb127ffa440510fd0e","sha1":"bcd0ad8a33ce23d0a8ef6f7f1ab91763895d8b05","sha256":"f0cea52225669dbb1d6824bcf5dfebe9f8151424162c721e75b2ba79da33f012","sha512":"2cb7934438532d57fa2a92d254723c1670cdc34a9cde4b370bff0def63b2c16749a23c7de040e606a2afdf17e6afbc25604bb5bfc6bf4eccc2a25e0aa508098a","ssdeep":"","tlshash":"32f096031968cdc13cc4a4607526e3ccfa3d5d2647b5080d780d94917d6d75946cfbab","first_seen":"2026-01-03T17:25:30.623368Z","last_seen":"2026-02-17T18:52:15.407967Z","times_seen":3,"resource_available":false,"data":null}},"time_used":680,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":680,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/coin98.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.305Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/coin98.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 870\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":870,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x63, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"c874b68f2da5a650d9571ddaf13aa933","sha1":"220a9ec3ae7c2cf6e99f0f90113ca02bc4ccba86","sha256":"bb2683cb821cda7f9edb200e30c132c9b45c4ffe238984f31774949b8d47fa00","sha512":"5bccddde97fc71f24db47526605d484cd5497f00a41bdb1c2194bd8c77de08e4e241756886fc9d202c85acc2712f5ad5d9e0f7629342e8fb16b4b19c1ed0fc42","ssdeep":"","tlshash":"b911ebd2ecb24401e8137bb0f860631011fd1377c253d4eb5de2552184fe123741814e","first_seen":"2026-01-03T17:25:30.631976Z","last_seen":"2026-02-17T18:52:15.409216Z","times_seen":3,"resource_available":false,"data":null}},"time_used":672,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":672,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/media/08b071738cb3e06a-s.p.otf","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.259Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/media/08b071738cb3e06a-s.p.otf HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wallstreet30.icu/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: font/otf\r\ncontent-length: 171060\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":171060,"size_decoded":0,"mime_type":"font/otf","magic":"OpenType font data","md5":"17f3fb3642df7c1b4d2b7071e4db9091","sha1":"9d8ecdad5a6861d69150ecd721af0b0bb48a7a48","sha256":"315f98708a19e23b1a74d171956c571e8bd70ee756f816f1b6fadf7e2061e073","sha512":"1d6bda4e6463f90b675a0bf82b7d107e4ca680036355a2f832eaba605c663a87cc472a3e0357922b4779947ba51b4a28288b23fb99fa2ff027637c0f8602f48c","ssdeep":"3072:hyNOQ2/JQmBtSu/pNw+ZdgpfQHg96Eev8F1W9FxH7I4Gh:VggY+nw+Z6ag9ev8FQFih","tlshash":"97f36c1ab3505f09c4224e38bc96d390732a7f65da9acb0bfc3791281ed30da1d6775a","first_seen":"2025-11-07T21:33:11.275142Z","last_seen":"2026-01-03T17:25:30.637601Z","times_seen":2,"resource_available":false,"data":null}},"time_used":563,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":154,"receive":409,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/media/39172a35e5cb35e9-s.p.otf","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/media/39172a35e5cb35e9-s.p.otf HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wallstreet30.icu/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: font/otf\r\ncontent-length: 171880\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":171880,"size_decoded":0,"mime_type":"font/otf","magic":"OpenType font data","md5":"7618380d927c2637e432ea017b6988e2","sha1":"066e353c7e5befb57985895abc5acdf671c53e26","sha256":"1e8abe091b9e7c2744d19a289bb73e118c9436caea84ee7944a3682a302522d0","sha512":"850855218b0ce97424afec0f6ebabe01a163b948025c0bae81823d34e9257aaab1163b1900434c50b0362a554978cdb87373f5cbeca50f38ca84e3b7adb65bf0","ssdeep":"3072:6FJJv1tJffE9eoOqT4Bf9PFMPfhAoX/eTvyM/LsREJQJF+St:4T1bnSeoOqsB1FMZX/eTK4soQdt","tlshash":"1af36c4ab2249b04d4229f347da2d314a7327d58dd968b47fa3795302cc35ae6f6338e","first_seen":"2026-01-03T17:25:30.644613Z","last_seen":"2026-01-03T17:25:30.644613Z","times_seen":1,"resource_available":false,"data":null}},"time_used":690,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":423,"receive":267,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/trust-wallet.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/trust-wallet.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 550\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":550,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0e46aee03d420ac2c540cc284d1b5d87","sha1":"423f95a587c0709c07933fff708a7119330d097f","sha256":"16e86a00c0080d8766b6ddbc6de76b6df2021b9a7abde3f378b5b8120fa0c512","sha512":"c42364e1bbad559032c48139372ec4424036fdefa24f27ba11c2619f5b00ffbf36ec011b8bd3ffdd3bfec34e9457d173bed22b6a7f96ddff49b6eff7f463d35e","ssdeep":"","tlshash":"a6f0261da914ff9d6ca5945d6201414511f767f944a5a3b1a54c5403447715063b4d1c","first_seen":"2026-01-03T17:25:30.651837Z","last_seen":"2026-02-17T18:52:15.402202Z","times_seen":3,"resource_available":false,"data":null}},"time_used":536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":412,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/rainbow.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/rainbow.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 810\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":810,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"6b044f672e354b15753f003fda206ccc","sha1":"6673925983c6ced23afac6acce29956b21be5e4d","sha256":"51a21bca990de0808aeeda0c52a072cb544b514ddf18884036c60b5772e1e419","sha512":"a12fff5951f9e41c5b86cc004a8d5864d267bccb28008a7a540c3809253d43819320fa0fa1a303183d32175d7a4fd794bdd62d8818a1d9cb4c2319b12b7632fd","ssdeep":"","tlshash":"6701d61a226cf008adf8ac28f62b308880009d0a0c34c249e26499eb8d6e31a03408da","first_seen":"2026-01-03T17:25:30.657308Z","last_seen":"2026-02-17T18:52:15.416846Z","times_seen":3,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":669,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/nash.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/nash.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 554\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":554,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b5b7f25dd2156cfd0c7f63e135622074","sha1":"b2762bea8005539571e98f5c60f91fbceb9d479b","sha256":"37e5949f0bd9f3c096eebfb0b7273d2268bdba6dd50eb54e3fe337159a585373","sha512":"0bb61d9a819a37e2fae9e28a41296041af4a51a0e82b6ace226bf7289bf18381be9d3ebd0f30c202b9061a61c0edd368a851e6b73fcc86b5ce969e30d1b06d23","ssdeep":"","tlshash":"5af0eb86726662c41af9f14eb88bd2a6414a72b44eaa038c526a00127cf7608d1ab83c","first_seen":"2026-01-03T17:25:30.661763Z","last_seen":"2026-02-17T18:52:15.408544Z","times_seen":3,"resource_available":false,"data":null}},"time_used":664,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":664,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/d-cent.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/d-cent.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 604\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":604,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"ee0c02b490dd3fc652704a497bb1ef88","sha1":"6784eebd198ef8b21d7a9772ef28d13b64a9df31","sha256":"13b4dd599b28041384662ea0e52dae7b0cab5397dd341824ce79a0bbbb1cf68a","sha512":"3c221518b6b0d92774400ab89bd7fe06c0325bc7b8cef2eb18378210089422cb11b4f0ca2689ffe752fa0e8034ad1c680580b9170c4542a45ded8f604986769f","ssdeep":"","tlshash":"e8f0479fb841a7f44520750566b12d043691e17ad72f0cd6c8cba75588b37a071fc5f5","first_seen":"2026-01-03T17:25:30.66808Z","last_seen":"2026-02-17T18:52:15.432511Z","times_seen":3,"resource_available":false,"data":null}},"time_used":661,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":661,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/favicon.ico","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:03.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:03 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/x-icon\r\ncontent-length: 4286\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=604800\r\nexpires: Sat, 10 Jan 2026 17:25:03 GMT\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4286,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel","md5":"1f3cb00228715184997715981ce9ea1b","sha1":"c78eddd98c3ea7f72cf1bc9e558e11ffcf102d06","sha256":"15b2e1ee7f916790696efb8ac869266ebf13d3460bc52d5ca31d5aa125bb201a","sha512":"8ce1d63cb179f10f0adf169dd145ee0b7445dbc6a8ffc84cfbe2259cf002f9ecb97686584bf369fe1dd586b1f4669f08d8d8b874d6123aa4784a9aefe488dbfc","ssdeep":"96:dBBBBBBBBBTSLduRxBBBBBBBBBBBBBBb5MCCCCCCCCCCCCC:dBBBBBBBBBTBBBBBBBBBBBBBBBFMCCCf","tlshash":"9191c4810181aa4af493cdb6b149c984e67e7ddce563709827143f4e89fd0e398fe80b","first_seen":"2026-01-03T17:25:30.672632Z","last_seen":"2026-01-03T17:25:30.672632Z","times_seen":1,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/dharma.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.314Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/dharma.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 562\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":562,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"17c0c1f7fc4a38b57f6304e418835b0b","sha1":"ccbc0de4f4fd9c4692054820642a64bb57eca148","sha256":"c5ba9295d227e2442bd50403f16009fb0fa8ee995505f64e8556e4c4859f8ab3","sha512":"99dc0a720b005ab95531dac286ff41e9a56790cfef9a842441cde03877d6f756a8fc92ba5f607775d148138d510f6f81c3fcdc68a96e8df3982e602c1304d286","ssdeep":"","tlshash":"7bf0260674639acec98cd4fdddc2ee18fd50e4c985a097894513e04a4a7038f37b4796","first_seen":"2026-01-03T17:25:30.68632Z","last_seen":"2026-02-17T18:52:15.426694Z","times_seen":3,"resource_available":false,"data":null}},"time_used":674,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":674,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/css/2b110198168c3765.css","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/css/2b110198168c3765.css HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 8893\r\ncontent-type: text/css\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":30145,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (27075)","md5":"663545aab86672ad61fa9e33c74c8e70","sha1":"bebcc2e8d87896619c66cd4e26817920ab7e7a91","sha256":"5fa29e0c25b91694b04813a843a13444aa89df5a85d39c6a3df07b529aa72a44","sha512":"5d53e63c92083cc3dd88558521b3b3d7666cff3474256f02a91dae0dc3ba8eef7a75c937ee96d82b59d3ba3da73988c94fe09a1fc17ea431691212ef7cf5ee3d","ssdeep":"384:LHWwn6VoSdVUAZQZTb3/MYT03gD+aroovuGh:LHSVoSdVUACaYT03gNro+D","tlshash":"a9d2d91dae15113f6c2780f1c3e8b9dcb019f4c0ef3a56faaa9611119ac36f61ea7714","first_seen":"2026-01-03T17:25:30.694997Z","last_seen":"2026-01-03T17:25:30.694997Z","times_seen":1,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":141,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/binance.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/binance.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 800\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":800,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"3657f9aea1f69e454f4d316a05beb882","sha1":"90584f22ed857fc2ec1fc30b887d7dc32b09eb9a","sha256":"ea6c2fbf44b41ceeb26c838fa880c5715008c65e7c05bb4ec1e48ab30bfe0b91","sha512":"4190b0d1368ccfceca4c05f14dad8c5ca76f63a862605bc739449f3a00de483e9d717bf667b287005b22bea195f958950cc5cd2783f6a75ee40726927be2b945","ssdeep":"","tlshash":"d2017596b1175ad0cb0a17aa54bf91371825a11ef95fc021218bdecdbd070bd6609d1f","first_seen":"2026-01-03T17:25:30.69794Z","last_seen":"2026-02-17T18:52:15.405512Z","times_seen":3,"resource_available":false,"data":null}},"time_used":536,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":412,"receive":124,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/walleth.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.296Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/walleth.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 492\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":492,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"0b6bb59b74f4d5a433d4a5a5ec1ab042","sha1":"bb0a98cef116203f64868e108902e6b92ce8010c","sha256":"428ef27cfd939a8654c11bd258fb22196666653f1d7e5bf45cdd36bbedc390fc","sha512":"024087037f47d692841b0c6f638eb1a5c5701e3d249bcdd80a38f567428ec86cefa2e25b2c6a5182e895080d3faf29fb414ac66151cb112f0fc142850072502e","ssdeep":"","tlshash":"c9f0540c8d501da4ce6bf9983f1ff250f0ed40c4536952f15a8db8aa300013d90f86cc","first_seen":"2026-01-03T17:25:30.716468Z","last_seen":"2026-02-17T18:52:15.399849Z","times_seen":3,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":678,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/polkadot.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.303Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/polkadot.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 1760\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1760,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4d8da0c49ee68c790a73566b560678f3","sha1":"52553882753ed14a8a2f704433099f7dccfe6afa","sha256":"50ac5eaa8e0ba10191adad860940d8c9a0008b4153232f43a6ebaf9bc3a13a9c","sha512":"0892867b2ef7e4b915f78ea8ffc27eac5a4e321153aac99e3f9c5b20258a1b3b8b3206a86c630e3c6ac701d3b125c356eba8bbea9ac27805f8bfee2962bfc8b7","ssdeep":"","tlshash":"75312b02ae080c85706c4decefd65f4140a30e584c260e68bb153ee25bee0c578a4f71","first_seen":"2026-01-03T17:25:30.721383Z","last_seen":"2026-02-17T18:52:15.414596Z","times_seen":3,"resource_available":false,"data":null}},"time_used":677,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":677,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/trezor.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.327Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/trezor.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 888\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":888,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c9bd9883a75eee3b0d899591a5b4098b","sha1":"c90ce2a6c580db3b58caeb1dc8219bc799c7a3aa","sha256":"b56623db46c6d0ee75d51f27eef823b7dbae2d3fbcac70c0d21e2453864668f5","sha512":"8c57fdfd1b71f07b23a277a2be7744ea452cf209d8e7689e311ee23b3a7ccf242daf95138ef09c59191e0cab0dd2f6755e3d925d88a58e75e1e182cada1c35bd","ssdeep":"","tlshash":"9011963d1899609df6e95ebe146407603303a836412faf53499208b6d1c48e4e46576b","first_seen":"2026-01-03T17:25:30.726024Z","last_seen":"2026-02-17T18:52:15.429592Z","times_seen":3,"resource_available":false,"data":null}},"time_used":660,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":660,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/arculus.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/arculus.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 302\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":302,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"d871489a130151009fd241dd44c138e7","sha1":"e730a77a49e3d1959abc4bfda65e2d85aa466c82","sha256":"c36b2d63042eedb044df7f85d6a0faeaa2dc477f06a8e0f86cb8e6ad8c634579","sha512":"2e3c63841002e2044db26749751ccf4ffaeec15a8bde7adaeb27cd2d777bc594638f66f3dbf2e01a8019206f1cefb85e4a51bcd68a3d259a2f2e0f8fccce2065","ssdeep":"","tlshash":"31e07dd46b600b00f9f59744f5392300f25228e57dc7515c04e945ff4518c686521831","first_seen":"2026-01-03T17:25:30.732246Z","last_seen":"2026-02-17T18:52:15.4222Z","times_seen":3,"resource_available":false,"data":null}},"time_used":655,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":655,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.smartsuppchat.com/loader.js?","fqdn":"www.smartsuppchat.com","domain":"smartsuppchat.com","tld":"com"},"ip":{"addr":"185.76.9.12","port":443,"asn":60068,"as":"Datacamp Limited","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.396Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1161431244.rsc.cdn77.org","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Thu, 06 Nov 2025 03:38:21 GMT","end":"Wed, 04 Feb 2026 03:38:20 GMT"},"fingerprint":{"sha1":"20:22:46:AD:41:FB:E2:25:E8:9E:07:B9:A1:89:34:4E:C4:6A:72:1D","sha256":"EB:B1:F4:50:CA:74:9B:EA:9D:6D:23:2F:E5:17:88:07:A2:DA:B7:89:5C:C4:C4:34:60:4C:15:4E:1E:5A:D9:45"}}},"request":{"raw":"GET /loader.js? HTTP/1.1\r\nHost: www.smartsuppchat.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\ncontent-type: application/javascript\r\ncache-control: max-age=300, public, s-maxage=60\r\netag: W/\"68e92f38-46dd\"\r\nexpires: Sat, 03 Jan 2026 17:28:57 GMT\r\nlast-modified: Fri, 10 Oct 2025 16:07:20 GMT\r\nx-77-nzt: EwwBuUwJCgH3AwAAAAwBuUwKCQH3AQAAAAwBJRPCNAG3AAAAAA\r\nx-77-nzt-ray: e2f75420af9d56c6ee5059693cc5511b\r\nx-77-cache: HIT\r\nx-77-age: 3\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nserver: CDN77-Turbo\r\nx-77-pop: stockholmSE\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"CDN77","description":"CDN77 is a content delivery network (CDN).","website":"https://www.cdn77.com","common_platform_enumeration":"","icon":"CDN77.png","categories":["CDN"]}],"data":{"size":18141,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (18068)","md5":"b67300767490ee626178325c8efa3b14","sha1":"4378b772ab209e5280e60af15dd03414f2578f3d","sha256":"e3ccd7d38ffd01f14809ed081950d4a8c964d31fd6abb90a4433fb3574b9c8e0","sha512":"3c8acd1d71e685e71b69de130506fe13326f0908310caf3ac0bdf205cae4824c0dd0ef54eed3a7041cb37bd623308877df76973a28c8e691904e055e46fa706f","ssdeep":"384:fUx/y2k3g7xT7dWbEelfE4YYdWbE0rIcvCSI/a4GUpG:fUx/y2k3gli84YY8JeabB","tlshash":"4482a5ccb791a16543eb61b4843f710ff237692970098821ba65dae13c7898ee037f78","first_seen":"2025-05-05T10:50:11.676089Z","last_seen":"2026-06-08T07:14:05.856774Z","times_seen":9276,"resource_available":true,"data":null}},"time_used":126,"timings":{"blocked":58,"dns":32,"connect":7,"send":0,"wait":10,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/_next/static/media/028989de2929a41d-s.p.otf","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /_next/static/media/028989de2929a41d-s.p.otf HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wallstreet30.icu/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: font/otf\r\ncontent-length: 166640\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":166640,"size_decoded":0,"mime_type":"font/otf","magic":"OpenType font data","md5":"131932e11b522757454411713a6ce898","sha1":"bc3378f1eedc4913e50b0736450afedca184eda4","sha256":"7f524ad45d95e054d2c59cd50c6ad64a8b28194150f4492ae3f71323bf93de9f","sha512":"4b19beddfb920c20d2ca84fc244e8a6c397a103160b06d478f4c3ec867cf8c8caa6cc92e4dabf6c9d3096c9011dbc0c72227a67b81ea17855d5b7f2a1015a56d","ssdeep":"3072:d5aWAKi+1S6fM77V95Hn7KnuB1HMW0HOwf/V:PAKC6fOx9BmbW0HO2t","tlshash":"61f36c8a77189f04c5235a387de5d324b3153e68e9d7839bfa3791201d832992e9f34e","first_seen":"2024-08-19T15:53:03.338651Z","last_seen":"2026-05-06T21:17:12.511548Z","times_seen":5,"resource_available":false,"data":null}},"time_used":688,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":289,"receive":399,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wallstreet30.icu/img/ledger.webp","fqdn":"wallstreet30.icu","domain":"wallstreet30.icu","tld":"icu"},"ip":{"addr":"162.222.225.119","port":443,"asn":46606,"as":"UNIFIEDLAYER-AS-1","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wallstreet30.icu/","date":"2026-01-03T17:25:02.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wallstreet30.icu","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 17:14:03 GMT","end":"Mon, 09 Mar 2026 17:14:02 GMT"},"fingerprint":{"sha1":"59:3B:B2:A5:E3:23:50:AF:BC:18:92:88:7B:A1:93:46:B2:B2:52:FB","sha256":"85:36:85:3A:BE:8D:29:36:7E:78:86:C6:4E:05:54:4F:DD:71:DB:9E:DD:A4:0D:F7:88:75:72:37:49:04:60:D9"}}},"request":{"raw":"GET /img/ledger.webp HTTP/1.1\r\nHost: wallstreet30.icu\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wallstreet30.icu/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 03 Jan 2026 17:25:02 GMT\r\nserver: nginx/1.25.5\r\ncontent-type: image/webp\r\ncontent-length: 436\r\nlast-modified: Wed, 11 Jun 2025 11:50:16 GMT\r\naccept-ranges: bytes\r\nx-server-cache: false\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.25.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":436,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 64x64, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"b2af3b4a668a1cc94dc8a5b70153a803","sha1":"47df34d7d388c8c01a5334cf6b34e02f20f61cdd","sha256":"cb76093be21656a01d153f3949d9579cc94d09de6afe315bb8b892345f6daa1e","sha512":"f09dff6a92b3d49ddd4a39e0a6e9ced2046b0928e8522603627be08af247dc61bbc8647a9e0f831cfb177a1bc88e4fc25e68f6958bf02971cc364a96e11a5e74","ssdeep":"","tlshash":"67e0234c47cc809894afaa51ac682a51a0d7fe09a1839e806ef309e215c450cdfa485f","first_seen":"2026-01-03T17:25:30.747816Z","last_seen":"2026-02-17T18:52:15.407451Z","times_seen":3,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":414,"receive":123,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-01-03","alert":"Sinkholed","trigger":"wallstreet30.icu","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}