{"report_id":"6c46d6a5-efa3-4719-a13e-1cc11f514d58","version":6,"status":"done","tags":[],"date":"2025-12-12T12:00:06Z","url":{"schema":"http","addr":"solvexgain800x-app.com/","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"final":{"url":{"schema":"https","addr":"solvexgain800x-app.com/","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"title":"SolvexGain 800X | Official Site - Trade Crypto Like a Pro","dom":{"size":127524,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (42862)","md5":"0931f82d2c583e202b468b12ae650562","sha1":"193f5bcb185d6690428fc7208589a958918334b4","sha256":"d87331fa8b584d8f4a4f55210b4dfc08de011137700f433abb605f57c15e3c3b","sha512":"73aec231b2afaedf53ce4224e91d2596476f0a3a052c2e2d6b220e6e6fc66dafb2b7c50efb0acddc34974f877fabb65c33c43522e0508fd86fa5b2507985d245","ssdeep":"1536:aDpR4nXBKpSpFl26vknM3+ljwqUqqlfAJ0JPvc:atUMXnFjTqlfAJ0JPvc","tlshash":"90c3fd274269352b4437c2c5306a5b3bd5e6894bfae649003edc8bfa2ff9c50702b65d","dom_hash":"domhashf36b5260e5ffb0331bf80332869c1240","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"solvexgain800x-app.com/","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":0,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-16T12:00:06Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":5}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-12-12T11:59:45Z","timestamp":1765540785,"ip_dst":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"ip_src":{"addr":"172.18.0.14","port":39842,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"medium","alert":"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)","source":"{\"timestamp\":\"2025-12-12T11:59:45.057993+0000\",\"flow_id\":1400356968948408,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.14\",\"src_port\":39842,\"dest_ip\":\"34.117.59.81\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2025331,\"rev\":5,\"signature\":\"ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)\",\"category\":\"Device Retrieving External IP Address Detected\",\"severity\":2,\"metadata\":{\"affected_product\":[\"Linux\",\"Mac_OSX\",\"Windows_XP_Vista_7_8_10_Server_32_64_Bit\"],\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2018_02_07\"],\"deployment\":[\"Perimeter\"],\"mitre_tactic_id\":[\"TA0043\"],\"mitre_tactic_name\":[\"Reconnaissance\"],\"mitre_technique_id\":[\"T1590\"],\"mitre_technique_name\":[\"Gather_Victim_Network_Information\"],\"performance_impact\":[\"Low\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2024_09_19\"]}},\"tls\":{\"sni\":\"ipinfo.io\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3418,\"start\":\"2025-12-12T11:59:45.025272+0000\"}}"}],"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"solvexgain800x-app.com","ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":209,"request_count":42,"received_data":460330,"sent_data":48732,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"jQuery:3.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-07T22:17:02.440237Z","alert_count":0,"request_count":1,"received_data":46853,"sent_data":844,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2025-12-07T22:25:46.118111Z","alert_count":0,"request_count":4,"received_data":344744,"sent_data":1956,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-07T22:13:56.807982Z","alert_count":0,"request_count":6,"received_data":199572,"sent_data":3302,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ipinfo.io","ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2013-04-23","domain_rank":1327,"first_seen":"2013-12-16T07:25:53Z","last_seen":"2025-12-08T07:32:51.614821Z","alert_count":0,"request_count":1,"received_data":1153,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/utils.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"be8412b24dc2374a8eb8c446774e2765","sha1":"c98f7005e9dbd00ec118c3cc2370bf3bfe6cf8a6","sha256":"8d6246375bc856c30649b3e800b02a22d913a7f03f08d92a7b2440824ff2ce9c","sha512":"070efefcd7228793e742ac76bbbae58d49ad8de94cd56863838f97955bfd86dbbd53eb41b1ff2aa59eaa3e6aeeabd5334e622824a48234d8997b6db397c79004","ssdeep":"3072:9E030DWujFs3OwPss3MwPaPjq09Q2xFM8M0TrpEBW6cC56kmLxTg/QKWVSpDUkzy:9E03+WqHjvxFM8M0T7IUT","tlshash":"0044f0ebd63c9737a1e87b35968eb3cd5a8cbca3c858567826c3b54f52784e0706c205","size":264516,"data":"","first_seen":"2024-11-14T19:07:22.956908Z","last_seen":"2026-04-05T01:24:35.910564Z","times_seen":4246,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/js/main.js","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"d7ad3ba3c35cf16a0f226cbe3fcbc39b","sha1":"b611e6eb325674233e60050c7071d4d9ace03fcb","sha256":"4f6159f22e966cdc2f7e7b7f6900894de08fd09be542840052c92f86efe4fca8","sha512":"73be268ee8be31d143475d93c0e2439293389031db20eff22055d33e16de5ae954b6396bc6d3416e6bce01737b887fc4f51a0fc58089f5476da01f158c728b58","ssdeep":"","tlshash":"a5217c7ff1b92933413771ae539f96913926004f3026c91a3b5c87892fd299109b3faa","size":1200,"data":"","first_seen":"2025-08-21T23:09:42.468219Z","last_seen":"2026-04-03T23:46:36.656003Z","times_seen":705,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":true,"md5":"5afc5a5ae8e3c7d71a9e5588899707b1","sha1":"27f16073f13f928d174ff3312e93c0fd059fa981","sha256":"95368102b188d0a1e142f0e100fa5ebd916500a079db26c8249cb39657f6bb98","sha512":"507f493e7a645455b65186b4c0701e9f8c1c9730ff1ecbd04348b677d8b6f8cf5afe90803eaea700d1de2e5d740ccdbc14a00d2717540e43bd29bc421d17bec1","ssdeep":"96:ySvWs+v+JV89Xlt6mJ1jYo6M2QzGi3/Js5fyn1M7ZYLS:dvWs+vbdlvJ1jYo52Qyi3/O5fyn1hLS","tlshash":"10f1408a61f123364a77347d638fa0002a775057a504ed217cad4fd93fc8a585aa2fdf","size":7656,"data":"","first_seen":"2025-12-12T12:00:16.055097Z","last_seen":"2025-12-12T12:00:16.055097Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d7c34c441a0c73f54b225cc51f30de1","sha1":"f0b6bee317c54aa421626eac803f682cb1b06fe8","sha256":"5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7","sha512":"ae4eea7dfe62cd0ac55c3ea87ddd3f1da2a0e8514657b3a7bd608d64d95d6776522f2ecef700dc0a8eb83bded5602b5b0bd22103e2b71948d00525eea77c93c5","ssdeep":"768:3Pn03Xlqn/kiICXpwJx3ycC/nFjjB7dH24y4Js:3+iIfycCxB7dG","tlshash":"4bd2e6aeb3652b37a7fd82a260a50543af7f79444604042d7cac8ede1298ed171f5b38","size":31113,"data":"","first_seen":"2024-11-14T19:07:22.945119Z","last_seen":"2026-04-05T01:24:35.923001Z","times_seen":4317,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/frontend/assets/en/dist/js/jquery-3.1.1.min.js","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","size":86709,"data":"","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-05T12:21:43.459057Z","times_seen":138420,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/?callback=jQuery31102137964678029114_1765540784942\u0026_=1765540784943","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a81f372fe7ca4707ef465121505558d","sha1":"4c1456c7469ea00870af7d112d7f4a2844f35df0","sha256":"22b2cec990ec3b41c287685422353bb4eb7c98315903499f12993ae34eea9218","sha512":"8c1ec0a43a1b50e4401f8afa14852af8dfaf26f60a87461f1469dbd000ced223652f5f41c5832dfc9b903a10f0b176aadae445d4b90d13627632de52c01e88ae","ssdeep":"","tlshash":"3b01945b10381f3aadbd454c841b9f2e33693d1f618275a68ea25f1c60449b770b137f","size":672,"data":"","first_seen":"2025-12-12T12:00:16.044481Z","last_seen":"2025-12-12T12:00:16.044481Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-04-05T13:49:11.882727Z","times_seen":234556,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"introduction_type":"eventHandler","is_inline":false,"md5":"7c3c3ddeb80438dcbb3d081d2d00e152","sha1":"5a4016732ee72ec77b4f6ab17047bcea6d2ea34d","sha256":"321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187","sha512":"b252f7dc795284fe8ce404711809130d8e16670a8e49b271f9a24b04a542a0fccb7a8c7238c12b37db35fe73a2fbf1cdb374468574db4e6d39975a17dca547a3","ssdeep":"","tlshash":"de6000f0003000000003c30000330cf300000c0f00ccc30cfc0000c000c00000000c03","size":16,"data":"","first_seen":"2023-04-10T15:57:29Z","last_seen":"2026-04-05T13:49:11.882727Z","times_seen":234556,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/es.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.569Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/es.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 714\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":714,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"82a1bb6b96ec71df6247971da6e35155","sha1":"bb5be7dedff6612e4c8cb7c8019563c547238897","sha256":"8fc508fdb3ef11a4e38f9123f1ae903962ca14841cefd7b98ed5550d50d2f1bb","sha512":"dc54baf3110ea3a0512a272b5dac1bd1b24e50ecc32e9944436708791394a98fae1220f440ed1615c7d5e6f05d761190f3720105c9bf5f63300ff940cbb2738e","ssdeep":"","tlshash":"9b019cd4ba6c498c9e15837d0b6c70d1a20e20bc31cf40e8b98c8164b26a3ebe943d50","first_seen":"2023-05-07T18:03:13Z","last_seen":"2026-04-05T03:28:13.419932Z","times_seen":6491,"resource_available":false,"data":null}},"time_used":571,"timings":{"blocked":511,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/hr.png","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.570Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/hr.png HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 982\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":982,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"41a7b90f600ed32eefb5e620a4f653fc","sha1":"7a6ab7cfc55a1239de75e073430c9634d5c18746","sha256":"63e36970eea32e52849d7b4d3a15d1da36be12ad3078df8c2b848aa7e9baa19b","sha512":"004bddcda655838947c0922be1f74ac3833ca444f3c872c9432232e5660f7ca9288c87acf2d1df19a21a768ae8a04e3f67278f7b6be4998a5e0355f279ba92dd","ssdeep":"","tlshash":"261165dec411043c410b39e6ae9b0bd989b767ac43520a45906db49abc795043ee49a5","first_seen":"2023-06-13T00:33:19Z","last_seen":"2026-04-03T23:46:36.61436Z","times_seen":4095,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":515,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026family=Karla:ital,wght@0,200..800;1,200..800\u0026family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026family=Montserrat:ital,wght@0,100..900;1,100..900\u0026family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026family=Roboto:wght@900\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.557Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:24 GMT","end":"Mon, 16 Feb 2026 08:40:23 GMT"},"fingerprint":{"sha1":"D2:D0:B6:8B:C1:78:F6:EE:87:02:EC:05:E4:EE:EA:71:6E:AA:66:42","sha256":"F9:3D:F1:E7:59:9A:99:EF:7D:47:70:33:FA:AD:2E:9B:E6:68:28:39:08:52:7F:C4:F0:66:B1:E8:19:70:25:23"}}},"request":{"raw":"GET /css2?family=Inter:ital,opsz,wght@0,14..32,100..900;1,14..32,100..900\u0026family=Karla:ital,wght@0,200..800;1,200..800\u0026family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900\u0026family=Montserrat:ital,wght@0,100..900;1,100..900\u0026family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026family=Roboto:wght@900\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Fri, 12 Dec 2025 11:59:44 GMT\r\ndate: Fri, 12 Dec 2025 11:59:44 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":46167,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"17dc725b995d3af44fc3bb2190704561","sha1":"bfbaaaae378fabdace469aec201b2a07a48a40c1","sha256":"6c53e651fa80510a6bc06178c994760e7a61333fad48254bd5a1a072326caa89","sha512":"339f36c9056c21f667316547c57277e241c73305b269f7c739c933f30c5608df8fb9e80b444433b48693125457aa7b97265d5d54f2b66919dc5ff0804b604ba6","ssdeep":"384:vtfcHjg8ciIFT+353m/R/lFx7u7Up8pTHahwCFnbL8V3w3s3VR9xqWSUq+DnLamA:Q1EVhYEMTHpEA3mknBVgrwGvvYdw","tlshash":"4c23dd91087ba104eb831cc223cf7e36ee0ea2557455d578abfe1cd8ac9bc66436172d","first_seen":"2025-11-20T05:09:09.162348Z","last_seen":"2026-02-14T19:24:54.471184Z","times_seen":369,"resource_available":false,"data":null}},"time_used":541,"timings":{"blocked":225,"dns":1,"connect":29,"send":0,"wait":51,"receive":0,"ssl":230},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/en.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/en.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 530\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1290,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a60a1cb88e021acfa9dae480687c55b4","sha1":"0badf2ca702eb29df29786296160d68ec247af9d","sha256":"c1fcc7d1f18d3597c793170b12cf568207e5d13ad0c2778fd165d33be41c05dc","sha512":"354c148d992a22b729fa7b5736d0f3bde4b477aeaa9d157d692fd190dc57f566f11e2741775534f5a69c3c499e3d8482da01800db5cda5bb95dc5ad49ed88ec4","ssdeep":"","tlshash":"c821ddd2495459c08d8a037cdf1f6bdb72335cce3a584af832d53a165d90bb7341ad85","first_seen":"2025-04-08T10:05:49.355682Z","last_seen":"2026-04-03T23:46:36.607438Z","times_seen":3558,"resource_available":false,"data":null}},"time_used":458,"timings":{"blocked":396,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/de.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/de.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 335\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":335,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"51768606d83a265da9e7ee8efbb21edb","sha1":"b22c5b98344da8d3ea54ecb9baab4c5a5a7ebdb4","sha256":"8fcaa96d8835e39fa6a74ff4dc781d908112d46ceb8fb81ff37c433f390a4c8b","sha512":"cec42089404b17430bc0d8c7882cfd6249d4fa7401b538f1899b2d315d639cb6fd28cf33da34d91afc40572f5dd59aac75dee16b0c65aa1abf2e0b93bc779c3d","ssdeep":"","tlshash":"a7e02644e0e98d0a8e2607a88efc71d280a230cc12cc00ed72842528fd4e3eb6845be5","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-05T03:28:13.389324Z","times_seen":6156,"resource_available":false,"data":null}},"time_used":531,"timings":{"blocked":471,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/fi.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/fi.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 249\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":249,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d1724c02c151d1f44b22d5c89e199c54","sha1":"fbb67ed0796f19c50d9354ffa54a0103d33049b7","sha256":"0d9fdf20d3b93aa471132ea660f36e3331fc137bb628121caeec33e905a2a33b","sha512":"b25f8b249311ea474d847f05738c744e4b3590a79c6859db8b7cef67f7e50c234ac86b2eedd86778cfebe26fce6f376b93e202a0ebf7b519700a87b56302a741","ssdeep":"","tlshash":"8bd05e9690b96a044902476a8dec76da6026a0e6668d01fdb0811525f6893df78a36a8","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-04T23:58:32.285021Z","times_seen":1278,"resource_available":false,"data":null}},"time_used":532,"timings":{"blocked":472,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/da.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.567Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/da.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 362\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":362,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c4d7abcf4c21c729ea9aab45faa1912a","sha1":"6ecbf40cb392204b8c7af284352108b500111969","sha256":"33815e73a3d07b3ae77cec1fdc77a285646e4e730136632f0ff5de6f8697c98c","sha512":"6d928963ac9562306e34f006030ddb4430cf81f3e37d8a5d805f90d5cc89659457e9f98257a2ec971205cf044387b7c3e87847c85bf7760ecfa2b667bdab3230","ssdeep":"","tlshash":"f6e0c09260ae8a0d4e1543205a3c70e2526770cf218e04fcf0c13e28fd667ab3800f5c","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-05T07:58:50.657099Z","times_seen":4164,"resource_available":false,"data":null}},"time_used":537,"timings":{"blocked":473,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/card-2.webp","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.618Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/card-2.webp HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/webp\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1698\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1698,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 100x91, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"132b14cc416686d90c06f30b71243b08","sha1":"d24c778adffd5c4cfb84fc0c32a0152a93f32d0e","sha256":"0db272d948cb3ce1dba15d4ee4b2dc352e4687afa4e105b657d130bb71da9447","sha512":"542970d4134b5b27da749f89414a9cb0aaefef8933f08f501d39f0af2fa9558fa87b04ac0a6b50964ded7a1ab31be6e4a7a25eb9c982d7fc035ace61d0e3b955","ssdeep":"","tlshash":"19311a09e92d21ff6e4a7cc7b4eb7a1cb1e103ac8656ed6c18693054c293f51b4e01a6","first_seen":"2025-08-21T23:09:42.494518Z","last_seen":"2026-04-03T23:46:36.620402Z","times_seen":704,"resource_available":false,"data":null}},"time_used":339,"timings":{"blocked":278,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-12T11:59:43.740Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/html; charset=UTF-8\r\ncache-control: no-cache, private\r\nset-cookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; expires=Fri, 12 Dec 2025 13:59:42 GMT; Max-Age=7200; path=/; samesite=lax\nlaravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D; expires=Fri, 12 Dec 2025 13:59:42 GMT; Max-Age=7200; path=/; httponly; samesite=lax\r\ncontent-length: 10708\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ndate: Fri, 12 Dec 2025 11:59:42 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"jQuery:3.1.1","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":60892,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (642), with CRLF, LF line terminators","md5":"0a87fbf45696f7e50c986f61dc3b72da","sha1":"adbfca28e6c2fec8048bdddabaaf8d9377f16cd9","sha256":"ce81153031be6b4dbbb14ea9d6dbb8618fb649e00cc341279644f3bdfe2b2f1c","sha512":"7a93b689752ccb4551ae82d0e30c84ad3f91a9a7844093c2b35efb8f831342a69c41e3c06e5b470566a86fed24a44cb38d40ebf57eb22004dc30c65e67c7de45","ssdeep":"768:5Qt78unpG3DKlN8mw1ulA+l3UU6qqT2Ljz2024vPB0vqfyb:ZunM3+ljwqUcqojz2024vQ","tlshash":"4853947b56f0312f022391deb6262b65eec2800b6380d469b1ec4f5f6f92e524573b9d","first_seen":"2025-12-12T12:00:15.999828Z","last_seen":"2025-12-12T12:00:15.999828Z","times_seen":1,"resource_available":false,"data":null}},"time_used":612,"timings":{"blocked":37,"dns":10,"connect":8,"send":0,"wait":537,"receive":1,"ssl":16},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/pt.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.604Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/pt.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 724\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1912,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b0f66bd6beaac99c6e2f26c24305a1a2","sha1":"afea1f64055e95d095cb738e07e7751036d3bfe6","sha256":"a97c198d9404f1f1db3616ee0b26980087346fff121db3bb7f13540b90b56c96","sha512":"9bf4d9b22cd6cf9f0fb08b52cd1a93eb9886be4abbd1374bc05e1f3a6b822f127e03c1a5b0256bf0450393ae89406db6ffbfeaf4918ce2a30fd6accf8a212a7f","ssdeep":"","tlshash":"83410de82f2c50dc84a33aad2d25f544d34d50b572a54ec0af8db769d063895f0c7e80","first_seen":"2024-08-19T18:26:58.073415Z","last_seen":"2026-04-03T23:46:36.625916Z","times_seen":3576,"resource_available":false,"data":null}},"time_used":657,"timings":{"blocked":597,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/ru.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.606Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/ru.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 355\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":355,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"42103243a1d4c3f2e823e99f3c00aaa4","sha1":"1d95a227efb867c8b3dfa2902ea8a803f3fd3519","sha256":"0a720bc83f72d17849bd213570ed808ae6b430fa5f3d50dc7fdb32413f7ade01","sha512":"752fcf59700e20bed16831a684eef542a1fd525d73078c97894a6e7b3e2009296af1f4b31f2da100aa8403b3aebf3fff464cd8c1c6330a3b6da36796e2b70cd7","ssdeep":"","tlshash":"39e0d886a4e989095a1947694eec71d6406270ce218d01fd70853529fe4d3db2451aa8","first_seen":"2023-05-24T00:34:39Z","last_seen":"2026-04-04T23:58:32.275888Z","times_seen":4328,"resource_available":false,"data":null}},"time_used":663,"timings":{"blocked":603,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/el.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.613Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/el.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 509\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":509,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ad2d06f8e09051f574083a3d00b0d3c4","sha1":"278327ff2ba9f9ff2075e69635576298e083a56f","sha256":"855ef79130c430a08f89dad91b7206b3d31b42a1b509000029c60b9336856e45","sha512":"741f41770f7a55e36f6b436b2518986a01a587236f08461c94bfd30a92004c6736b4844a99b46ab6363a95779d9470bc8b374e539a5858c6baae661eccbf884f","ssdeep":"","tlshash":"caf0599496e588c80f2f4e75c97c76d1103224cd6048c8aca0b43819f9053ff11a16be","first_seen":"2023-05-07T18:02:32Z","last_seen":"2026-04-04T23:58:32.186701Z","times_seen":1367,"resource_available":false,"data":null}},"time_used":721,"timings":{"blocked":654,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/frontend/assets/en/dist/js/jquery-3.1.1.min.js","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /frontend/assets/en/dist/js/jquery-3.1.1.min.js HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/javascript\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 29238\r\ndate: Fri, 12 Dec 2025 11:59:42 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":86709,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (32030)","md5":"e071abda8fe61194711cfc2ab99fe104","sha1":"f647a6d37dc4ca055ced3cf64bbc1f490070acba","sha256":"85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf","sha512":"53a2b560b20551672fbb0e6e72632d4fd1c7e2dd2ecf7337ebaaab179cb8be7c87e9d803ce7765706bc7fcbcf993c34587cd1237de5a279aea19911d69067b65","ssdeep":"1536:9NhEyjjTikEJO4edXXe9J578go6MWXqcVhrLyB4Lw13sh2bzrl1+iuH7U3gBORDT:jxcq0hrLZwpsYbmzORDU8Cu5","tlshash":"3183d5d9b2c670529b7730b850bf450bb17a98dab44c8d60f058c5d57eb8a8e507bf2c","first_seen":"2023-03-07T01:02:34Z","last_seen":"2026-04-05T12:21:43.459057Z","times_seen":138420,"resource_available":true,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":4,"connect":8,"send":0,"wait":120,"receive":44,"ssl":14},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/js/intlTelInput.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 12 Dec 2025 11:59:44 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 11767\r\ncf-ray: 9acd0eaf7cd80b61-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"7989-8La+4xfFSqQhYm6sgD9oLLGwb+g\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230057-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 3689369\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=BU0n%2BZgdwA1vhRl0F5tgeqbOHfa0t%2BLamt%2BQ75HTc83%2B302ZiVBAT%2FOX2UYfPGaLpzNuBKxRgh8DzwJjLAzI0obhpWB5DeGAlmkP3zatnSBPUgCZTLPt7fPymOJRbXySG%2Fo%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":31113,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (30745)","md5":"8d7c34c441a0c73f54b225cc51f30de1","sha1":"f0b6bee317c54aa421626eac803f682cb1b06fe8","sha256":"5aeda5f302d419537edff95e71c9ab97fa5f25f5cc4666e0ca5907a27ac1f4a7","sha512":"ae4eea7dfe62cd0ac55c3ea87ddd3f1da2a0e8514657b3a7bd608d64d95d6776522f2ecef700dc0a8eb83bded5602b5b0bd22103e2b71948d00525eea77c93c5","ssdeep":"768:3Pn03Xlqn/kiICXpwJx3ycC/nFjjB7dH24y4Js:3+iIfycCxB7dG","tlshash":"4bd2e6aeb3652b37a7fd82a260a50543af7f79444604042d7cac8ede1298ed171f5b38","first_seen":"2024-11-14T19:07:22.945119Z","last_seen":"2026-04-05T01:24:35.923001Z","times_seen":4317,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/img/flags.webp","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/img/flags.webp HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/css/intlTelInput.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 12 Dec 2025 11:59:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 28174\r\ncf-ray: 9acd0eb25a40783d-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"6e0e-+c9J+qvl4+pvpQpQCqvUf+8x4WA\"\r\nx-served-by: cache-fra-eddf8230056-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 8115777\r\naccept-ranges: bytes\r\npriority: u=4,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=4MvI11%2BxMiceQcL5JvIy3%2B5UX91FVde8Y9H3JhDgTAFTf9Te90M7m4xImjq4REbYpIBZs%2F2AHELhrGWAY3mvi1I6SwNM8F5dzEoEE9zh3M%2BqsRF%2BKiJfdXQ1rmUXoDhZU5Y%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":28174,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4099564bc7b03997031ad1348e646601","sha1":"f9cf49faabe5e3ea6fa50a500aabd47fef31e160","sha256":"667642959de122c4b844afcae211c1c54c9166d262fb833beb63abc02ebd0dd4","sha512":"e1633c3f57dc45e189d3d0ac97afe6ff1f44063cdb0948632e9c7fdfcb848f92ef854b22c11a9c58c6f304b0123f34f3b0d132399ec27c95943dc3564fb7640e","ssdeep":"768:Xtn4kqql2jDWRFRS21T2r9lDAkRYKU01RENG:Xtn4kq2wDGFRN16wwYKU01RE8","tlshash":"6ec2e2f1690d6390ad635390c0f66355cdd927393a7f8ca4f96292848234177db3eb64","first_seen":"2024-10-17T04:51:34.39147Z","last_seen":"2026-04-05T06:18:11.405963Z","times_seen":4932,"resource_available":false,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.399Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:20 GMT","end":"Mon, 16 Feb 2026 08:40:19 GMT"},"fingerprint":{"sha1":"6A:E1:8A:53:22:10:0A:EA:D5:8B:52:AB:88:89:E1:9C:72:AA:70:85","sha256":"F1:22:A3:0F:EE:FD:45:B1:E4:FA:14:E9:E4:1F:83:3A:81:45:61:0D:5D:82:48:E5:DB:D5:5F:95:60:4F:8F:DE"}}},"request":{"raw":"GET /s/lato/v25/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://solvexgain800x-app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23040\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 10 Dec 2025 00:04:13 GMT\r\nexpires: Thu, 10 Dec 2026 00:04:13 GMT\r\ncache-control: public, max-age=31536000\r\nage: 215732\r\nlast-modified: Mon, 15 Sep 2025 17:11:31 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23040,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23040, version 1.0","md5":"de69cf9e514df447d1b0bb16f49d2457","sha1":"2ac78601179c3a63ba3f3f3081556b12ddcaf655","sha256":"c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49","sha512":"4aebb7e54d88827d4a02808f04901c0d09b756c518202b056a6c0f664948f5585221d16967f546e064187c6545acef15d59b68d0a7a59897bd899d3e9dda37b1","ssdeep":"384:adpABC4a0HkBpR1HWtGu06B6lsoAKiwY0HcLKglV6Z+DVb35PJZDdiZeJ1vqYg:0AHa0Ezf2tZn6lsoABwTKK46ZQb3V7wD","tlshash":"fca2e1c05cc1e2d4ae02daf7fda5a4eab4e2f01123a8f65f8f114b75d505993640fe01","first_seen":"2023-04-05T13:28:45Z","last_seen":"2026-04-05T13:49:31.241922Z","times_seen":135585,"resource_available":true,"data":null}},"time_used":317,"timings":{"blocked":143,"dns":3,"connect":17,"send":0,"wait":23,"receive":6,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/it.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/it.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 352\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":352,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"34ec214f5547e19d4e1fe9d0d638f9c7","sha1":"7ef49fd31ffa7a0ea47e8ad0a2fa2121621baae5","sha256":"ebdeb69d61fd3e3b429eafd9b45b51422b87348d932a7fbcd668975437650fdd","sha512":"95f427b45f9af6fbc409cba7617a3a653ea21bb15bc722a442edc8f9a492914e0eb0e25d113403eff378c7ab9078d3bcd38e9e7cd7bc9c987e8b0da621e2b477","ssdeep":"","tlshash":"96e02084a5a9c9098b16437959bc71da512370cf15cc05fd75c43518bd4d3df3c51a6c","first_seen":"2023-05-10T09:01:08Z","last_seen":"2026-04-05T03:28:13.392244Z","times_seen":5869,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":526,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/nl.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.573Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/nl.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 355\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":355,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1932756ac7767c2f33986237417d8731","sha1":"84a604da4f8df24af728a73685c4cc2cad9de962","sha256":"8ca8a2dc879e29edd00a08bffc8d825f67d0988e55538d52e43861bb3af22f83","sha512":"9138b8b056aa4c5a5e0179ba58175ec8b98b2aa66b2a9f0bf17e2defed3b441f9f0d5d91a463bb45ed6f002c6e81d85730338890c3990a604677ded0bfdff8e9","ssdeep":"","tlshash":"d4e0d886a4e989095a1947694eec71d6406270ce218d01fd70853529fe4d3db2451aa8","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-05T03:28:13.402575Z","times_seen":4975,"resource_available":false,"data":null}},"time_used":591,"timings":{"blocked":531,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/zh.png","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/zh.png HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 870\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":870,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"2a2b643bc15c7363c9e58e6b47d7de30","sha1":"506ab44f76022397b3aa9682e8972d7944703d54","sha256":"c63293f5412adc096b8e492e88b8d8edfca5367a491acdd9071ef8d31b4ba9a1","sha512":"a742115cc74831e58f2607fda3ecdf88d8a01d1f9f19d784e1c46a24f9dc23f3a8b5f11251b1c6c911a53a18ee3a01d841e82952f7ab97fcc44b2a0673238e43","ssdeep":"","tlshash":"1f1196ca2450d5d7c2ea12e389ee4b452b4f4afc28560d886c151ab511df1d740e4710","first_seen":"2023-06-10T08:53:38Z","last_seen":"2026-04-03T23:46:36.615953Z","times_seen":4083,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":616,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/css/style.css","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /css/style.css HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 11 Jan 2026 11:59:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 4210\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":24134,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d61d5460db8711429bb81a26b046eff8","sha1":"a4ecd9719eada35faca673a913efedc91f02b126","sha256":"5a7c3989c0a2c81914f1668b472dd2fb04d0ec495f8b4a28c5d76699936cbe46","sha512":"7eec07c01417093f61ab3ea93a8be0131e4c2ca45eafd70ace3e6e3a96c5c12afb8b219d303b64a6d784970bfa92861bc4e8e658ec0c64629da038352bf652df","ssdeep":"192:EGX0Vpz5FIkFRoN3O+RJM7y2bqn9xXyIN1TKQKPHNonHAH9HHNcbfHMHxivXyIsX:c5FzFo1wgKQK1zOZx7s2AH7VgUVzRJ","tlshash":"f3b2215766630505b80be4681ffe475622ac8053924edef43e9e628ccfcb6d494e2bcc","first_seen":"2025-08-21T23:09:42.45772Z","last_seen":"2026-04-03T23:46:36.599464Z","times_seen":705,"resource_available":false,"data":null}},"time_used":438,"timings":{"blocked":377,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/favicon/site.webmanifest","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/favicon/site.webmanifest HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: application/octet-stream\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 263\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":263,"size_decoded":0,"mime_type":"application/octet-stream","magic":"JSON text data","md5":"053100cb84a50d2ae7f5492f7dd7f25e","sha1":"bf31baf91bdd2fcde24a45e3f2a1be33733c6f69","sha256":"7a9e07ce1f7386689917602ddc5a75750ad842e605ff764f67173529c181bf04","sha512":"2a5fabd751ff563ac33105c0ab1bc849134a5eb3c9d3397effedb31949f789afae10d429ebbebe3d0ad6a9c98ecb79bbfd1072c7bd43034dce7aa92c2f3d3fe3","ssdeep":"","tlshash":"73d05b558024497d3655c4141196591e89577015f5fd5905d41ced7de1daa010323b51","first_seen":"2024-12-15T23:19:25.967964Z","last_seen":"2026-04-03T23:46:36.63023Z","times_seen":707,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/ko.png","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/ko.png HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1361\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1361,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"ed87e4c8a4dd16c9c3f8499a0aaa28bd","sha1":"f818a0782047c159ed8e5cd041ad7f09e8fe52fb","sha256":"eb59eb7dcf155a7b38c8f4c9db869ed942bf55a4457e3f4ff0791be4f2c736d5","sha512":"bcf1992bfb1d0ed92e4393e0b85fe5c768ed29285d38a259d0cfb60827537b74d39a925cfc4df58ed8b478d5015fad047a211ec2ddffa5a69b0d08f5abcdab6e","ssdeep":"","tlshash":"05210bad1b7c302cd6f9c5799909fb01ddfb04040c9fa1c59129d6cc28c588b70d5436","first_seen":"2023-05-07T21:05:59Z","last_seen":"2026-04-03T23:46:36.625393Z","times_seen":4214,"resource_available":false,"data":null}},"time_used":588,"timings":{"blocked":526,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/no.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/no.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 424\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":424,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"ebe2b7f4aefa3c8869fa9f0a402210bb","sha1":"dc0ceab0f048a8c8ac97e3277f2ed237b974f005","sha256":"7021694edfe47096e0aa9a5ea85a6851181f723ae3a8806779a8e01702325804","sha512":"f176bd1aa2416960b0eec285da0b91e983a162a1d475bac76786b33ab0aede45783d422ce4d909b62ee6e6ba1fa55bf5b6b6ffcdf2463e305941e2d804073da5","ssdeep":"","tlshash":"d6e0e5809b9d1a6da91283a41ddcb885022b70e6328c0ced658dae987f412eaf466264","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-03T23:46:36.608451Z","times_seen":3696,"resource_available":false,"data":null}},"time_used":604,"timings":{"blocked":544,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/sv.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.607Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/sv.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 376\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":376,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6d7b2e74f61e873c0fb690155956025e","sha1":"b515a34c1884d45ef9a2b7f3ebdf731a0613e1c8","sha256":"4a271da0e5fbcda6d2d15092d8a564e8ef3d36ad507215563ac2faa0e8833001","sha512":"e2ccfb1f70a37129ea1a51b5e143e103904df03d6dfd5966f169d13222bd87a2d54b1ec21ac28ef3ce09c1d853f07c16eae7190c263c0e250506ecb8abdff54b","ssdeep":"","tlshash":"97e068d0902ec60a9e1507b95fbc70ca4232b08e298e00fc70c12528f49e7cf2810bb9","first_seen":"2023-05-07T18:03:13Z","last_seen":"2026-04-04T23:58:32.261213Z","times_seen":4265,"resource_available":false,"data":null}},"time_used":676,"timings":{"blocked":616,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/fil.jpg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/fil.jpg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 16588\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":16588,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=13, height=0, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=0], baseline, precision 8, 20x11, components 3","md5":"0ae75b237b6dae635543c467ac8bfe5f","sha1":"5d35f0ce2acc3ead91fe68cfc7128c6e1f5b6654","sha256":"bee53edec9e55d91d851aa59423516050d3a9edbd67d30c35c7bb5a8c5ded0a7","sha512":"7591a08b13cb0c67301f17c6ef567ef0798a2ee97ac9dc3e67957f676e0652c947c2bb09727c623c847720252d271f07c63d630dd974b109b6af56488f6934fa","ssdeep":"192:McgnJzx+gCuVF03jiOkrQy4FwnJzx+gCuVF03bGXbtebIAFKIx0Ny3ajZtzz96OP:McuJzxb7C+JzxPX5WIAFKr9RP","tlshash":"fd720920ffe1be12f1d4323a64d8da458633ddc1e983198a7addec557f21a920d97283","first_seen":"2025-08-21T23:09:42.477784Z","last_seen":"2026-04-03T23:46:36.612397Z","times_seen":720,"resource_available":false,"data":null}},"time_used":763,"timings":{"blocked":650,"dns":0,"connect":0,"send":0,"wait":68,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/coins2.webp","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.623Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/coins2.webp HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/webp\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 50588\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":50588,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6e58de1c924250b1ccdd5e60e4f6cb43","sha1":"a83aec99138941d5c98d64d4e648982bb51aa789","sha256":"c06c1aa7f9c96bad462d71cb67fdf5e10b07503cd06f2029c2810877d911d630","sha512":"c15808c335ffba1a60b4158d10f8f8c2e136d27b1f8835cdaa05a400de98379a949e7973052abd8133ed713212f1f586438095f29823298d5b2be77ecb8ea272","ssdeep":"1536:WsiRMVZpW8T27bEyxt7QXejXS02eyStNv+bIQEWVdr:HbToECtspNeRWbIQLD","tlshash":"e133f1e360900130dc2f66d8f73eb5616d2a0419a20c5466f6b7dca07121deeebf4bb5","first_seen":"2025-08-21T23:09:42.424455Z","last_seen":"2026-04-03T23:46:36.632396Z","times_seen":702,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":212,"dns":0,"connect":10,"send":0,"wait":121,"receive":94,"ssl":19},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/tr.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.609Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/tr.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 520\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":520,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7af14a6fd5253f05724502662d478fac","sha1":"df6f03167492046dd2f02e3e005e66201f80ceb9","sha256":"f101fe5cf7c2fe25bb1d2c7efcacb8acb52c90561497576f2f16be8a5d628315","sha512":"a1b4e0fca3d92adf4b6bd1473bfaceb5d1877c682378f84bd862e54927c9bea34b0781cb4e1cc5d44ce637887ac93a30465496e63b94169ac15cd1c155396802","ssdeep":"","tlshash":"c2f0c0d91a78c4ddbf4647314d3db0d92639209f399900b830c96529ea6a24b2401904","first_seen":"2023-05-07T18:03:13Z","last_seen":"2026-04-04T23:58:32.200101Z","times_seen":4217,"resource_available":false,"data":null}},"time_used":675,"timings":{"blocked":615,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/main4.webp","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.614Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/main4.webp HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/webp\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 16354\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":16354,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"433e990f128283a2f3ab9f244fc94dff","sha1":"92c14bdb3bab2f6cccd61b88f2f4c1c063edea0c","sha256":"b0a238bc08d2b9a1b3812c2d9c7aff3c74dcf9130acb423f405e2c2f4fc89ba0","sha512":"80a2cfbb30c5b74c3f9c8b337af4bdb96cc055e153267dd037a0680418675e74bb1c497261d6de6cae571f3937f9869dabe1b040dbe80a2eccda394ceb0f8f05","ssdeep":"384:uKYnFrJebxpoRrcejzcERNMwzRyVw/c1QOKPz5T1Ix0/S7u:uKYFdeFWFjzcERNMwzRyWceOKbHky","tlshash":"c872c091823ca47cf62ff8d19730da885f2335b0fdac56b2131551ea12a96c13b5bb26","first_seen":"2025-08-21T23:09:42.448592Z","last_seen":"2026-04-03T23:46:36.619569Z","times_seen":704,"resource_available":false,"data":null}},"time_used":420,"timings":{"blocked":220,"dns":0,"connect":8,"send":0,"wait":112,"receive":58,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/tech2.webp","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.621Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/tech2.webp HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/webp\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 21438\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":21438,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a30959d09b394c0f57573194b7208267","sha1":"6f1ccd5a98238440ef8c5bfd89f823f1c54f8408","sha256":"e345f7d84ec01bb1bb0f886e4809de8d2badb81774df87268b6f391ba664122d","sha512":"fcbb61713f331bb672e12f536eddc26eeb81ec177eef164d59f0cd11a62ff5714600aeabafde1b89c828adc3509cd1cc38a507e63651a325ce9b5c5e84e4e1ca","ssdeep":"384:CZky07ECx2kt6DLAAxC4ym0p/en/ThAe7hedUdZ2bJJlkadiHf2I01UO5cbXOX/c:ymx2kAJtemn/+e7hksEJJbd02I01UO5O","tlshash":"3ea2d02028b05dbbdc8acf38d6df720c395fa9439eed69537186f28b64259a07405d9c","first_seen":"2025-08-21T23:09:42.435511Z","last_seen":"2026-04-03T23:46:36.639868Z","times_seen":702,"resource_available":false,"data":null}},"time_used":418,"timings":{"blocked":213,"dns":0,"connect":10,"send":0,"wait":120,"receive":51,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/js/main.js","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.625Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /js/main.js HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncontent-type: text/javascript\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 373\r\ndate: Fri, 12 Dec 2025 11:59:42 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1200,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"d7ad3ba3c35cf16a0f226cbe3fcbc39b","sha1":"b611e6eb325674233e60050c7071d4d9ace03fcb","sha256":"4f6159f22e966cdc2f7e7b7f6900894de08fd09be542840052c92f86efe4fca8","sha512":"73be268ee8be31d143475d93c0e2439293389031db20eff22055d33e16de5ae954b6396bc6d3416e6bce01737b887fc4f51a0fc58089f5476da01f158c728b58","ssdeep":"","tlshash":"a5217c7ff1b92933413771ae539f96913926004f3026c91a3b5c87892fd299109b3faa","first_seen":"2025-08-21T23:09:42.468219Z","last_seen":"2026-04-03T23:46:36.656003Z","times_seen":705,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWuZtalmUiAo.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:20 GMT","end":"Mon, 16 Feb 2026 08:40:19 GMT"},"fingerprint":{"sha1":"6A:E1:8A:53:22:10:0A:EA:D5:8B:52:AB:88:89:E1:9C:72:AA:70:85","sha256":"F1:22:A3:0F:EE:FD:45:B1:E4:FA:14:E9:E4:1F:83:3A:81:45:61:0D:5D:82:48:E5:DB:D5:5F:95:60:4F:8F:DE"}}},"request":{"raw":"GET /s/roboto/v50/KFOMCnqEu92Fr1ME7kSn66aGLdTylUAMQXC89YmC2DPNWuZtalmUiAo.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://solvexgain800x-app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20684\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 09 Dec 2025 23:58:57 GMT\r\nexpires: Wed, 09 Dec 2026 23:58:57 GMT\r\ncache-control: public, max-age=31536000\r\nage: 216048\r\nlast-modified: Tue, 18 Nov 2025 19:00:09 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20684,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20684, version 1.0","md5":"1b7363d64c4db8772ea3e6a51864ac5e","sha1":"613247d2ae1023056a497d01279d5103a0ff393a","sha256":"0ef8a8fa25c458bcf4ac50a6dd593225dd8a6875043d7fc78ce14caa0788dff1","sha512":"cdc9be8f3dcc0bd38b2f6c7d76852975ec360c23c95806ceb1e54682098d3e7c3030625b27ccff2597b084a8bc0cb2b14032d0c449915622845f24ce7d9525ac","ssdeep":"384:DREB4e02rIBeqCaSA+Clx15n68g4k3iGlgISeWc7kWvx9xJNoL:1EBOeB2+SLnLzslglc7ksHxm","tlshash":"3592d00bc7784e34e172a6178ddc282250a14ffbd1cad15ecc044de9aeec2548ba6c76","first_seen":"2025-01-10T20:21:10.911444Z","last_seen":"2026-04-05T06:30:31.222254Z","times_seen":2396,"resource_available":false,"data":null}},"time_used":241,"timings":{"blocked":109,"dns":1,"connect":14,"send":0,"wait":19,"receive":2,"ssl":92},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.385Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:20 GMT","end":"Mon, 16 Feb 2026 08:40:19 GMT"},"fingerprint":{"sha1":"6A:E1:8A:53:22:10:0A:EA:D5:8B:52:AB:88:89:E1:9C:72:AA:70:85","sha256":"F1:22:A3:0F:EE:FD:45:B1:E4:FA:14:E9:E4:1F:83:3A:81:45:61:0D:5D:82:48:E5:DB:D5:5F:95:60:4F:8F:DE"}}},"request":{"raw":"GET /s/inter/v20/UcCo3FwrK3iLTcviYwYZ90A2N58.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://solvexgain800x-app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 72964\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 10 Dec 2025 18:05:08 GMT\r\nexpires: Thu, 10 Dec 2026 18:05:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 150877\r\nlast-modified: Tue, 09 Sep 2025 18:33:18 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":72964,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 72964, version 1.0","md5":"91247c94dcda6ff52b445d71d6bbfb81","sha1":"ad2f62363ed047b430b91f32afa31df51fcd7c5e","sha256":"6a3c3e024b31eeacbf1f19c3c7be78612d91c623186f64035a50038241dad4f9","sha512":"a12dcac84e9f9ae02df3aabe29d76994281cd1005edca471194605cfcd6a0456eec872fd28c63c72ae124804d0b47d8377048caae49c40b0a18b5d6be4d6213f","ssdeep":"768:zbw+rLBkMxbCkupj4Y69/Yr71+j9pWiKahMM6+AWEqXB0oGuNGku+QCcIKE205C7:zbw+iwuS/iZWeaO1zP1/9Esvf8fXnm1","tlshash":"8f6302244e3c50c2a54d33aa286940f6f6e79c75b2b79ba4a69c589cd410f329cdfdc4","first_seen":"2025-05-29T18:51:13.223047Z","last_seen":"2026-04-05T13:08:51.058723Z","times_seen":18625,"resource_available":false,"data":null}},"time_used":403,"timings":{"blocked":190,"dns":1,"connect":28,"send":0,"wait":15,"receive":7,"ssl":158},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:20 GMT","end":"Mon, 16 Feb 2026 08:40:19 GMT"},"fingerprint":{"sha1":"6A:E1:8A:53:22:10:0A:EA:D5:8B:52:AB:88:89:E1:9C:72:AA:70:85","sha256":"F1:22:A3:0F:EE:FD:45:B1:E4:FA:14:E9:E4:1F:83:3A:81:45:61:0D:5D:82:48:E5:DB:D5:5F:95:60:4F:8F:DE"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://solvexgain800x-app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 10 Dec 2025 00:02:08 GMT\r\nexpires: Thu, 10 Dec 2026 00:02:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 215857\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-04-05T13:44:59.571676Z","times_seen":296259,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":104,"dns":3,"connect":32,"send":0,"wait":15,"receive":1,"ssl":55},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/js/utils.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.676Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/js/utils.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://solvexgain800x-app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://cdn.jsdelivr.net/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 12 Dec 2025 11:59:45 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\ncontent-length: 62310\r\ncf-ray: 9acd0eb67d23783d-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"40944-yY9wBenb0A7BGMPMI3C/O/5s+KY\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nx-served-by: cache-fra-eddf8230065-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\nage: 4355895\r\ncf-cache-status: HIT\r\npriority: u=3,i=?0\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=j3xm%2BL%2Fy6rhA%2ByNlbazGqWaL05Uu4L0SvEdpLbsmlBlEb4YBA7KsOdvUo89yWSsnyPGWcEUlXtKaNKNO%2F5u5HiPu5%2FSb%2BJ4RSkD7Kd%2BCoDSdJl8VMZrlkSwjl2yiimweG6c%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":264516,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (1903)","md5":"be8412b24dc2374a8eb8c446774e2765","sha1":"c98f7005e9dbd00ec118c3cc2370bf3bfe6cf8a6","sha256":"8d6246375bc856c30649b3e800b02a22d913a7f03f08d92a7b2440824ff2ce9c","sha512":"070efefcd7228793e742ac76bbbae58d49ad8de94cd56863838f97955bfd86dbbd53eb41b1ff2aa59eaa3e6aeeabd5334e622824a48234d8997b6db397c79004","ssdeep":"3072:9E030DWujFs3OwPss3MwPaPjq09Q2xFM8M0TrpEBW6cC56kmLxTg/QKWVSpDUkzy:9E03+WqHjvxFM8M0T7IUT","tlshash":"0044f0ebd63c9737a1e87b35968eb3cd5a8cbca3c858567826c3b54f52784e0706c205","first_seen":"2024-11-14T19:07:22.956908Z","last_seen":"2026-04-05T01:24:35.910564Z","times_seen":4246,"resource_available":true,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/hu.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.571Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/hu.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 359\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":359,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3621c5eb449691cbe1d3bc8757c831a1","sha1":"e7e3674fe42359cc9a376e543d7548418071aea0","sha256":"2c1380bd6fb1a88cabcae439eaf960d4dffa929a74cfe3d44f7552084fc1150b","sha512":"7c66bd80019b994685400d020e37d38ba3c45ee3cec449b83bf8a2e8d08d346e03d6245e81f9b868eab42325782107cbf837f3c057efb2c83a5151b22b1104c7","ssdeep":"","tlshash":"61e0d8caa9e9c90e9a1947694eed71da416270cd21cc01fd71843528fd4d3ef2411764","first_seen":"2023-05-29T23:05:28Z","last_seen":"2026-04-04T23:58:32.251697Z","times_seen":4084,"resource_available":false,"data":null}},"time_used":576,"timings":{"blocked":515,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/ja.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/ja.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 357\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":357,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b072ff9b575b2c9db1f40db4a8603ea1","sha1":"56c055fa39d04fdfbf8ca59c3186b982e301bbf2","sha256":"3cff261749f98b839faf4cbd34b7748daf28ed5d9377f3cb9929d6cc506665a2","sha512":"9a42eab5c883210142df99507c2cb0d4a2b8bba9cc91d87440039f0cb340d010b5137066ae28269ceb59e23b5901528506b4f3af4b49eec1ab405f1629a76a4a","ssdeep":"","tlshash":"a0e0c060a0ecc94c4e098b640b7c70d041a670dd268b01fc748c2668e98ebc77811a7c","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-04T23:58:32.190412Z","times_seen":1397,"resource_available":false,"data":null}},"time_used":608,"timings":{"blocked":548,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/is.png","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/is.png HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 3691\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3691,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced","md5":"49e6492e69d8e5d94a9ba3dad3d5f6dc","sha1":"48fe4fa67e8180002566572f346ad45118103fa5","sha256":"be6b2aff9deb6971c3a30c41eb4480a30a0feb25196052a646362c10ecdbd6ef","sha512":"bda45925b0bd84baed7fd41faa8136fc1d8d94eeec6d7518328f657695c1dab45570867f722cb52952b7d5cbb5cd1b6071f6e436ef1a091d89247a422981b6d6","ssdeep":"","tlshash":"eb71a5fa191ee567a4d52a9dd67b28c6cd618431c019edc28f30d114ae6e04f8acb5c9","first_seen":"2025-08-21T23:09:42.451261Z","last_seen":"2026-04-03T23:46:36.638609Z","times_seen":720,"resource_available":false,"data":null}},"time_used":622,"timings":{"blocked":561,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/pl.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/pl.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 310\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":310,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"73699780fe17013ad360d5441cba044d","sha1":"3e37c78fdc79aada415a05c2275c0fdf9664f062","sha256":"e03d57c0f7db7d4dc8eb6a2bc359f3a40591b490130bcfa06fba08d514fbdb07","sha512":"94ef034160ec61a32cd5ce34621c993aa3a14f0fd5d60adb807f7c3c116060d45956297c0213950824c0886292669cfb2aec40c110e32e43049ba733490f6e4b","ssdeep":"","tlshash":"c2e0c2d5a4a9ce4e4e1407758ebcb1e9917270df218d04fc71c52a29fd1e38b2811e99","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-04T23:58:32.191549Z","times_seen":4360,"resource_available":false,"data":null}},"time_used":623,"timings":{"blocked":563,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/strategy-image2.webp","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.616Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/strategy-image2.webp HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:42 GMT\r\ncontent-type: image/webp\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 12100\r\ndate: Fri, 12 Dec 2025 11:59:42 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":12100,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"19143b6767ca31ef3b1be5d8aac8165b","sha1":"782e2e3177d18b43e35bc7d4332650a7b7e6683d","sha256":"6eb19afa8edcd32776c14e9fe68c64368449b9c06e740248e7bc1590df0c65c5","sha512":"c519d790154539b6b440cd8d8e154bca88c6fddfd7c7fc338e982ad4137c71892215630370642bacc09326d989fe23ffb28283b1f7fab8c0e9024127f805200c","ssdeep":"192:Amd1qprJD5rAUQKtAajNYwRpNA4gXJO/E4HxJziM16aUkI+JU+7FX7+EAyuqx:AmdQpB1/QIAU/3sZO/LXD6aBRt7FH6qx","tlshash":"b542c06f2609d95fd63706a99a68b131348df2625e51c7fa2c1cb835330c4a6a78cc4e","first_seen":"2025-08-21T23:09:42.492197Z","last_seen":"2026-04-03T23:46:36.61296Z","times_seen":704,"resource_available":false,"data":null}},"time_used":282,"timings":{"blocked":219,"dns":0,"connect":0,"send":0,"wait":62,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/iphone2.webp","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.620Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/iphone2.webp HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/webp\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 14724\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":14724,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"15c90a83a5d07805cdfaace265e92c55","sha1":"1c0cfc5ed0ae0b37308e6ebe4dc086f7ac72676d","sha256":"14506fbdd1bfafa700c2492a682e12930b51a54f30c33660db601e901ed96fb8","sha512":"4fa5fc4e33191118a31903613e0c442735d1a639d07fdfe54cfdb0da68a89ba79559c8f1bcac837c0e54a648a2d8625ac249c18d30779c102a973e38c8c037d3","ssdeep":"384:UyjmaEu5AUEvtG5OvnNQ//PI8qSZA1EXO21ZxE+yKA:FjmkArXvNQv4qA1m97BA","tlshash":"6462c0a46943100cf9ec63210bf479b29816d69b6b216ee5275a154fc917fbcc0ab913","first_seen":"2025-08-21T23:09:42.496495Z","last_seen":"2026-04-03T23:46:36.60425Z","times_seen":702,"resource_available":false,"data":null}},"time_used":412,"timings":{"blocked":214,"dns":0,"connect":10,"send":0,"wait":120,"receive":47,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.395Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:20 GMT","end":"Mon, 16 Feb 2026 08:40:19 GMT"},"fingerprint":{"sha1":"6A:E1:8A:53:22:10:0A:EA:D5:8B:52:AB:88:89:E1:9C:72:AA:70:85","sha256":"F1:22:A3:0F:EE:FD:45:B1:E4:FA:14:E9:E4:1F:83:3A:81:45:61:0D:5D:82:48:E5:DB:D5:5F:95:60:4F:8F:DE"}}},"request":{"raw":"GET /s/montserrat/v31/JTUSjIg1_i6t8kCHKm459WlhyyTn89ddpQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://solvexgain800x-app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 37756\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Fri, 12 Dec 2025 00:40:13 GMT\r\nexpires: Sat, 12 Dec 2026 00:40:13 GMT\r\ncache-control: public, max-age=31536000\r\nage: 40772\r\nlast-modified: Thu, 04 Sep 2025 17:09:21 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":37756,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 37756, version 1.0","md5":"8a6a885dd57e60ddd85f3190737fa209","sha1":"dbca56b7fe8ee5e4bfb648d639fc6a3bfc5c6e85","sha256":"b9b102f608e8252e3c1e7287309832b16af7dcc6e788651fa503a3faacd7fb2f","sha512":"2bd785869777dc57dbb5934d4c6915b66f89746dd79897820eb4bbd0d262b2612bafdfb07c1e092658ad819f582a97e6a196531f74187d8a0b0bbd07fcbba56a","ssdeep":"768:sqRKhgpCf9U72WeD4A/5IqtBr0ikGvEaQh38/LBu3Emdc043RpgZKMqjkEfO1m:jKgp+9U7Ve8A/7Ai9Et3EBKEUE3RqMMu","tlshash":"3e030130df5884edcc0ba371fdeea81fc7a332a594c0b3368297af1b80111499d99e49","first_seen":"2025-09-05T00:25:10.258656Z","last_seen":"2026-04-05T13:48:53.426438Z","times_seen":308190,"resource_available":false,"data":null}},"time_used":287,"timings":{"blocked":144,"dns":0,"connect":0,"send":0,"wait":15,"receive":10,"ssl":118},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/intl-tel-input@24.5.0/build/css/intlTelInput.css","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"104.16.175.226","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.559Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jsdelivr.net","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 25 Apr 2025 00:00:00 GMT","end":"Mon, 04 May 2026 23:59:59 GMT"},"fingerprint":{"sha1":"A6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F","sha256":"20:CE:80:8C:8A:B7:48:3B:0B:A0:F2:AC:61:42:83:EC:54:84:A8:FA:4C:2D:98:10:FF:8B:FA:A5:1D:F5:21:28"}}},"request":{"raw":"GET /npm/intl-tel-input@24.5.0/build/css/intlTelInput.css HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 12 Dec 2025 11:59:44 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 2666\r\ncf-ray: 9acd0eaf5cc70b61-OSL\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-jsd-version: 24.5.0\r\nx-jsd-version-type: version\r\netag: W/\"403c-QBsg/WGPIFw7qhwA2rXqpFy0oOU\"\r\ncontent-encoding: br\r\nx-served-by: cache-fra-eddf8230059-FRA\r\nx-cache: HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\"; ma=86400\r\ncf-cache-status: HIT\r\nage: 1762360\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=zgRM9%2FtukGmBYUL6HRUBSZD4B%2FhkknhYVP1intDZFZM1qFtMirGHV4lOIRydwFVKUiHt5GHNxwqXfxkN86F1KBzrMSeRupX2DHkJE%2BGslW13R%2BUNzN5pePxKtoZ%2BhRvKEWc%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":16444,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"31cc7c1401a02ca75f8e903777df602a","sha1":"401b20fd618f205c3baa1c00dab5eaa45cb4a0e5","sha256":"04a435c7d3f367d9816544975c24deb53596f62f801d8a1f208d4e55cc7c4277","sha512":"13f510ea338392976fc33b28c2b7392e44ee0640bda2a0f1f7a7148fdbfd4f9aa47bf24b15bdd103f3c0be1cc003dc38adb3041dff2247d4873db62cc2a746d9","ssdeep":"192:WzvSqT2sd5uVsAPRY6e5yE9y3tzEUbyhG/JYyiKdjr+/TEHRik1B3EBu:4v2sdk1RdE9y3C+Rd3+/TyH","tlshash":"f3728c2742b41d3ea75dc1ba38a2c4f5733f588a70aecc96eec8100e5c87791a5ebc40","first_seen":"2024-10-22T10:29:57.919158Z","last_seen":"2026-04-05T13:03:04.690109Z","times_seen":5488,"resource_available":false,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":1,"send":0,"wait":14,"receive":1,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/fr.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/fr.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 352\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":352,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"e9efcfc75d8fdee9370032dc72e78bcf","sha1":"77d974568d91216054eee046c19c99f71cccb9be","sha256":"a7d195ab974d9555702eede5af18287b5767efcea5fc6dadf529e114dc6fb568","sha512":"12e0fd3eafb13d648d46f86cb8eeeea05e4acccceb2510abb4c888e07284de90503ddd8b3c02513d6fe84b6b66d6600039d56749f316d012cddd0d3d89cff8ea","ssdeep":"","tlshash":"1ae0d885a1a9c9094a16037959bc71d65123708f158905fc74842518bd4e39b3c51aac","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-05T03:28:13.4179Z","times_seen":6194,"resource_available":false,"data":null}},"time_used":515,"timings":{"blocked":455,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/cs.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.565Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/cs.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 374\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":374,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0fe0a2e4225eee5dd8a3c73a5ab5a312","sha1":"c930c1341640bee697cf50053721ddfd750dae2e","sha256":"2a3a7fa3da584643cbac6234aa452705982f50454ed0a259d8c8cd6a9c2fa8c8","sha512":"92390117a5b345c7f9123d5d06839d95959664b32e621961e0d28a353ee515df51a446563354cf9f3911acbd0032a0fb61b1ca356250262157aae05dc907fe8e","ssdeep":"","tlshash":"80e06889a0e88e094e1803b60efcb0d5612330ee208d02ecb0c06619e9197cb2808ee8","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-04T23:58:32.220954Z","times_seen":4146,"resource_available":false,"data":null}},"time_used":520,"timings":{"blocked":460,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/ro.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.605Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/ro.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 352\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":352,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b3459066e38308492a7ac98271d7b034","sha1":"bdc08d8b6b3a4ab7eef55fb2b73028001f045581","sha256":"3244688e345eb37de4069b23d32d91b59ecb2c28a14e38aaa4e02678f5d0bb7c","sha512":"5e68e1f9adf42375f8432dfc1a5b8a5f91849b2e3fdaa7ac1de0fb111cce8d61daf0330cca3137ae1ee66e20ba12c7e135114bb565b5f711cc730f8db4e20f81","ssdeep":"","tlshash":"00e0d88595a9c9094a1603795abc70d65123708e158905fc74c42514bd4e79b3c51aac","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-04T23:58:32.243747Z","times_seen":4097,"resource_available":false,"data":null}},"time_used":662,"timings":{"blocked":602,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/card-1.webp","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.617Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/card-1.webp HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/webp\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1310\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":1310,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 104x94, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"32c0a8a33dee2f86a1e2826f2a14c272","sha1":"1f0bdc52a90d630e47872bbbcccbb713c3da9ba2","sha256":"9d5b680187024128b4423e5ddf21c416ff5f3be9371efae8cff9949896da404b","sha512":"de9e39b4ec077929841b8a645230de1fc1083030966bb2b4ce5f5f91e264e1c1bb0e3da741266b3ef1e8318e2163d4ac746a066ec753372468e5fa988af7904f","ssdeep":"","tlshash":"d021d89d78f19c136fe1afc183f0c38e94264129b6c66c2a40c55c686c910681d98759","first_seen":"2025-08-21T23:09:42.443822Z","last_seen":"2026-04-03T23:46:36.634226Z","times_seen":704,"resource_available":false,"data":null}},"time_used":278,"timings":{"blocked":217,"dns":0,"connect":0,"send":0,"wait":60,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"ipinfo.io/?callback=jQuery31102137964678029114_1765540784942\u0026_=1765540784943","fqdn":"ipinfo.io","domain":"ipinfo.io","tld":"io"},"ip":{"addr":"34.117.59.81","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipinfo.io","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 04 Nov 2025 20:29:41 GMT","end":"Mon, 02 Feb 2026 20:29:40 GMT"},"fingerprint":{"sha1":"B3:74:BE:7D:0D:B0:DC:28:D7:31:69:D0:4F:3C:BD:A7:30:1B:19:0F","sha256":"07:FA:17:68:0A:9F:AD:4C:D9:D3:6A:8B:6B:22:8A:59:5C:75:10:22:67:16:D3:31:95:4C:03:FF:9C:D9:5C:0D"}}},"request":{"raw":"GET /?callback=jQuery31102137964678029114_1765540784942\u0026_=1765540784943 HTTP/1.1\r\nHost: ipinfo.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncontent-type: text/javascript; charset=utf-8\r\ncontent-encoding: gzip\r\ndate: Fri, 12 Dec 2025 11:59:45 GMT\r\nvary: accept-encoding\r\nvia: 1.1 google\r\nstrict-transport-security: max-age=2592000; includeSubDomains\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":672,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (391)","md5":"6a81f372fe7ca4707ef465121505558d","sha1":"4c1456c7469ea00870af7d112d7f4a2844f35df0","sha256":"22b2cec990ec3b41c287685422353bb4eb7c98315903499f12993ae34eea9218","sha512":"8c1ec0a43a1b50e4401f8afa14852af8dfaf26f60a87461f1469dbd000ced223652f5f41c5832dfc9b903a10f0b176aadae445d4b90d13627632de52c01e88ae","ssdeep":"","tlshash":"3b01945b10381f3aadbd454c841b9f2e33693d1f618275a68ea25f1c60449b770b137f","first_seen":"2025-12-12T12:00:16.044481Z","last_seen":"2025-12-12T12:00:16.044481Z","times_seen":1,"resource_available":true,"data":null}},"time_used":223,"timings":{"blocked":41,"dns":0,"connect":15,"send":0,"wait":139,"receive":0,"ssl":23},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/karla/v33/qkBbXvYC6trAT7RVLtyU4LZOsAU.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.178.99","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:45.387Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 24 Nov 2025 08:40:20 GMT","end":"Mon, 16 Feb 2026 08:40:19 GMT"},"fingerprint":{"sha1":"6A:E1:8A:53:22:10:0A:EA:D5:8B:52:AB:88:89:E1:9C:72:AA:70:85","sha256":"F1:22:A3:0F:EE:FD:45:B1:E4:FA:14:E9:E4:1F:83:3A:81:45:61:0D:5D:82:48:E5:DB:D5:5F:95:60:4F:8F:DE"}}},"request":{"raw":"GET /s/karla/v33/qkBbXvYC6trAT7RVLtyU4LZOsAU.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://solvexgain800x-app.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32236\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Sat, 06 Dec 2025 00:27:08 GMT\r\nexpires: Sun, 06 Dec 2026 00:27:08 GMT\r\ncache-control: public, max-age=31536000\r\nage: 559957\r\nlast-modified: Wed, 10 Sep 2025 16:45:33 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32236,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32236, version 1.0","md5":"460580ff5d5f9daad7aebcd7203507bc","sha1":"d005e16fd29071beec3d948aaacfa2da74526fe0","sha256":"e3483281fbf916fd2549365cb4ba48a389ce8dc1fb74fc766fb0623ffd0473bc","sha512":"1fa713a68410646252d6a1567fe325baf0b5a74294dd136121726079829255d82f82404d15d86866f120e94715a7f1cc909216bbbd9f6d7dc34cde512a92d842","ssdeep":"768:mMZ+9ps2ddJm9wj26zI5fIVNpUnhkEob2y:mM5YPzeaNpQhpol","tlshash":"7ce2f076c16155f4c4aa80408f677390bba7906ac46a9f254307e0e3debf6de3860787","first_seen":"2025-09-12T17:16:52.812006Z","last_seen":"2026-04-05T13:46:01.648401Z","times_seen":1855,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":155,"dns":2,"connect":27,"send":0,"wait":28,"receive":8,"ssl":111},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/ar.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.562Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/ar.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 10672\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":24678,"size_decoded":0,"mime_type":"image/svg+xml","magic":"ASCII text, with very long lines (24676), with CRLF line terminators","md5":"ff8d7927af846f11628284e5b270adaf","sha1":"06a32de0c63edfc6bec722294be0f50faad3f669","sha256":"0c606d62cbc00b47a56e55ee4dab3c85c4ef81e26b6896a8570020b464237816","sha512":"c25c00856a3beb0dd27dd5dd9e489398d3fb8d39ac8e0229553ae6853c9c13682b58cbdcdc4b6078222707e0bb2cb8365718d927026af77b9dfda6ccdb3d32a3","ssdeep":"384:TWqbKBQivkm1CEaCxcAHitd+aJNeCwdWuCRLWWmoPYK+SwYNR9/SL9iu2:TnbOvtxcAHiCuwgCWrPJbvyiu2","tlshash":"d1b2a6d92770e3d8a6cb996eff319c986a4bf4fe8e7742c0816e9a0459d7dc4e604c00","first_seen":"2025-08-21T23:09:42.503051Z","last_seen":"2026-04-03T23:46:36.651678Z","times_seen":719,"resource_available":false,"data":null}},"time_used":462,"timings":{"blocked":400,"dns":0,"connect":0,"send":0,"wait":61,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/sk.svg","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/sk.svg HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=604800\r\nexpires: Fri, 19 Dec 2025 11:59:43 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 739\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":1637,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6ed3cf547a2f8579e45330fde3095537","sha1":"dfc6023844bb5a110c3d9219c82dd326940ae055","sha256":"c1b338efd99956c2ae0c62fcf559b2d956fa11f71751985d62c9942b061dad6a","sha512":"4ed0e6912bfa55a7bee5b4f6318c3878bff3bf23d5a220225b5e19d207d7f55bd816f06dfb8daf8a5eb4c2e266d0fcce8f40d0f797c81d97a2517e5eba2a3be4","ssdeep":"","tlshash":"193176c55178aa4849c7a76fde7cb8959015a0fd21f940fd7a4a470c956caceaf00cb4","first_seen":"2023-05-07T18:18:54Z","last_seen":"2026-04-04T23:58:32.258928Z","times_seen":4071,"resource_available":false,"data":null}},"time_used":610,"timings":{"blocked":549,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/flags/id.png","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /flags/id.png HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 351\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]}],"data":{"size":351,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 20 x 13, 2-bit colormap, non-interlaced","md5":"fd273ad5f3d1e33a14e6fd37860a58a3","sha1":"a0891a0bb126e310d6f963108c875c52b5f0db5c","sha256":"1fce31ae1ba50ed9e3e01f06dfe4866bd4132847dccbc1de171b455c990636e8","sha512":"daef9968e8706e62a91288c11f8573533868e91a8d858b50bb6baae7f42b30b3c0a97b49ee902c4f28285bfdb6d049b910a997c14af60f495e32f8c16876edf7","ssdeep":"","tlshash":"35e020e1b1709ed0c5472325a5172240fef3ca094fe24504ba69e1448d18fcf5f747d2","first_seen":"2025-08-21T23:09:42.483866Z","last_seen":"2026-04-03T23:46:36.656923Z","times_seen":720,"resource_available":false,"data":null}},"time_used":622,"timings":{"blocked":562,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/card-3.webp","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.619Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/card-3.webp HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/webp\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 1644\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1644,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 97x89, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"bd70665a5565d84d93050a15b8e8bec0","sha1":"65d7011f40b2917a4dbc916ca7fcf9d39fc93098","sha256":"c55273987f2bb7afb869011b4df3758c4f24902253019080f1e2db7cc078b291","sha512":"0d3c2d1cbd69b9f012a8f1d134b66d6f669bcba605c4b8fced8aeac3ca19f515a589305e58c3578c448bee4f476f0d12023d65f4acab4ce65f009cd183f307c9","ssdeep":"","tlshash":"cf31e842b2d75fbae2fcad58684e9762005919d0f12e2c49e7b79b085fd8612d30ab21","first_seen":"2025-08-21T23:09:42.479685Z","last_seen":"2026-04-03T23:46:36.65465Z","times_seen":704,"resource_available":false,"data":null}},"time_used":342,"timings":{"blocked":281,"dns":0,"connect":0,"send":0,"wait":61,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/images/startbitcoin2.png","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /images/startbitcoin2.png HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=31536000\r\nexpires: Sat, 12 Dec 2026 11:59:43 GMT\r\ncontent-type: image/png\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-length: 86800\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nvary: User-Agent\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":86800,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 512, 8-bit colormap, non-interlaced","md5":"45ed25db958d1f0991cf59db4c09fac3","sha1":"c64efc7367d04183e619324f9213c64497997e3a","sha256":"8b328eb04323d6c6def54b8c65de417b295f442a4d98f446b36c61acb56353f9","sha512":"f3ced8623fa94360bad5bd063ee961439cb352aaaa8def7adeb92250f4bc94916ffd2290430c1fcc584dbce937df4907e54cef5ef52e84fd2a21555b45241fd3","ssdeep":"1536:62OsA9UMP71mZXxzKFMTIv8WVRJoQRnufcxYWALcksTFd9kL:6ZeMT1yzKuI0qRKcx+sVkL","tlshash":"5b8312aa6618a11d4b8dc03f1b6799cb0e10b77298f11a49bc4a59af00f7a3d701b3d6","first_seen":"2025-08-03T22:34:12.973416Z","last_seen":"2026-04-03T23:46:36.60539Z","times_seen":708,"resource_available":false,"data":null}},"time_used":776,"timings":{"blocked":661,"dns":0,"connect":0,"send":0,"wait":61,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"solvexgain800x-app.com/css/reset.css","fqdn":"solvexgain800x-app.com","domain":"solvexgain800x-app.com","tld":"com"},"ip":{"addr":"193.105.134.76","port":443,"asn":42237,"as":"w1n ltd","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://solvexgain800x-app.com/","date":"2025-12-12T11:59:44.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"solvexgain800x-app.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 20 Sep 2025 01:07:16 GMT","end":"Fri, 19 Dec 2025 01:07:15 GMT"},"fingerprint":{"sha1":"37:9E:08:1B:E5:97:48:46:93:01:91:7E:5E:60:08:D3:7C:6E:80:F5","sha256":"80:4C:8D:EF:98:6B:9B:A3:16:CA:AA:3B:70:91:49:FA:C5:4D:8F:97:A7:5B:00:5E:E8:8A:9E:D4:D0:00:19:1E"}}},"request":{"raw":"GET /css/reset.css HTTP/1.1\r\nHost: solvexgain800x-app.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://solvexgain800x-app.com/\r\nCookie: XSRF-TOKEN=eyJpdiI6IjdhOVhmSnl3OUpFeURuckRLY1BtWGc9PSIsInZhbHVlIjoiWStkT3JORXJtaTQxM0dpdEVEalZvemg4WCtoL0pkaWt1TTE0Q2REVzVFbStwVW1LWm9SVC9TSGFmOUJZYjF3SXBkRjduWlFEUmE5TFZXZTZOZityZUhNZXpySVREeUhyNE1OQnlNZ2p4MXFzdlRyOEdvYUl1dHVIeXhBYjBrL1QiLCJtYWMiOiJjMTAwNzg0OTMzNzEyY2YwNTk4YjZiY2Q0NWM3OGU0YzU3M2EzMzM1NDdiNjNjZTViMmE2YTljYmFlM2JkYzJiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImN5NGM5R2dHcEJYV3J1cmk5RlpvR3c9PSIsInZhbHVlIjoiYVRDbmZETFRJajh4dklsQXVZMnJXNjU2RkFydUlkYjZSbDJlL2dSOFV1a3l5ek5VTndSeDNhN2VnQWlVdUNvOWFZNUhXWUtRdFRBT3pwYWFMU240MWVZSnVWK1N2cmtzTDNpZm1ERktTbTIxZGsrbDRNanN1L0d1SUZTT1ZpUjkiLCJtYWMiOiI4NmU0YmFlMGM4ZmQ4N2E4ZjRlMGEwNzgzNzYyNmVhNTZjY2Y0ODhlZjcyMTZkMjQwZGI3NmZlNjRhZDFkMDViIiwidGFnIjoiIn0%3D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nkeep-alive: timeout=5, max=100\r\ncache-control: public, max-age=2592000\r\nexpires: Sun, 11 Jan 2026 11:59:43 GMT\r\ncontent-type: text/css\r\nlast-modified: Wed, 13 Aug 2025 12:46:50 GMT\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding,User-Agent\r\ncontent-length: 606\r\ndate: Fri, 12 Dec 2025 11:59:43 GMT\r\nserver: LiteSpeed\r\nx-turbo-charged-by: LiteSpeed\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Litespeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://wordpress.org/plugins/litespeed-cache/","common_platform_enumeration":"","icon":"litespeed-cache.png","categories":["Caching","WordPress plugins"]},{"name":"LiteSpeed Cache","description":"LiteSpeed Cache is an all-in-one site acceleration plugin for WordPress.","website":"https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration","common_platform_enumeration":"","icon":"LiteSpeed.svg","categories":["Caching","WordPress plugins"]}],"data":{"size":1668,"size_decoded":0,"mime_type":"text/css","magic":"CSV ASCII text","md5":"ed8b03a35ad456ff4229e25ce59646f4","sha1":"53648f35ae50d3fa5c7f5c0344db4cde73e1e8f3","sha256":"3d15397d77fcf1d9ad3c451cacafea0a377b8b75c8dcdde60e72b5529911d5fc","sha512":"3defb47c1722b537f544aefae10f5c96b787987a42c428692f2812703e3ced53f95b22d085eccf7080b7b0bb78e089ad18f940a1c36453f6ea91ad8ee447649e","ssdeep":"","tlshash":"37312428e7a35cd0a22ec565b7aee710331c417b480aed78ff69a2694f0919490b2b4d","first_seen":"2025-08-21T23:09:42.4282Z","last_seen":"2026-04-03T23:46:36.606122Z","times_seen":705,"resource_available":false,"data":null}},"time_used":427,"timings":{"blocked":363,"dns":0,"connect":0,"send":0,"wait":63,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-12","alert":"Sinkholed","trigger":"solvexgain800x-app.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}}]}