{"report_id":"67e016c8-0612-430b-aaf3-2c59bb8bb3c6","version":6,"status":"done","tags":[],"date":"2026-04-12T18:54:47Z","url":{"schema":"http","addr":"apple.mobprofs.com","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":0,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"final":{"url":{"schema":"https","addr":"apple.mobprofs.com/","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"title":"Apple Pay Bonus Rewards - Earn Your Reward Today","dom":{"size":41237,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (14723)","md5":"eb48d71c9acdce44c6b043560f121abd","sha1":"aa40424f13f513dd1e0b7c32a296bea9cc89abca","sha256":"63c25f21cc3f7efba81820e33f1e88896c9030e19ce235803c4daf6185f9a2cc","sha512":"7a1e38becb71f92bee5115a63b9143413810b31662861744431ab6f079b2f430d0c40fdfbb16de0b3e1cf22484dbbd1ca7b0f0530f9e418788105bdafa3ecb0e","ssdeep":"768:E0MK5vZLToMsnB7cxksc64Jysq7vGAQwQggHmLZzkaNmFy:E0MK5vZtXx/c64Jysq7vxQwplkgmY","tlshash":"ce03fa51a248123ca92bd3a4fac4b72c9139b153de574865f20e00a6d3c3fe96977f94","dom_hash":"domhash32f92afcc522ac242ab9cc069cc202ff","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"apple.mobprofs.com","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":0,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-17T18:54:47Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":8}},"detection":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.gpteng.co","ip":{"addr":"104.18.29.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-06-26","domain_rank":776423,"first_seen":"2024-12-08T00:48:33.877309Z","last_seen":"2026-04-07T21:21:46.232001Z","alert_count":0,"request_count":1,"received_data":134511,"sent_data":536,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"apple.mobprofs.com","ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":21,"request_count":7,"received_data":452324,"sent_data":4617,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]},{"fqdn":"storage.googleapis.com","ip":{"addr":"142.251.142.251","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":880,"first_seen":"2012-08-06T06:33:30Z","last_seen":"2026-04-06T05:20:12.669095Z","alert_count":0,"request_count":1,"received_data":36930,"sent_data":528,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"track.mobprofs.com","ip":{"addr":"85.17.65.238","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-10-01","domain_rank":0,"first_seen":"2026-04-12T18:54:47.862668Z","last_seen":"2026-04-12T18:54:47.862668Z","alert_count":10,"request_count":2,"received_data":1331,"sent_data":970,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"track.mobprofs.com/track.js?rtkcmpid=68eee3a82c815d69efef8f03","fqdn":"track.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"9f67cc0742c81fa12d639a1b9428115a","sha1":"46437f6f7c928591a2769e85c88fa40177edb67e","sha256":"4e4d9459646061decb99da9f397f4f69968271c864557dd7bd6b8b4bbfdd22c9","sha512":"9bfba1267dbc9a0127b01a41125e7ac890f18b530d1ad273281aac7f3ea4c0dffc9f80abc6019dcea25f27c3985fe0ae8fdd35f50e940def1e2759388a447a1a","ssdeep":"96:qrV3J4wQn5/5Wodd9QslAlHyZ6wLcNi8oyH8TCc1J4AUb:qrV6H5hWousK1yMXNi8oycTCcAAUb","tlshash":"3e91035895d1249a0e137e25881baa1535b2811723c8e858fd2cd2a04f09f7b76fdff2","size":4244,"data":"","first_seen":"2026-04-12T18:54:52.864646Z","last_seen":"2026-04-12T18:57:27.061536Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"759252cc38d79274171fc8b99eab6acf","sha1":"cf393059f871c98d50014cf4509cbd5874a7353e","sha256":"1dea31974a876c9cfd14b310521c550b4d061eb6b6450e9e324d09312e427dcd","sha512":"8cf81d5a0ce5d5392d6c238037cdc7b8efa6e29ef4ea10a4988a2196dd00f894091261155de8e3eab3f015c80137cf355750df87ea26001d98bbdee9caa8f293","ssdeep":"","tlshash":"6b11326838fd549c83ab62aa367feb4c862d51175c40cc48f50dd4150f3ae77c492eae","size":1060,"data":"","first_seen":"2026-04-12T18:54:52.866468Z","last_seen":"2026-04-12T18:57:27.062076Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":true,"md5":"2acd3d73bbc8d3ba3f35629bb52bdc87","sha1":"1ceb5cdb1aaef828d045f93c024d676b2a173ff5","sha256":"b6ca917f8a08af4a6ad8cc558c1aa032e1e0648b79ce297747c7f6d3a6693807","sha512":"087546aae007202ed3509d48e832308255bf2c81f32242f4fcfc51a4bd81b653856059e7c9abfa88b9fadaa45ed3857d59acc885222f8d6f2234942b235402f7","ssdeep":"","tlshash":"9801afcbe7ec623243a5b4b9185aa5dd3e3800f0eb005bb61c744db43394d5d002ee81","size":829,"data":"","first_seen":"2026-01-07T03:19:54.535133Z","last_seen":"2026-04-12T22:53:05.96708Z","times_seen":444,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/assets/index-CGU3YOTb.js","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"7e5e1c4d5a04f5cb2372f6a3657dbf1b","sha1":"b63dcd8d8d3cc3344329838866ea6671dc435941","sha256":"06a098a56aec725cf17ccf73fffc645769eccf6a3e80c39cd69c52bc619e8b24","sha512":"86610071ece3d354c01314d6d4665ddefb95f29265d8a3ccaa541b5f573f8a629451ec778a6e537539215c28f16cabcdc72aa57064efc0a15bb39614fbda8302","ssdeep":"6144:eVZACL3TViIr/gCEEm2iyVLHQ/yV8YYyMOizUw20wI3S:nceEm2iOLHQ/yzTi4w20U","tlshash":"f9646cd8305ab1756bb342b2507f421b723c2913680d8420f12dedae77b6549a1bbfbd","size":315555,"data":"","first_seen":"2026-04-12T18:54:52.85608Z","last_seen":"2026-04-12T18:57:27.060914Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/~flock.js","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ed557a78d5301fbb961abfe911a42b62","sha1":"d11a2a4e9fee28c4b1abc38cd8136bffec7e325b","sha256":"a86e084b4f82709814be6c15fd6305daa783fda87ad95402da9a4d3a1dd6d748","sha512":"18dd1525e2b4d89e3c46d92367fca020cf99fb07856acfd96a25dc7410611eea83b438c91691683983495945eb04a9427bc63e2a383cbe93449f4df0eb1ddb51","ssdeep":"384:FtUCBXTpeaFEo5TTThri1t/mCsOCXiTNZruJ4vKFlcEhRCDxOcX/YM2Vybyq/kmt:n7XTpeauI/Thri1CKWM4ldRzurwkTO0D","tlshash":"cea2b6d61007243d57ead1a13929f7d63177ea98a0caec8a7de91f84d414c83f3f294a","size":21296,"data":"","first_seen":"2025-07-30T15:25:28.733337Z","last_seen":"2026-04-12T23:43:04.632793Z","times_seen":6073,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"apple.mobprofs.com/assets/apple-pay-logo-Dg2YpybF.png","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:26.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apple.mobprofs.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Apr 2026 17:46:35 GMT","end":"Sat, 11 Jul 2026 18:46:15 GMT"},"fingerprint":{"sha1":"39:7A:7C:B8:0E:37:2F:C2:40:E6:A9:A2:88:C8:80:B7:76:71:EF:19","sha256":"FB:F5:25:2D:C8:B4:63:F3:54:AE:E3:AB:CA:54:10:51:8F:22:8A:AB:E3:D8:FA:7D:5D:30:BF:FF:E9:7F:21:CB"}}},"request":{"raw":"GET /assets/apple-pay-logo-Dg2YpybF.png HTTP/1.1\r\nHost: apple.mobprofs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://apple.mobprofs.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=3OoAIfeOVzFQHEoNtuusoWJJQ8UZQaNci0gK9XIEldk-1776020065.892835-1.0.1.1-amM4ntN_EmqyoRlzgYmf3BoADJM0Smu64YtpNoF6eyrGMZJ6VWzDCE16oy0_lQ8V6tELB3Yf_8ckhkSuk3iRLk4zP3P2bsOBXs8eeEop9Z_wIbxHxuKxuMinx3FzZ1qz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Apr 2026 18:54:26 GMT\r\ncontent-type: image/png\r\ncontent-length: 36312\r\netag: \"a5be57c15c790bf3b746fcfb73f17863\"\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9eb4708a0ff24e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":36312,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 3000 x 2000, 8-bit colormap, non-interlaced","md5":"a5be57c15c790bf3b746fcfb73f17863","sha1":"c4686e0b9cbd344cc801ffcc11750098395ba0fe","sha256":"0175ca8fec0b421f97873e387486ea5a2bd44aaddcece77985fe9e6f59b91d3d","sha512":"8aeff4a2be00470af232d3d388d4189a56e9115dbf4acbaa76f076415bb8fe3d1c9f18c7c3567d3f6c0ba92bd9166b93c50070f4793524deda6ae24cd3c96c64","ssdeep":"768:ck9YojYrWktltTRf0bBXYDHSJFBQuWKwwjMUFnJ6mk4Bi/lR:ckPxw3iBEHSJFX7wwj/FJfkDR","tlshash":"97f2f06a9dd3b9c5c23d9cf14fab1f4688945823a2e2a7d121065f5150fe0f42cbcd9e","first_seen":"2024-08-19T17:42:33.989005Z","last_seen":"2026-04-12T18:57:27.059171Z","times_seen":16,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"storage.googleapis.com/gpt-engineer-file-uploads/PzgXTKj71jU82nokUboUSjMbTau1/uploads/1760486621388-apple-pay-og.jpg","fqdn":"storage.googleapis.com","domain":"storage.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.142.251","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:26.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"storage.googleapis.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 23 Mar 2026 08:43:17 GMT","end":"Mon, 15 Jun 2026 08:43:16 GMT"},"fingerprint":{"sha1":"A2:F1:D4:61:ED:0E:18:40:13:AB:A3:78:6C:6D:AB:28:4A:77:33:7B","sha256":"3E:5A:E5:21:09:7C:F1:8E:A9:26:65:B3:69:53:CD:95:14:7E:62:9E:E2:28:F7:CC:46:E0:B1:9B:37:DE:5B:B8"}}},"request":{"raw":"GET /gpt-engineer-file-uploads/PzgXTKj71jU82nokUboUSjMbTau1/uploads/1760486621388-apple-pay-og.jpg HTTP/1.1\r\nHost: storage.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://apple.mobprofs.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nx-guploader-uploadid: AMNfjG3ARFOy-j16LL-XS8eq7VOVZepjAmoSM1o6WKY6pTFuVVydHc9gNgQBJM0osgdVuPJ2Nm-cF9XdcVjb\r\nexpires: Sun, 12 Apr 2026 19:54:27 GMT\r\ndate: Sun, 12 Apr 2026 18:54:27 GMT\r\ncache-control: public, max-age=3600\r\nlast-modified: Wed, 15 Oct 2025 00:03:42 GMT\r\netag: \"41fb4e4e4e6fd23489fe6cbbfa452017\"\r\nx-goog-generation: 1760486622489591\r\nx-goog-metageneration: 2\r\nx-goog-stored-content-encoding: identity\r\nx-goog-stored-content-length: 36185\r\nx-goog-hash: crc32c=7mkhOw==, md5=QftOTk5v0jSJ/my7+kUgFw==\r\nx-goog-storage-class: STANDARD\r\naccept-ranges: bytes\r\ncontent-length: 36185\r\nvary: Origin\r\nserver: UploadServer\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud Storage","description":"Google Cloud Storage allows world-wide storage and retrieval of any amount of data at any time.","website":"https://cloud.google.com/storage","common_platform_enumeration":"","icon":"google-cloud-storage.svg","categories":["Miscellaneous"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":36185,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x537, components 3","md5":"41fb4e4e4e6fd23489fe6cbbfa452017","sha1":"2a5d50d0ab68f4b4b24b351421eafcb868b47b7d","sha256":"137b09ead2a6226dd6b7148082545c9c4b420ff0205a697c0e7ee27fc22435cf","sha512":"a247a5e79c65a8833ff883920978026b5fe54ca255d1e69571fd4d5fb309dfb98fad423419ea6cb349d763c29edb5dbc1425b3ad9e898446dd2d7a629444b3dd","ssdeep":"768:C3kYooooo2b6q2tsGDD5e0zG3opl0AEraXMib:zYoooooZ80zdlHDp","tlshash":"c9f2aeef36e403bce189217824930a498f7f1a2865ca31d769e1ba40f7d47d85a4afc5","first_seen":"2026-04-12T18:54:52.847666Z","last_seen":"2026-04-12T18:57:27.059725Z","times_seen":2,"resource_available":false,"data":null}},"time_used":318,"timings":{"blocked":0,"dns":41,"connect":21,"send":0,"wait":129,"receive":23,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.mobprofs.com/68eee3a82c815d69efef8f03?format=json\u0026\u0026sub19=\u0026sub20=","fqdn":"track.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"85.17.65.238","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:26.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.mobprofs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 23:21:25 GMT","end":"Sun, 31 May 2026 23:21:24 GMT"},"fingerprint":{"sha1":"C9:EB:4E:64:DC:F4:4A:3B:6B:FC:86:77:A5:D1:2B:7D:33:4C:54:C7","sha256":"73:82:6D:15:09:5C:EB:38:B3:9D:E3:D6:0A:E1:40:B2:BA:E5:83:CA:96:ED:54:73:AD:6E:A4:CE:39:CF:E3:1A"}}},"request":{"raw":"GET /68eee3a82c815d69efef8f03?format=json\u0026\u0026sub19=\u0026sub20= HTTP/1.1\r\nHost: track.mobprofs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://apple.mobprofs.com/\r\nOrigin: https://apple.mobprofs.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nContent-Type: application/json\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nSet-Cookie: redcmps=W3siaWQiOiI2OGVlZTNhODJjODE1ZDY5ZWZlZjhmMDMiLCJ0IjoiMjAyNi0wNC0xMlQxODo1NDoyNy4wNTQ1NDE0NDdaIn1d; Path=/; Domain=track.mobprofs.com; Expires=Mon, 13 Apr 2026 18:54:27 GMT; Secure; SameSite=None\nredhash=NjlkYmVhNjM4MzFkZjQxNDA5ZjFmZjI0fDB8NjhlZWUzYTgyYzgxNWQ2OWVmZWY4ZjAzfDY4ZWVlNjZjMjMzZjY1NGQ0NTU2YTZkMnw2MTYzZGU4My1iN2ZkLTRjZWEtOGIwZS1hMTA2MDdkOWRmNzd8MTc3NjAyMDA2Nw==; Path=/; Domain=track.mobprofs.com; Expires=Mon, 12 Apr 2027 18:54:27 GMT; Secure; SameSite=None\r\nDate: Sun, 12 Apr 2026 18:54:27 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\nX-Kong-Upstream-Latency: 4\r\nX-Kong-Proxy-Latency: 2\r\nX-Kong-Request-Id: 6c9ae420f35bf57663683f6dd14f0057\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":167,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"85141ec95197f37826e26493e333d452","sha1":"1d20c2361e0cb60b26265ab6e8f61a9785b1b53b","sha256":"3675ea38991c6afafbcc0bebdc76007200fca4c0ad0077a4f22f8948516346d5","sha512":"a9e1b905998ef57e7cbc5bca4377b5a01b6ad2021ac9ae32565148745f51b2a150fd1f011a98b7e3c0cd16771b51b016b210c97663d15408e60f3353d99cc034","ssdeep":"","tlshash":"70c080f767280040dec138df5a41b8518f422d075d9dc65c456dc443052b5b114c7560","first_seen":"2026-04-12T18:54:52.851071Z","last_seen":"2026-04-12T18:54:52.851071Z","times_seen":1,"resource_available":false,"data":null}},"time_used":164,"timings":{"blocked":68,"dns":1,"connect":21,"send":0,"wait":27,"receive":0,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"track.mobprofs.com/view?clickid=69dbea63831df41409f1ff24","fqdn":"track.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"85.17.65.238","port":443,"asn":60781,"as":"LeaseWeb Netherlands B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:27.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.mobprofs.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 23:21:25 GMT","end":"Sun, 31 May 2026 23:21:24 GMT"},"fingerprint":{"sha1":"C9:EB:4E:64:DC:F4:4A:3B:6B:FC:86:77:A5:D1:2B:7D:33:4C:54:C7","sha256":"73:82:6D:15:09:5C:EB:38:B3:9D:E3:D6:0A:E1:40:B2:BA:E5:83:CA:96:ED:54:73:AD:6E:A4:CE:39:CF:E3:1A"}}},"request":{"raw":"GET /view?clickid=69dbea63831df41409f1ff24 HTTP/1.1\r\nHost: track.mobprofs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://apple.mobprofs.com/\r\nOrigin: https://apple.mobprofs.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 204 No Content\r\nConnection: keep-alive\r\nDate: Sun, 12 Apr 2026 18:54:27 GMT\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\nX-Kong-Upstream-Latency: 204\r\nX-Kong-Proxy-Latency: 1\r\nX-Kong-Request-Id: af34ae1d2413fb67de4aa85edea09c7e\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/xml","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T23:55:43.817529Z","times_seen":13682782,"resource_available":true,"data":null}},"time_used":227,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":227,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"track.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/~api/analytics","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:27.148Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apple.mobprofs.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Apr 2026 17:46:35 GMT","end":"Sat, 11 Jul 2026 18:46:15 GMT"},"fingerprint":{"sha1":"39:7A:7C:B8:0E:37:2F:C2:40:E6:A9:A2:88:C8:80:B7:76:71:EF:19","sha256":"FB:F5:25:2D:C8:B4:63:F3:54:AE:E3:AB:CA:54:10:51:8F:22:8A:AB:E3:D8:FA:7D:5D:30:BF:FF:E9:7F:21:CB"}}},"request":{"raw":"POST /~api/analytics HTTP/1.1\r\nHost: apple.mobprofs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://apple.mobprofs.com/\r\nContent-Type: application/json\r\nContent-Length: 339\r\nOrigin: https://apple.mobprofs.com\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=3OoAIfeOVzFQHEoNtuusoWJJQ8UZQaNci0gK9XIEldk-1776020065.892835-1.0.1.1-amM4ntN_EmqyoRlzgYmf3BoADJM0Smu64YtpNoF6eyrGMZJ6VWzDCE16oy0_lQ8V6tELB3Yf_8ckhkSuk3iRLk4zP3P2bsOBXs8eeEop9Z_wIbxHxuKxuMinx3FzZ1qz; rtkclickid-store=69dbea63831df41409f1ff24; session-id=0d1eddbb-202c-498d-bc7f-9ef2e7751b3a\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":339,"data":"{\"timestamp\":\"2026-04-12T18:54:27.141Z\",\"action\":\"page_hit\",\"version\":\"1\",\"session_id\":\"0d1eddbb-202c-498d-bc7f-9ef2e7751b3a\",\"payload\":\"{\\\"user-agent\\\":\\\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\\\",\\\"locale\\\":\\\"en-US\\\",\\\"referrer\\\":\\\"\\\",\\\"pathname\\\":\\\"/\\\",\\\"href\\\":\\\"https://apple.mobprofs.com/\\\"}\"}"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Apr 2026 18:54:27 GMT\r\ncontent-type: text/plain; charset=UTF-8\r\ncontent-length: 4\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\ncf-ray: 9eb4708b8cd74e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4,"size_decoded":0,"mime_type":"text/plain; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"f92965e2c8a7afb3c1b9a5c09a263636","sha1":"e9b450d14bc2363d292c84f17cfad5cfbd58a458","sha256":"11a6767d5674c7e45f7e00dc525762275b3a48491ad6045427d2609cc496c516","sha512":"25775ba3c567970fc3df3f8107f2a78a67c5619d54bfb37704423acceec253316949eee77b81100a01b91c742e475b4f6157dd2427a9f9fafd87a4078f2d65df","ssdeep":"","tlshash":"54300000000000000000c00c00000000000000000c0000000000000000000000000000","first_seen":"2023-04-09T18:20:08Z","last_seen":"2026-04-12T23:43:04.75632Z","times_seen":6203,"resource_available":true,"data":null}},"time_used":867,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":867,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/assets/index-CGU3YOTb.js","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:26.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apple.mobprofs.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Apr 2026 17:46:35 GMT","end":"Sat, 11 Jul 2026 18:46:15 GMT"},"fingerprint":{"sha1":"39:7A:7C:B8:0E:37:2F:C2:40:E6:A9:A2:88:C8:80:B7:76:71:EF:19","sha256":"FB:F5:25:2D:C8:B4:63:F3:54:AE:E3:AB:CA:54:10:51:8F:22:8A:AB:E3:D8:FA:7D:5D:30:BF:FF:E9:7F:21:CB"}}},"request":{"raw":"GET /assets/index-CGU3YOTb.js HTTP/1.1\r\nHost: apple.mobprofs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://apple.mobprofs.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=3OoAIfeOVzFQHEoNtuusoWJJQ8UZQaNci0gK9XIEldk-1776020065.892835-1.0.1.1-amM4ntN_EmqyoRlzgYmf3BoADJM0Smu64YtpNoF6eyrGMZJ6VWzDCE16oy0_lQ8V6tELB3Yf_8ckhkSuk3iRLk4zP3P2bsOBXs8eeEop9Z_wIbxHxuKxuMinx3FzZ1qz\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Apr 2026 18:54:26 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\netag: W/\"7e5e1c4d5a04f5cb2372f6a3657dbf1b\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9eb470874eec4e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":315555,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (37534)","md5":"7e5e1c4d5a04f5cb2372f6a3657dbf1b","sha1":"b63dcd8d8d3cc3344329838866ea6671dc435941","sha256":"06a098a56aec725cf17ccf73fffc645769eccf6a3e80c39cd69c52bc619e8b24","sha512":"86610071ece3d354c01314d6d4665ddefb95f29265d8a3ccaa541b5f573f8a629451ec778a6e537539215c28f16cabcdc72aa57064efc0a15bb39614fbda8302","ssdeep":"6144:eVZACL3TViIr/gCEEm2iyVLHQ/yV8YYyMOizUw20wI3S:nceEm2iOLHQ/yzTi4w20U","tlshash":"f9646cd8305ab1756bb342b2507f421b723c2913680d8420f12dedae77b6549a1bbfbd","first_seen":"2026-04-12T18:54:52.85608Z","last_seen":"2026-04-12T18:57:27.060914Z","times_seen":2,"resource_available":true,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/assets/index-DCM78_kU.css","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:26.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apple.mobprofs.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Apr 2026 17:46:35 GMT","end":"Sat, 11 Jul 2026 18:46:15 GMT"},"fingerprint":{"sha1":"39:7A:7C:B8:0E:37:2F:C2:40:E6:A9:A2:88:C8:80:B7:76:71:EF:19","sha256":"FB:F5:25:2D:C8:B4:63:F3:54:AE:E3:AB:CA:54:10:51:8F:22:8A:AB:E3:D8:FA:7D:5D:30:BF:FF:E9:7F:21:CB"}}},"request":{"raw":"GET /assets/index-DCM78_kU.css HTTP/1.1\r\nHost: apple.mobprofs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://apple.mobprofs.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=3OoAIfeOVzFQHEoNtuusoWJJQ8UZQaNci0gK9XIEldk-1776020065.892835-1.0.1.1-amM4ntN_EmqyoRlzgYmf3BoADJM0Smu64YtpNoF6eyrGMZJ6VWzDCE16oy0_lQ8V6tELB3Yf_8ckhkSuk3iRLk4zP3P2bsOBXs8eeEop9Z_wIbxHxuKxuMinx3FzZ1qz\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Apr 2026 18:54:26 GMT\r\ncontent-type: text/css; charset=utf-8\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\netag: W/\"c1c4b21b5535699e6b49c436ec607f3c\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9eb470874eee4e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":64016,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (64015)","md5":"c1c4b21b5535699e6b49c436ec607f3c","sha1":"baf484280b509df89101d6e950121b2426af7647","sha256":"88c66356ab7e247583bf57c11e58840352a3d2a7b2859081dbc0cedec0e6b476","sha512":"0d1e1fe28bebedf50022c15d50cddd29a2fcd220a4c1463cc1fead13f9b5229a993951fd167bf63eb498b946f24d3e59455e54e231d46432b1bd2ba29491c636","ssdeep":"768:Ahvr6Y9kPGIUVZNYrkPaGtCv4U378VQZkt5FN/GToG7nW:AhvWY9kP3UBaGtCH378VQZkt5FNCoG6","tlshash":"44536419b919617e2c2790e883ccb9ec610ef0c0dd3b06b97e9a41216bd37f61dbb558","first_seen":"2026-04-12T18:54:52.858559Z","last_seen":"2026-04-12T18:57:27.057971Z","times_seen":2,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":67,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.gpteng.co/mcp-widgets/v1/fonts/CameraPlainVariable.woff2","fqdn":"cdn.gpteng.co","domain":"gpteng.co","tld":"co"},"ip":{"addr":"104.18.29.167","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:26.860Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.gpteng.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 13 Feb 2026 17:44:27 GMT","end":"Thu, 14 May 2026 18:44:26 GMT"},"fingerprint":{"sha1":"94:AF:12:43:D1:04:A1:14:33:F3:1A:48:40:89:E7:94:EE:8C:2C:C6","sha256":"B0:70:CD:E5:CC:40:86:A6:E1:41:07:C4:5C:88:49:CF:85:92:FF:D0:51:57:1B:EE:25:66:4A:3B:5B:1F:74:90"}}},"request":{"raw":"GET /mcp-widgets/v1/fonts/CameraPlainVariable.woff2 HTTP/1.1\r\nHost: cdn.gpteng.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nReferer: https://apple.mobprofs.com/\r\nOrigin: https://apple.mobprofs.com\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Apr 2026 18:54:26 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 133760\r\ncf-cache-status: HIT\r\ncache-control: public, max-age=14400\r\nserver: cloudflare\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\netag: \"c48bd2439e2921fc4d3aaef0e57446be\"\r\nlast-modified: Wed, 10 Dec 2025 13:46:40 GMT\r\nvary: Origin, Accept-Encoding\r\nset-cookie: __cf_bm=jItFg.x7jVp.vY86uTYq1ysU8LeGwWF_EGK6gzj7Q1s-1776020066.8767488-1.0.1.1-WnZQIx1fz.8QqZj8Ku3tlsKOgBGsyhbK5gPGKhyV_dMwEJC5ihRKt1q4Q167nhHu1QSxOa5U3iT7srsTGvQU772ejUqUpYL9Ky4saJShY8w_EfEAr977rvq5Xt7kWJ.w; HttpOnly; Secure; Path=/; Domain=gpteng.co; Expires=Sun, 12 Apr 2026 19:24:26 GMT\r\nexpires: Sun, 12 Apr 2026 22:54:26 GMT\r\ncf-ray: 9eb47089f9100daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":133760,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 133760, version 2.0","md5":"c48bd2439e2921fc4d3aaef0e57446be","sha1":"396596764aebbe25ba1c45f19091f48a7e17a9e5","sha256":"0f4491b0f9f6b9c3e6054a9f0036583e3978fd3a8d8f49ba5da05d63cf875cbb","sha512":"cb9ff1ede5ea280e8586c3e6e84c68685b3749fa492fb1babef3d0bb72ab1b095b1c00531554ead12e31139f226c7aa96399b11fd6ae256ea134639d98d95b64","ssdeep":"3072:OWSP0iIzCkvibLej77I/9GRBm7Xy2TJ46tNP7HlgXffTp/CGZ7YpV/z:OdYGkviXe7l87C2XtBC1/CGin/z","tlshash":"d9d3123e2ad0e463aba505b13a7f65808a2e5f11e3c773c145b274cfd5302a8236da7d","first_seen":"2025-04-23T20:37:12.507957Z","last_seen":"2026-04-12T22:53:05.953026Z","times_seen":531,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":37,"dns":23,"connect":1,"send":0,"wait":46,"receive":6,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/assets/apple-pay-logo-Dg2YpybF.png","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:26.888Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apple.mobprofs.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Apr 2026 17:46:35 GMT","end":"Sat, 11 Jul 2026 18:46:15 GMT"},"fingerprint":{"sha1":"39:7A:7C:B8:0E:37:2F:C2:40:E6:A9:A2:88:C8:80:B7:76:71:EF:19","sha256":"FB:F5:25:2D:C8:B4:63:F3:54:AE:E3:AB:CA:54:10:51:8F:22:8A:AB:E3:D8:FA:7D:5D:30:BF:FF:E9:7F:21:CB"}}},"request":{"raw":"GET /assets/apple-pay-logo-Dg2YpybF.png HTTP/1.1\r\nHost: apple.mobprofs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://apple.mobprofs.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=3OoAIfeOVzFQHEoNtuusoWJJQ8UZQaNci0gK9XIEldk-1776020065.892835-1.0.1.1-amM4ntN_EmqyoRlzgYmf3BoADJM0Smu64YtpNoF6eyrGMZJ6VWzDCE16oy0_lQ8V6tELB3Yf_8ckhkSuk3iRLk4zP3P2bsOBXs8eeEop9Z_wIbxHxuKxuMinx3FzZ1qz\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-12T23:55:43.817529Z","times_seen":13682782,"resource_available":true,"data":null}},"time_used":1,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-12T18:54:25.856Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apple.mobprofs.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Apr 2026 17:46:35 GMT","end":"Sat, 11 Jul 2026 18:46:15 GMT"},"fingerprint":{"sha1":"39:7A:7C:B8:0E:37:2F:C2:40:E6:A9:A2:88:C8:80:B7:76:71:EF:19","sha256":"FB:F5:25:2D:C8:B4:63:F3:54:AE:E3:AB:CA:54:10:51:8F:22:8A:AB:E3:D8:FA:7D:5D:30:BF:FF:E9:7F:21:CB"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: apple.mobprofs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Apr 2026 18:54:26 GMT\r\ncontent-type: text/html; charset=utf-8\r\nset-cookie: __cf_bm=3OoAIfeOVzFQHEoNtuusoWJJQ8UZQaNci0gK9XIEldk-1776020065.892835-1.0.1.1-amM4ntN_EmqyoRlzgYmf3BoADJM0Smu64YtpNoF6eyrGMZJ6VWzDCE16oy0_lQ8V6tELB3Yf_8ckhkSuk3iRLk4zP3P2bsOBXs8eeEop9Z_wIbxHxuKxuMinx3FzZ1qz; HttpOnly; Secure; Path=/; Domain=apple.mobprofs.com; Expires=Sun, 12 Apr 2026 19:24:26 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9eb47083daef4e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":12669,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (2980)","md5":"8c75ce4957ff54c084ae3f4f6d2fbd82","sha1":"94b890a816899686ec81aa81a52616d75156b6c5","sha256":"5cfd964e5cb29755c79235dd24e68cc00f4797416dd650a1450fb94521aaf721","sha512":"705934d7474983f8e8d86fe16b86bf68b7b410acd1c51c24d3d9a4ddaed78481b1bed367a204cb903c6202005840e3c3dfa0ccaa98e75d04cead376437eff866","ssdeep":"192:gZukjeibOzH8x78GL9zDTUqYvGJjywAcQSyUZxBH73YXQ:grjUzH8x78GL9zDTUqY62NjaNH8XQ","tlshash":"eb42fbc2c3a8a53d8352d2fcafe9f4c8276990b3ea04ccd1b45e4579178b698e117f90","first_seen":"2026-04-12T18:54:52.861931Z","last_seen":"2026-04-12T18:57:27.060336Z","times_seen":2,"resource_available":true,"data":null}},"time_used":427,"timings":{"blocked":57,"dns":41,"connect":1,"send":0,"wait":313,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"apple.mobprofs.com/~flock.js","fqdn":"apple.mobprofs.com","domain":"mobprofs.com","tld":"com"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://apple.mobprofs.com/","date":"2026-04-12T18:54:26.478Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"apple.mobprofs.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 12 Apr 2026 17:46:35 GMT","end":"Sat, 11 Jul 2026 18:46:15 GMT"},"fingerprint":{"sha1":"39:7A:7C:B8:0E:37:2F:C2:40:E6:A9:A2:88:C8:80:B7:76:71:EF:19","sha256":"FB:F5:25:2D:C8:B4:63:F3:54:AE:E3:AB:CA:54:10:51:8F:22:8A:AB:E3:D8:FA:7D:5D:30:BF:FF:E9:7F:21:CB"}}},"request":{"raw":"GET /~flock.js HTTP/1.1\r\nHost: apple.mobprofs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://apple.mobprofs.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: __cf_bm=3OoAIfeOVzFQHEoNtuusoWJJQ8UZQaNci0gK9XIEldk-1776020065.892835-1.0.1.1-amM4ntN_EmqyoRlzgYmf3BoADJM0Smu64YtpNoF6eyrGMZJ6VWzDCE16oy0_lQ8V6tELB3Yf_8ckhkSuk3iRLk4zP3P2bsOBXs8eeEop9Z_wIbxHxuKxuMinx3FzZ1qz\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Apr 2026 18:54:26 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncache-control: max-age=1500\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9eb470874ef44e4c-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21296,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (21296), with no line terminators","md5":"ed557a78d5301fbb961abfe911a42b62","sha1":"d11a2a4e9fee28c4b1abc38cd8136bffec7e325b","sha256":"a86e084b4f82709814be6c15fd6305daa783fda87ad95402da9a4d3a1dd6d748","sha512":"18dd1525e2b4d89e3c46d92367fca020cf99fb07856acfd96a25dc7410611eea83b438c91691683983495945eb04a9427bc63e2a383cbe93449f4df0eb1ddb51","ssdeep":"384:FtUCBXTpeaFEo5TTThri1t/mCsOCXiTNZruJ4vKFlcEhRCDxOcX/YM2Vybyq/kmt:n7XTpeauI/Thri1CKWM4ldRzurwkTO0D","tlshash":"cea2b6d61007243d57ead1a13929f7d63177ea98a0caec8a7de91f84d414c83f3f294a","first_seen":"2025-07-30T15:25:28.733337Z","last_seen":"2026-04-12T23:43:04.632793Z","times_seen":6073,"resource_available":true,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"ultradns","sensor_type":"DNS","title":"DigiCert UltraDNS","description":"DigiCert UltraDNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://vercara.digicert.com/ultra-dns-public","meta":null},{"sensor_name":"cira_dns","sensor_type":"DNS","title":"CIRA Canadian Shield DNS","description":"CIRA Canadian Shield DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cira.ca/en/canadian-shield/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2026-04-12","alert":"Sinkholed","trigger":"apple.mobprofs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}}]}