{"report_id":"681a3fa8-d121-48f3-b905-88b6bf4b703d","version":6,"status":"done","tags":[],"date":"2025-09-23T22:36:50Z","url":{"schema":"http","addr":"yjcs8qx6.1sgnl.co/tracked_url/2:BCJNGFRArvUAAIBhPWYxNjk1NzEwLTk2ZDktNDUwMy1hZDA1LWMyYWNiNGEyNzI2NSZzPTI1ZDAxYjFkLWY4YjQtNDEzZi1hYjliLWNjY2I4OGMwMzQyOCZvPTExZGY2OTkzLTM4YTYtNDQ2YS1hZGUwLWVmZDM3MGRiNDIyMiZuPWVmNTM1YWJmLTNjZTctNDBkYi1hMjA5LTVhYWJiZjFlMmViNCZsPTQyM2M2ODQ4LWY3MDItNTQ5YS04ODFiLTZlZjhiYTAxZjRkYiZ1PWh0dHBzJTNBJTJGJTJGa2V4ZGVjdnAuZWxlbWVudG9yLmNsb3VkJTJGZnIuaHRtbF_dvK0AAAAAX928rQ==","fqdn":"yjcs8qx6.1sgnl.co","domain":"1sgnl.co","tld":"co"},"ip":{"addr":"104.18.36.135","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"applpay.blazr.net/wp-content/App/project/","fqdn":"applpay.blazr.net","domain":"blazr.net","tld":"net"},"title":"Apple Pay Refund"},"submit":{"url":{"schema":"http","addr":"yjcs8qx6.1sgnl.co/tracked_url/2:BCJNGFRArvUAAIBhPWYxNjk1NzEwLTk2ZDktNDUwMy1hZDA1LWMyYWNiNGEyNzI2NSZzPTI1ZDAxYjFkLWY4YjQtNDEzZi1hYjliLWNjY2I4OGMwMzQyOCZvPTExZGY2OTkzLTM4YTYtNDQ2YS1hZGUwLWVmZDM3MGRiNDIyMiZuPWVmNTM1YWJmLTNjZTctNDBkYi1hMjA5LTVhYWJiZjFlMmViNCZsPTQyM2M2ODQ4LWY3MDItNTQ5YS04ODFiLTZlZjhiYTAxZjRkYiZ1PWh0dHBzJTNBJTJGJTJGa2V4ZGVjdnAuZWxlbWVudG9yLmNsb3VkJTJGZnIuaHRtbF_dvK0AAAAAX928rQ==","fqdn":"yjcs8qx6.1sgnl.co","domain":"1sgnl.co","tld":"co"},"ip":{"addr":"104.18.36.135","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-28T22:36:50Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"yjcs8qx6.1sgnl.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"kexdecvp.elementor.cloud","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"cdn.tailwindcss.com","ip":{"addr":"104.20.19.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-07-20","domain_rank":117330,"first_seen":"2018-07-09T05:46:13Z","last_seen":"2025-09-21T22:12:37.870013Z","alert_count":0,"request_count":2,"received_data":815356,"sent_data":826,"comment":"","tags":null,"fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"kexdecvp.elementor.cloud","ip":{"addr":"162.159.137.9","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-04-29","domain_rank":0,"first_seen":"2025-09-23T22:36:51.206026Z","last_seen":"2025-09-23T22:36:51.206026Z","alert_count":2,"request_count":2,"received_data":2934,"sent_data":991,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Elementor","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Elementor Cloud","description":"Elementor Cloud is a platform for creating and hosting WordPress websites with Elementor.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Hosting"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}]},{"fqdn":"unpkg.com","ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-06","domain_rank":1093,"first_seen":"2016-01-07T23:26:01Z","last_seen":"2025-09-21T22:13:13.943291Z","alert_count":0,"request_count":2,"received_data":748509,"sent_data":850,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]}]},{"fqdn":"applpay.blazr.net","ip":{"addr":"176.126.84.39","port":443,"asn":63473,"as":"HOSTHATCH","country":"Sweden","country_code":"SE"},"domain_registered":"2025-05-25","domain_rank":0,"first_seen":"2025-09-23T22:36:51.202357Z","last_seen":"2025-09-23T22:36:51.202357Z","alert_count":0,"request_count":4,"received_data":16264,"sent_data":1977,"comment":"","tags":null,"fingerprints":[{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]}]},{"fqdn":"yjcs8qx6.1sgnl.co","ip":{"addr":"172.64.151.121","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-03-19","domain_rank":0,"first_seen":"2025-09-23T22:36:51.204825Z","last_seen":"2025-09-23T22:36:51.204825Z","alert_count":1,"request_count":1,"received_data":2215,"sent_data":860,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"static.cloudflareinsights.com","ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2019-08-30","domain_rank":4073,"first_seen":"2019-09-24T14:34:56Z","last_seen":"2025-09-21T22:13:28.585612Z","alert_count":0,"request_count":1,"received_data":20344,"sent_data":526,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"applpay.blazr.net/wp-content/App/project/","fqdn":"applpay.blazr.net","domain":"blazr.net","tld":"net"},"ip":{"addr":"176.126.84.39","port":443,"asn":63473,"as":"HOSTHATCH","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"020c83547278f16be2d3170b7b626c92","sha1":"851e2c83e242e52651f56e7c86782b18ee8ee944","sha256":"b3139c6b8847bbf72938bc3ec0ba62069e0389536ff92684aa7428f7f1ad6cfd","sha512":"c876766fc2fa3cc615cd0303f383deda0f9ccbe3365444ada18f38465bd69e4f8856328a80efda6c23766bd18df022df48353e0f21aa186e423d052f5ab20707","ssdeep":"","tlshash":"6ca002591a4654b78e1245867b3d224698c008572941d884384e4f5f5f1a4d810b84ca","size":70,"data":"","first_seen":"2025-03-13T03:49:36.828035Z","last_seen":"2026-03-27T21:11:37.172133Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/lucide@latest","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad570c4081bb0db8b1c9fe3459b2905a","sha1":"90fd90e3b58ee71fb09b0e49ede75c85805244df","sha256":"72646e574ecc776f056949d914e5f461881e639b236910680e38b097d3561634","sha512":"8187104214b07ef8752c7952062f73a9c7d41dde6b971b5f961a3b6af4250bdaea4506a9f8144ef603649b20b0343de8fb9450a45ca49a96b833637d5df5b434","ssdeep":"3072:wYSblLyCJmYHBBhtpaK5sxpBD2w11regPO4LkdICG0jYVirXYiszRFL6fe4rDP4R:NwsKmxpmciEisz3mfe4rDu","tlshash":"c08462af8fcd269f4856e7881a8bb0511fed53bd331a8c13768e867bc252416dcb3611","size":373553,"data":"","first_seen":"2025-09-12T02:19:53.93664Z","last_seen":"2026-02-02T20:51:12.815453Z","times_seen":46,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kexdecvp.elementor.cloud/fr.html","fqdn":"kexdecvp.elementor.cloud","domain":"kexdecvp.elementor.cloud","tld":"elementor.cloud"},"ip":{"addr":"162.159.137.9","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a58333549cbc16302b5ba19e834aac81","sha1":"409b74e30f9e05d9a2d1a6130ba23bc3866ac9ac","sha256":"c4789901a8cf5cba35c8367f6545b19fa6227ce086c739b0e41962313e49e346","sha512":"33e6e0a4eb8c66a0300c23fd53fe99fc362816d72813f67d8ce325759ce46621b4459537d7b12cf2ddd0d5b1eea1003229971855f507fa5b7eaba1ba32f45eac","ssdeep":"","tlshash":"8711dc763b2a2634c6d5408b327ee7a93d3260617b029044c2accc289918e8314afcbe","size":921,"data":"","first_seen":"2025-09-23T22:36:55.929287Z","last_seen":"2025-09-23T22:36:55.929287Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-03T22:27:44.261469Z","times_seen":330063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.20.19.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","size":407279,"data":"","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-03T22:24:45.266085Z","times_seen":28698,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"unpkg.com/lucide@latest","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://applpay.blazr.net/wp-content/App/project/","date":"2025-09-23T22:36:28.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 10:31:15 GMT","end":"Sun, 23 Nov 2025 11:31:12 GMT"},"fingerprint":{"sha1":"77:EF:87:8D:9A:D6:8C:EF:F9:8F:05:89:BF:F2:6B:C2:CF:78:19:EF","sha256":"3C:23:A9:CF:90:2C:6B:74:27:D0:FC:3B:92:A8:A9:AD:66:5F:B0:D4:DE:28:80:4D:49:D0:4C:22:AE:D2:F3:90"}}},"request":{"raw":"GET /lucide@latest HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applpay.blazr.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 23 Sep 2025 22:36:28 GMT\r\ncontent-type: text/plain;charset=UTF-8\r\ncontent-length: 53\r\ncf-ray: 983d85669f1b56a4-OSL\r\nlocation: /lucide@0.544.0/dist/umd/lucide.min.js\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=60, s-maxage=300\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":373553,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":115,"timings":{"blocked":34,"dns":1,"connect":1,"send":0,"wait":43,"receive":0,"ssl":32},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applpay.blazr.net/favicon.ico","fqdn":"applpay.blazr.net","domain":"blazr.net","tld":"net"},"ip":{"addr":"176.126.84.39","port":443,"asn":63473,"as":"HOSTHATCH","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applpay.blazr.net/wp-content/App/project/","date":"2025-09-23T22:36:29.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blazr.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 12:01:29 GMT","end":"Sat, 13 Dec 2025 12:01:28 GMT"},"fingerprint":{"sha1":"E9:20:B9:1D:D9:DF:02:1C:FE:3B:9F:33:1E:00:13:C0:8E:5F:68:80","sha256":"54:87:5F:E4:8A:BA:FC:5B:75:38:41:6D:50:F4:5F:BA:82:4F:E4:BE:85:AE:13:6F:A6:79:49:6E:2D:2F:BC:E6"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: applpay.blazr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applpay.blazr.net/wp-content/App/project/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 302 Found\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 23 Sep 2025 22:36:29 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLink: \u003chttps://applpay.blazr.net/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nX-Redirect-By: WordPress\r\nLocation: https://applpay.blazr.net/wp-includes/images/w-logo-blue-white-bg.png\r\nX-Debug-Path: /var/www/applpay\r\nX-Debug-Host: applpay.blazr.net\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":443,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"yjcs8qx6.1sgnl.co/tracked_url/2:BCJNGFRArvUAAIBhPWYxNjk1NzEwLTk2ZDktNDUwMy1hZDA1LWMyYWNiNGEyNzI2NSZzPTI1ZDAxYjFkLWY4YjQtNDEzZi1hYjliLWNjY2I4OGMwMzQyOCZvPTExZGY2OTkzLTM4YTYtNDQ2YS1hZGUwLWVmZDM3MGRiNDIyMiZuPWVmNTM1YWJmLTNjZTctNDBkYi1hMjA5LTVhYWJiZjFlMmViNCZsPTQyM2M2ODQ4LWY3MDItNTQ5YS04ODFiLTZlZjhiYTAxZjRkYiZ1PWh0dHBzJTNBJTJGJTJGa2V4ZGVjdnAuZWxlbWVudG9yLmNsb3VkJTJGZnIuaHRtbF_dvK0AAAAAX928rQ==","fqdn":"yjcs8qx6.1sgnl.co","domain":"1sgnl.co","tld":"co"},"ip":{"addr":"172.64.151.121","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T22:36:27.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"1sgnl.co","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 19 Sep 2025 10:38:52 GMT","end":"Thu, 18 Dec 2025 11:38:48 GMT"},"fingerprint":{"sha1":"77:BD:94:9D:C4:7F:8F:95:1A:EB:9B:05:E3:20:87:54:12:A4:D2:76","sha256":"EC:09:C6:43:FF:32:68:0E:1D:15:F5:6C:54:59:4D:6D:A6:0B:25:2E:21:C8:33:88:C5:9A:4D:9D:24:AB:68:F3"}}},"request":{"raw":"GET /tracked_url/2:BCJNGFRArvUAAIBhPWYxNjk1NzEwLTk2ZDktNDUwMy1hZDA1LWMyYWNiNGEyNzI2NSZzPTI1ZDAxYjFkLWY4YjQtNDEzZi1hYjliLWNjY2I4OGMwMzQyOCZvPTExZGY2OTkzLTM4YTYtNDQ2YS1hZGUwLWVmZDM3MGRiNDIyMiZuPWVmNTM1YWJmLTNjZTctNDBkYi1hMjA5LTVhYWJiZjFlMmViNCZsPTQyM2M2ODQ4LWY3MDItNTQ5YS04ODFiLTZlZjhiYTAxZjRkYiZ1PWh0dHBzJTNBJTJGJTJGa2V4ZGVjdnAuZWxlbWVudG9yLmNsb3VkJTJGZnIuaHRtbF_dvK0AAAAAX928rQ== HTTP/1.1\r\nHost: yjcs8qx6.1sgnl.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 307 Temporary Redirect\r\ndate: Tue, 23 Sep 2025 22:36:27 GMT\r\ncontent-length: 0\r\nlocation: https://kexdecvp.elementor.cloud/fr.html\r\ncf-ray: 983d855d8fa3b4f7-OSL\r\nvia: 1.1 google\r\ncf-cache-status: DYNAMIC\r\nset-cookie: __cf_bm=J1NQQQL3cFxpi3hrq7jGvOpbKI_M_zExG.WfCdFjBmY-1758666987-1.0.1.1-.nc_B4UW71G2d7OpJuJKsO9smtkaaccTHvo1oMogqlCRLFvNiZSSeA.29gpmCTqr0fHphgtuwjWzXX1R6cCydlVhUr7WrFTTnnzkzRVqU_U; path=/; expires=Tue, 23-Sep-25 23:06:27 GMT; domain=.1sgnl.co; HttpOnly; Secure; SameSite=None\n_cfuvid=QjAuZKDzo83JRTko0tqHuwm4Pc7i4gsGTD4JqYIB1AU-1758666987221-0.0.1.1-604800000; path=/; domain=.1sgnl.co; HttpOnly; Secure; SameSite=None\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":1530,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":168,"timings":{"blocked":36,"dns":14,"connect":3,"send":0,"wait":96,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"yjcs8qx6.1sgnl.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"static.cloudflareinsights.com","domain":"cloudflareinsights.com","tld":"com"},"ip":{"addr":"104.16.79.73","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://kexdecvp.elementor.cloud/fr.html","date":"2025-09-23T22:36:27.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cloudflareinsights.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 24 Aug 2025 02:39:12 GMT","end":"Sat, 22 Nov 2025 03:39:06 GMT"},"fingerprint":{"sha1":"B4:6C:D2:16:CA:52:EE:BD:22:D7:B4:2C:64:FF:A5:EF:67:D8:E1:F8","sha256":"FF:3A:23:84:D6:B2:73:DF:50:6E:1A:45:A4:AB:03:37:0B:C4:4A:8E:82:12:99:10:80:A2:F7:FC:71:E3:BA:1D"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: static.cloudflareinsights.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://kexdecvp.elementor.cloud\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kexdecvp.elementor.cloud/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 22:36:27 GMT\r\ncontent-type: text/javascript;charset=UTF-8\r\ncontent-encoding: gzip\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400\r\netag: W/\"2024.6.1\"\r\nlast-modified: Thu, 06 Jun 2024 15:52:56 GMT\r\ncross-origin-resource-policy: cross-origin\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 983d85618d98b517-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-04-03T22:27:44.261469Z","times_seen":330063,"resource_available":true,"data":null}},"time_used":342,"timings":{"blocked":163,"dns":1,"connect":1,"send":0,"wait":14,"receive":0,"ssl":159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applpay.blazr.net/wp-content/App/project","fqdn":"applpay.blazr.net","domain":"blazr.net","tld":"net"},"ip":{"addr":"176.126.84.39","port":443,"asn":63473,"as":"HOSTHATCH","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T22:36:27.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blazr.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 12:01:29 GMT","end":"Sat, 13 Dec 2025 12:01:28 GMT"},"fingerprint":{"sha1":"E9:20:B9:1D:D9:DF:02:1C:FE:3B:9F:33:1E:00:13:C0:8E:5F:68:80","sha256":"54:87:5F:E4:8A:BA:FC:5B:75:38:41:6D:50:F4:5F:BA:82:4F:E4:BE:85:AE:13:6F:A6:79:49:6E:2D:2F:BC:E6"}}},"request":{"raw":"GET /wp-content/App/project HTTP/1.1\r\nHost: applpay.blazr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 301 Moved Permanently\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 23 Sep 2025 22:36:27 GMT\r\nContent-Type: text/html\r\nContent-Length: 178\r\nLocation: https://applpay.blazr.net/wp-content/App/project/\r\nConnection: keep-alive\r\nX-Debug-Path: /var/www/applpay\r\nX-Debug-Host: applpay.blazr.net\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":3361,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":128,"timings":{"blocked":56,"dns":39,"connect":8,"send":0,"wait":7,"receive":3,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"applpay.blazr.net/wp-content/App/project/","fqdn":"applpay.blazr.net","domain":"blazr.net","tld":"net"},"ip":{"addr":"176.126.84.39","port":443,"asn":63473,"as":"HOSTHATCH","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T22:36:27.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blazr.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 12:01:29 GMT","end":"Sat, 13 Dec 2025 12:01:28 GMT"},"fingerprint":{"sha1":"E9:20:B9:1D:D9:DF:02:1C:FE:3B:9F:33:1E:00:13:C0:8E:5F:68:80","sha256":"54:87:5F:E4:8A:BA:FC:5B:75:38:41:6D:50:F4:5F:BA:82:4F:E4:BE:85:AE:13:6F:A6:79:49:6E:2D:2F:BC:E6"}}},"request":{"raw":"GET /wp-content/App/project/ HTTP/1.1\r\nHost: applpay.blazr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 23 Sep 2025 22:36:28 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Debug-Path: /var/www/applpay\r\nX-Debug-Host: applpay.blazr.net\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Tailwind CSS","description":"Tailwind is a utility-first CSS framework.","website":"https://tailwindcss.com/","common_platform_enumeration":"","icon":"tailwindcss.svg","categories":["UI frameworks"]},{"name":"Unpkg","description":"Unpkg is a content delivery network for everything on npm.","website":"https://unpkg.com","common_platform_enumeration":"","icon":"Unpkg.png","categories":["CDN"]}],"data":{"size":3361,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"2b7e5dcb0cfa2b46a4998a9817e77a8b","sha1":"b25fc4ab1d9e0d8e2d5df565a6309d41c6f65ae3","sha256":"e29fb656c0ca3a36455cd62bd84486afee24f370e60085343207eaa84232b85f","sha512":"5f4586e2616d5e4fac142fa3cb77b58ad99267d662e9d00f97a02e69bdbc97395a7e281ef6780e4aa9e4ce3d34f88087c8c5996da48cf16978839afec8a23d63","ssdeep":"","tlshash":"5961106528f21af76093c0e0bbf1bf096d9cd517c967c90975ec93e51f83c618983289","first_seen":"2025-07-19T21:14:57.92787Z","last_seen":"2025-10-07T01:48:47.507834Z","times_seen":6,"resource_available":false,"data":null}},"time_used":432,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":432,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.20.19.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://applpay.blazr.net/wp-content/App/project/","date":"2025-09-23T22:36:28.536Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 28 Jul 2025 04:42:37 GMT","end":"Sun, 26 Oct 2025 05:42:34 GMT"},"fingerprint":{"sha1":"A9:2C:36:C2:5B:79:EB:33:93:88:54:08:DE:EC:77:65:7B:80:68:B3","sha256":"18:96:B7:DD:E9:B4:31:CC:9A:C7:1C:44:AF:F5:7E:C1:6C:25:F1:75:D6:6E:9A:7E:86:AC:B9:F8:49:97:6D:B4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://applpay.blazr.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Tue, 23 Sep 2025 22:36:28 GMT\r\ncache-control: max-age=14400\r\nlocation: /3.4.17\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: fra1::iad1::7r49p-1758666028067-d7270de4248d\r\nvary: accept-encoding\r\nage: 145\r\ncf-cache-status: HIT\r\ncf-ray: 983d8566abe7783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":114,"timings":{"blocked":53,"dns":31,"connect":1,"send":0,"wait":6,"receive":0,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kexdecvp.elementor.cloud/fr.html","fqdn":"kexdecvp.elementor.cloud","domain":"kexdecvp.elementor.cloud","tld":"elementor.cloud"},"ip":{"addr":"162.159.137.9","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-09-23T22:36:27.231Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elementor.cloud","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 13:32:13 GMT","end":"Thu, 11 Dec 2025 13:32:12 GMT"},"fingerprint":{"sha1":"AF:00:3B:9B:07:61:59:D5:9D:FC:62:7B:39:0D:12:53:CA:D3:BA:DB","sha256":"5A:DF:6A:08:0F:F1:98:28:19:11:0D:DC:04:EC:2A:AC:60:A3:7C:34:BF:D7:D0:B0:84:FE:15:ED:90:27:A8:76"}}},"request":{"raw":"GET /fr.html HTTP/1.1\r\nHost: kexdecvp.elementor.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 22:36:27 GMT\r\ncontent-type: text/html\r\ncontent-encoding: br\r\ncf-ray: 983d855e8d0956af-OSL\r\ncf-cache-status: DYNAMIC\r\nlast-modified: Fri, 19 Sep 2025 21:57:08 GMT\r\nstrict-transport-security: max-age=2592000\r\nec-cdn-status: dynamic\r\nec-cdn-status-reason: static resource\r\nec-source: static\r\ntraceparent: 00-983d855e8d0956af0000001758666987-983d855e8d0956af-01\r\nset-cookie: __cf_bm=E8sqD68jppI8w_mTKKdtUso0.kOZfVWcHfsB5jZStW4-1758666987-1.0.1.1-K5FQPdHlQ.JVhNdMCXfH.pA23HIIkE8qnKz2cRXds0CIsLmpgjB4UeGNZNBK.mcayOQhzgfJULrcoyjj.UwuAPGDqKE0lBHjkUFEjjHYvXM; path=/; expires=Tue, 23-Sep-25 23:06:27 GMT; domain=.elementor.cloud; HttpOnly; Secure; SameSite=None\n_cfuvid=t30N24RxUnMRTeRGzEdw.HltCugVmVx6twVVT2BNIYU-1758666987390-0.0.1.1-604800000; path=/; domain=.elementor.cloud; HttpOnly; Secure; SameSite=None\r\nserver-timing: cfCacheStatus;desc=\"DYNAMIC\", cfOrigin;dur=0,cfEdge;dur=103\r\nvary: Accept-Encoding\r\nx-powered-by: Elementor Cloud\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]},{"name":"Cloudflare Browser Insights","description":"Cloudflare Browser Insights is a tool that measures the performance of websites from the perspective of users.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Analytics","RUM"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Elementor","description":"Elementor is a website builder platform for professionals on WordPress.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Page builders","WordPress plugins"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Elementor Cloud","description":"Elementor Cloud is a platform for creating and hosting WordPress websites with Elementor.","website":"https://elementor.com","common_platform_enumeration":"","icon":"Elementor.svg","categories":["Hosting"]},{"name":"WordPress","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]}],"data":{"size":1530,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (1433)","md5":"ec9b60106b6ea3582de8636bcfa62642","sha1":"38d4d18a746822b275b5558197cc3e24f472ad96","sha256":"68385e14904eb1655fa184b6346b50e7e91798a4efa564f42351a8b032a1da98","sha512":"072ade43f98366fdd6127e91e6acbcc521b396471ea24b529b6df67e8a5fbd7eb318618741f7b551c85fad6c9772b70aadcb5a1671a0e7264cdb6ee2c04420b7","ssdeep":"","tlshash":"753153762d259134c396418a317afb693e3670726a01a0c093adcc394da4ed7009bd6b","first_seen":"2025-09-23T22:36:55.787855Z","last_seen":"2025-09-23T22:36:55.787855Z","times_seen":1,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":56,"dns":40,"connect":1,"send":0,"wait":106,"receive":0,"ssl":13},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"kexdecvp.elementor.cloud","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.tailwindcss.com/3.4.17","fqdn":"cdn.tailwindcss.com","domain":"tailwindcss.com","tld":"com"},"ip":{"addr":"104.20.19.83","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://applpay.blazr.net/wp-content/App/project/","date":"2025-09-23T22:36:28.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"tailwindcss.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 28 Jul 2025 04:42:37 GMT","end":"Sun, 26 Oct 2025 05:42:34 GMT"},"fingerprint":{"sha1":"A9:2C:36:C2:5B:79:EB:33:93:88:54:08:DE:EC:77:65:7B:80:68:B3","sha256":"18:96:B7:DD:E9:B4:31:CC:9A:C7:1C:44:AF:F5:7E:C1:6C:25:F1:75:D6:6E:9A:7E:86:AC:B9:F8:49:97:6D:B4"}}},"request":{"raw":"GET /3.4.17 HTTP/1.1\r\nHost: cdn.tailwindcss.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://applpay.blazr.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Tue, 23 Sep 2025 22:36:28 GMT\r\ncontent-type: text/javascript\r\ncache-control: max-age=31536000\r\ncontent-encoding: br\r\nserver: cloudflare\r\nstrict-transport-security: max-age=63072000\r\nx-vercel-cache: MISS\r\nx-vercel-id: arn1::iad1::f7qtx-1754703953616-47530b9ea371\r\nlast-modified: Sat, 09 Aug 2025 01:45:54 GMT\r\nvary: accept-encoding\r\nage: 2142164\r\ncf-cache-status: HIT\r\ncf-ray: 983d8566cc09783d-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Vercel","description":"Vercel is a cloud platform for static frontends and serverless functions.","website":"https://vercel.com","common_platform_enumeration":"","icon":"vercel.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":407279,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (52853)","md5":"7a614b9a197e532c00d09a23b0996b5f","sha1":"1ff1738a40f3716e30e9031b181b0955ae578955","sha256":"176e894661aa9cdc9a5cba6c720044cbbf7b8bd80d1c9a142a7c24b1b6c50d15","sha512":"a67bc26f52d938358471be5671ff4b79e11af4e68b486aaf73a35a4c9bf3777aab51101af81563b4e5b7ba4b04dd8971fcfa9ee2c41fb10a0c1ee5604a99abd6","ssdeep":"12288:fpgrZxSAoNbJb0Wie75aUXGuyQZhK4O0s:RCVoNB0Wie75aUWmnO0s","tlshash":"e8844aa57396702647eb51e850ea1042f2beaa38840c44bcf7edd4da39e5e4440fbf79","first_seen":"2025-07-28T16:58:08.903462Z","last_seen":"2026-04-03T22:24:45.266085Z","times_seen":28698,"resource_available":true,"data":null}},"time_used":6,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":5,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"unpkg.com/lucide@0.544.0/dist/umd/lucide.min.js","fqdn":"unpkg.com","domain":"unpkg.com","tld":"com"},"ip":{"addr":"104.18.0.22","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://applpay.blazr.net/wp-content/App/project/","date":"2025-09-23T22:36:28.712Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"unpkg.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 25 Aug 2025 10:31:15 GMT","end":"Sun, 23 Nov 2025 11:31:12 GMT"},"fingerprint":{"sha1":"77:EF:87:8D:9A:D6:8C:EF:F9:8F:05:89:BF:F2:6B:C2:CF:78:19:EF","sha256":"3C:23:A9:CF:90:2C:6B:74:27:D0:FC:3B:92:A8:A9:AD:66:5F:B0:D4:DE:28:80:4D:49:D0:4C:22:AE:D2:F3:90"}}},"request":{"raw":"GET /lucide@0.544.0/dist/umd/lucide.min.js HTTP/1.1\r\nHost: unpkg.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://applpay.blazr.net/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Tue, 23 Sep 2025 22:36:28 GMT\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\ncf-ray: 983d85677f6656ab-OSL\r\ncf-cache-status: HIT\r\naccess-control-allow-origin: *\r\nage: 1082471\r\ncache-control: public, max-age=31536000\r\nexpires: Wed, 23 Sep 2026 22:36:28 GMT\r\nlast-modified: Thu, 11 Sep 2025 09:54:33 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvary: Accept-Encoding\r\nvia: 1.1 fly.io, 1.1 fly.io\r\naccess-control-allow-headers: *\r\naccess-control-allow-methods: GET, HEAD, OPTIONS\r\naccess-control-expose-headers: *\r\ncontent-digest: sha256=:cmRuV07Md28FaUnZFOX0YYgeY5sjaRBoDjiwl9NWFjQ=:\r\ncross-origin-resource-policy: cross-origin\r\nfly-request-id: 01K4W35EVYGRK6C897C9T0Y19Q-waw\r\nx-content-type-options: nosniff\r\npriority: u=2,i=?0\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Fly.io","description":"Fly is a platform for running full stack apps and databases.","website":"https://fly.io","common_platform_enumeration":"","icon":"Fly.io.png","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":373553,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65368)","md5":"ad570c4081bb0db8b1c9fe3459b2905a","sha1":"90fd90e3b58ee71fb09b0e49ede75c85805244df","sha256":"72646e574ecc776f056949d914e5f461881e639b236910680e38b097d3561634","sha512":"8187104214b07ef8752c7952062f73a9c7d41dde6b971b5f961a3b6af4250bdaea4506a9f8144ef603649b20b0343de8fb9450a45ca49a96b833637d5df5b434","ssdeep":"3072:wYSblLyCJmYHBBhtpaK5sxpBD2w11regPO4LkdICG0jYVirXYiszRFL6fe4rDP4R:NwsKmxpmciEisz3mfe4rDu","tlshash":"c08462af8fcd269f4856e7881a8bb0511fed53bd331a8c13768e867bc252416dcb3611","first_seen":"2025-09-12T02:19:53.93664Z","last_seen":"2026-02-02T20:51:12.815453Z","times_seen":46,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":26,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"kexdecvp.elementor.cloud/cdn-cgi/rum?","fqdn":"kexdecvp.elementor.cloud","domain":"kexdecvp.elementor.cloud","tld":"elementor.cloud"},"ip":{"addr":"162.159.137.9","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"beacon","requested_by":"https://kexdecvp.elementor.cloud/fr.html","date":"2025-09-23T22:36:28.467Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"elementor.cloud","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Fri, 12 Sep 2025 13:32:13 GMT","end":"Thu, 11 Dec 2025 13:32:12 GMT"},"fingerprint":{"sha1":"AF:00:3B:9B:07:61:59:D5:9D:FC:62:7B:39:0D:12:53:CA:D3:BA:DB","sha256":"5A:DF:6A:08:0F:F1:98:28:19:11:0D:DC:04:EC:2A:AC:60:A3:7C:34:BF:D7:D0:B0:84:FE:15:ED:90:27:A8:76"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: kexdecvp.elementor.cloud\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/json\r\nContent-Length: 659\r\nOrigin: https://kexdecvp.elementor.cloud\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://kexdecvp.elementor.cloud/fr.html\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Tue, 23 Sep 2025 22:36:28 GMT\r\naccess-control-allow-origin: https://kexdecvp.elementor.cloud\r\naccess-control-allow-methods: POST,OPTIONS\r\naccess-control-max-age: 86400\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nserver: cloudflare\r\ncf-ray: 983d8565e93b0b65-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-03T22:31:02.952373Z","times_seen":13306102,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-09-23","alert":"Sinkholed","trigger":"kexdecvp.elementor.cloud","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"applpay.blazr.net/wp-includes/images/w-logo-blue-white-bg.png","fqdn":"applpay.blazr.net","domain":"blazr.net","tld":"net"},"ip":{"addr":"176.126.84.39","port":443,"asn":63473,"as":"HOSTHATCH","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://applpay.blazr.net/wp-content/App/project/","date":"2025-09-23T22:36:29.731Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"blazr.net","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 14 Sep 2025 12:01:29 GMT","end":"Sat, 13 Dec 2025 12:01:28 GMT"},"fingerprint":{"sha1":"E9:20:B9:1D:D9:DF:02:1C:FE:3B:9F:33:1E:00:13:C0:8E:5F:68:80","sha256":"54:87:5F:E4:8A:BA:FC:5B:75:38:41:6D:50:F4:5F:BA:82:4F:E4:BE:85:AE:13:6F:A6:79:49:6E:2D:2F:BC:E6"}}},"request":{"raw":"GET /wp-includes/images/w-logo-blue-white-bg.png HTTP/1.1\r\nHost: applpay.blazr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://applpay.blazr.net/wp-content/App/project/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.18.0 (Ubuntu)\r\nDate: Tue, 23 Sep 2025 22:36:29 GMT\r\nContent-Type: image/png\r\nContent-Length: 4119\r\nLast-Modified: Fri, 19 Sep 2025 21:50:56 GMT\r\nConnection: keep-alive\r\nETag: \"68cdd040-1017\"\r\nX-Debug-Path: /var/www/applpay\r\nX-Debug-Host: applpay.blazr.net\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.18.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":4119,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced","md5":"000bf649cc8f6bf27cfb04d1bcdcd3c7","sha1":"d73d2f6d74ec6cdcbae07955592962e77d8ae814","sha256":"6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0","sha512":"73d2ea5ffc572c1ae73f37f8f0ff25e945afee8e077b6ee42ce969e575cdc2d8444f90848ea1cb4d1c9ee4bd725aee2b4576afc25f17d7295a90e1cbfe6edfd5","ssdeep":"96:h3bdWfcmTY+aRF1pXWZL2+42HGhIUc8KeLEd:hgXTY+as02mOB8XLEd","tlshash":"00814b63df38c566e66a2b189ff6bca56b290fd50ca1194c0eecb025632c06d1065089","first_seen":"2023-04-08T12:31:37Z","last_seen":"2026-04-03T22:29:56.520951Z","times_seen":55240,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}