{"report_id":"78ca6730-4bcf-45fc-8362-bac175923c7a","version":6,"status":"done","tags":[],"date":"2025-12-20T19:30:53Z","url":{"schema":"http","addr":"hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","fqdn":"hehehub-acsu123.pythonanywhere.com","domain":"hehehub-acsu123.pythonanywhere.com","tld":"pythonanywhere.com"},"ip":{"addr":"35.173.69.207","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"final":{"url":{"schema":"https","addr":"hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","fqdn":"hehehub-acsu123.pythonanywhere.com","domain":"hehehub-acsu123.pythonanywhere.com","tld":"pythonanywhere.com"},"title":"Get Key HoHo Hub - Step 1","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","fqdn":"hehehub-acsu123.pythonanywhere.com","domain":"hehehub-acsu123.pythonanywhere.com","tld":"pythonanywhere.com"},"ip":{"addr":"35.173.69.207","port":0,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-01-24T19:30:53Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":28}},"detection":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"relishsubsequentlytank.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"relishsubsequentlytank.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"relishsubsequentlytank.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"skinnycrawlinglax.com","ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-01","domain_rank":38609,"first_seen":"2025-07-09T22:28:05.771371Z","last_seen":"2025-12-16T07:46:15.46484Z","alert_count":55,"request_count":11,"received_data":27159,"sent_data":9457,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"cdn.show-sb.com","ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2024-08-20","domain_rank":187612,"first_seen":"2024-08-31T03:46:04Z","last_seen":"2025-12-16T03:50:05.101708Z","alert_count":1,"request_count":1,"received_data":2073,"sent_data":522,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"politicalpiano.com","ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-05-10","domain_rank":1616700,"first_seen":"2025-03-06T15:38:47.579109Z","last_seen":"2025-11-23T20:27:35.412196Z","alert_count":9,"request_count":3,"received_data":171328,"sent_data":1406,"comment":"","tags":null,"fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"rockyspoons.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-12-09","domain_rank":0,"first_seen":"2025-12-20T13:36:12.284926Z","last_seen":"2025-12-20T13:36:12.284926Z","alert_count":46,"request_count":46,"received_data":132528,"sent_data":81410,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"raw.githubusercontent.com","ip":{"addr":"185.199.109.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2014-02-06","domain_rank":22021,"first_seen":"2014-03-01T07:08:08Z","last_seen":"2025-12-15T16:10:37.963774Z","alert_count":0,"request_count":1,"received_data":256781,"sent_data":518,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}]},{"fqdn":"realizationnewestfangs.com","ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2024-09-03","domain_rank":0,"first_seen":"2025-10-02T06:26:57.543488Z","last_seen":"2025-12-16T07:55:43.565879Z","alert_count":12,"request_count":4,"received_data":21829,"sent_data":6319,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-12-14T22:13:59.416786Z","alert_count":0,"request_count":2,"received_data":81926,"sent_data":1138,"comment":"","tags":null,"fingerprints":null},{"fqdn":"protrafficinspector.com","ip":{"addr":"18.194.59.7","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"domain_registered":"2025-06-18","domain_rank":614186,"first_seen":"2025-07-25T22:45:21.95813Z","last_seen":"2025-12-16T20:59:52.98779Z","alert_count":0,"request_count":4,"received_data":1772,"sent_data":1936,"comment":"","tags":null,"fingerprints":null},{"fqdn":"creative-sb1.com","ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-01","domain_rank":22211,"first_seen":"2025-08-08T09:32:32.509707Z","last_seen":"2025-12-16T05:58:16.815567Z","alert_count":18,"request_count":6,"received_data":184723,"sent_data":2895,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"flushpersist.com","ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-07-01","domain_rank":23810,"first_seen":"2025-07-08T10:43:12.76905Z","last_seen":"2025-12-17T07:19:24.346596Z","alert_count":6,"request_count":2,"received_data":1060,"sent_data":1572,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"hehehub-acsu123.pythonanywhere.com","ip":{"addr":"35.173.69.207","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2011-03-24","domain_rank":0,"first_seen":"2025-06-21T22:31:46.104115Z","last_seen":"2025-09-14T00:31:19.405546Z","alert_count":0,"request_count":1,"received_data":14474,"sent_data":537,"comment":"","tags":null,"fingerprints":[{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"PythonAnywhere","description":"PythonAnywhere is an online integrated development environment (IDE) and web hosting service (Platform as a service) based on the Python programming language.","website":"https://www.pythonanywhere.com","common_platform_enumeration":"","icon":"PythonAnywhere.svg","categories":["PaaS","Hosting"]}]},{"fqdn":"relishsubsequentlytank.com","ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"domain_registered":"2025-02-06","domain_rank":5445233,"first_seen":"2025-03-15T18:14:46.825163Z","last_seen":"2025-12-13T09:45:50.986954Z","alert_count":3,"request_count":1,"received_data":107452,"sent_data":478,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"cdn.storageimagedisplay.com","ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"domain_registered":"2024-09-13","domain_rank":170153,"first_seen":"2024-09-13T12:56:32Z","last_seen":"2025-12-15T06:43:45.023171Z","alert_count":0,"request_count":10,"received_data":707177,"sent_data":5126,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"preferencenail.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":20606,"first_seen":"2025-07-08T12:55:47.271261Z","last_seen":"2025-12-17T16:26:46.156091Z","alert_count":6,"request_count":2,"received_data":171912,"sent_data":864,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"weirdopt.com","ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2025-07-01","domain_rank":37519,"first_seen":"2025-07-08T12:55:47.272157Z","last_seen":"2025-12-17T17:02:40.749593Z","alert_count":3,"request_count":1,"received_data":377,"sent_data":437,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-12-14T22:17:06.291076Z","alert_count":0,"request_count":1,"received_data":17441,"sent_data":430,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"4580d45f87c4a363c248a56f68154698","sha1":"eaea3ef303229921262068a1e3cb4df2952964f8","sha256":"f706cdb96c5361657395a0eae7f4f9c0ad19a5179db7dc2d2e27b92cc78cdf35","sha512":"18326226bd70f5dcd517b0b87725ee7bead9abaad0907fd071a5858779c109aa6a4e460fab2e9c6b3faca68ce988d17bebd444bf66b09f9037bd139e557a93e7","ssdeep":"96:+tNqUozCqYOSnoak/X24paGBkk/9RVX5hJGWDPZqEiq1jD+CfMEDaH:TzUOJ/TYGBkkFRlJ3DPJi+v+CkCaH","tlshash":"4ba129bd1dd280794466b0fb50bf90083f94b10b2e44ca09f8adea890b24be14db9dc9","size":4749,"data":"","first_seen":"2025-12-20T19:31:04.759175Z","last_seen":"2025-12-20T19:31:04.759175Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","fqdn":"hehehub-acsu123.pythonanywhere.com","domain":"hehehub-acsu123.pythonanywhere.com","tld":"pythonanywhere.com"},"ip":{"addr":"35.173.69.207","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"b33bcbda5370de032cffd736110beff0","sha1":"0de4c3068e4204fa96f6b368165e0e90c020c968","sha256":"438a42d1655710410902c3acd9fdcf215b8af2ee84c0272b2284cb36c0a82163","sha512":"6fefbbd1010074528dc585934354d70586a8ea834dfb6649d8e7341108bd2596c3a277ab9d953308084b95946bedf180f8e016a53ba79b78b8e53d7dbbbd4245","ssdeep":"","tlshash":"64d08cae87ccf2880093c46f003cc4845128dd737c0a682235ed28107f4c81d847676e","size":203,"data":"","first_seen":"2025-12-20T19:31:04.764147Z","last_seen":"2026-03-08T12:40:28.756037Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"politicalpiano.com/e0/2e/e1/e02ee106ac9f7f9a067c81c19bdc3c60.js","fqdn":"politicalpiano.com","domain":"politicalpiano.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"cbf93877556f76d07c09103f2496ed94","sha1":"ca202fe341ba6600060b8df9008860483620e47c","sha256":"55192a7112914e56a8e698498f81484cf86556088c914fd8c8c57a26b25ea6aa","sha512":"4956264eecd00380df0cfa0ef5efae5d761b51b3e60ca120cb688246232735cfee3a0383aaa075f2fa7e3f078f740121d69babb52b462f6f5b78cebcce386804","ssdeep":"1536:l9yUBg8XFOUGXAVTesz3WArOwlNyBv77NzxpQ2jFFwbhjI1:l3B91cipUhxpJw1I1","tlshash":"cb7309487f42b16b5352a073627fd047f0256f1261ecd498d123e6a86f6c339f636b98","size":78823,"data":"","first_seen":"2025-12-20T19:31:04.7123Z","last_seen":"2025-12-20T19:31:04.7123Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"a963adfb09da03eb22f5931d7c594b6d","sha1":"ef42956d7237b5b3e9011180c019de387d4c4602","sha256":"4d03f142f5c46491f314ac2b1d438ce5d7786da71c3d09a1422fe31a3f80d3ab","sha512":"849cd76960d01eeecd7126975e9716ab6fb21114f2c1688fec81cdeb9a2c74090ba81624e1a6b5717644c90bb39f0a7a68a291eba99e0d0093b714eaaff3241a","ssdeep":"","tlshash":"0d31d7ff155745ad4c20e5f7f4af60212f82240e7d88d019b43b91be039dba28aa5d51","size":1538,"data":"","first_seen":"2025-12-20T19:31:04.79773Z","last_seen":"2025-12-20T19:31:04.79773Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"politicalpiano.com/df85ebbdb343866e18d5de2b6fd24249/invoke.js","fqdn":"politicalpiano.com","domain":"politicalpiano.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"b197908957a82f1a44fd2a2730d6891f","sha1":"6d0f205dae40caebcb8615ad6779c33738bfd0c3","sha256":"e543c2919c39cef5a15be69e1e362ec419b1f5243b43128d7503f35d09bf598f","sha512":"32cb0b274cb7fcee012bd922a180c97b56c341c6f6ff9f7b22b53a56329c746f1019bc1d214bf17d8c4ec47f7d6e197d3d8056ea612306dce7e1a0eadd3f3896","ssdeep":"768:pL+PQPpOg5DGmXN43uQxjCoMSZR/IuVpPtyw4cLeJEOlhPsn3Ia3fX:pb5DR6fCoM4R/Zyw4En3I8","tlshash":"a513d79a7f91b5ac0376b47b143f922ef6399d0260c8c9acd103e8952f9ca4dc139b59","size":43698,"data":"","first_seen":"2025-12-20T19:31:04.59212Z","last_seen":"2025-12-20T19:31:04.59212Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-16T16:44:00.746642Z","times_seen":19002,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"1a4d4082e12c04ac92f31674dc2f6295","sha1":"73a0a4fc38cf27791e4a9049bd673cf83f4f3c49","sha256":"2177483130c4d2c8ddaddc8721a22839cd98f3e61118da7b5cb82e2f13c081c5","sha512":"4b26bb2a2b17d972c0cf6df2ae37610ab58538cd86c651d8c4aa87aa83cdd48ec9a701b3d102c3578383791d9e4b9639f062916058db5c1169f84eafec742b0a","ssdeep":"","tlshash":"21310b782d83545b82eef5b200aed318aedcf7952e80c789e49ddec41138cc1327b885","size":1812,"data":"","first_seen":"2025-12-20T19:31:04.806083Z","last_seen":"2025-12-20T19:31:04.806083Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6c80237bd47bf61498d6d627a6529a52","sha1":"1541a24eb0b1d632a55119f0c826e1a19b22535e","sha256":"92c9fb64e865feedad6a7ace7226972c1299b511bc8f38d3260f2f1c564ea2e5","sha512":"10ba236a886e6e66179d17613a1e6c1192a250b1cb7617d2e2d443eb888afcfc762c8cf3b24cf457d0228479ae9756c6df9ecc9afcdc0949e75fa526cb8d2529","ssdeep":"96:rwynY9YqmXwYLHwX1O/D3cYmeDjlwjeqFczLCDsnvuRQs01GKyBspfkxzUXe2lJs:vzV4crcYmeV+VHJmQxdCnV8oDeQToJ","tlshash":"e102530809f9d921c40da03e203e3664f7640a53ac5abed8fe4491055fde96fb9b943f","size":8627,"data":"","first_seen":"2025-12-20T19:31:04.807494Z","last_seen":"2026-03-08T12:40:28.752117Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"politicalpiano.com/8253a9c21e6081348abe9f05f9d8dea2/invoke.js","fqdn":"politicalpiano.com","domain":"politicalpiano.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"caa026c2df8b432e73cbc6fc5c9f44bb","sha1":"7da87ca3cb8372dbad6581b095c7f89aab9ceb01","sha256":"85d6e52d5b12b434d35768c7d22a8585fe5294d4e062b8ab0e39c5d0b9fca18b","sha512":"9f25dd915f499ac41a647d543079fdf8adc9966ce562ecd7fc5e0256c595c093d1a0fa58d4e359de7bc7e38726729547ae8beb5424982bee8cd26f50183ba9a6","ssdeep":"768:dB2Ee/5+sNKlKMHLQTwkf0R6sYeLvLoK12G6FYc0CHKC:dB2Em+aMHLQTwkf0bLDLoK12tFYNaf","tlshash":"a823fa5dbf92f006165f70b7372fa106b11a8c19280cd89cfa07fda46d68f45e837aa4","size":46275,"data":"","first_seen":"2025-12-20T19:31:04.58424Z","last_seen":"2025-12-20T19:31:04.58424Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/53/23/86/5323869a8beda1d7db01e9c875b2f49f.js","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","size":6454,"data":"","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"8d4ee2956bccf0a1313bfc1de9485e4d","sha1":"8405c5993aa3b715bc71633eee9a2e1762a4c8ac","sha256":"6bbdd700fb624339c1df5ddd2b5ce16d63d7a799bbb81a21420badeeda6b300d","sha512":"b66b984343deb9af70b9d64ba2fe15eb5bbcca4290a898f1ce2524f13bba15746df105d00e600f44dcb26460ffbaac47dcbe420141bf7cdbde99528222096276","ssdeep":"","tlshash":"22c02b899f05812b6bc138df530c03c84cc86b33b030471d90c2fb80a080033c00000e","size":145,"data":"","first_seen":"2025-12-20T19:31:04.808922Z","last_seen":"2026-03-08T12:40:28.763403Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","size":84384,"data":"","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-06-16T16:39:37.706311Z","times_seen":12163,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"relishsubsequentlytank.com/c2/40/88/c24088fb2a6cd3f2c2336679f397c764.js","fqdn":"relishsubsequentlytank.com","domain":"relishsubsequentlytank.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"2b240697414042e59f9809da79735184","sha1":"346632d84a3acd434243990b4cf52ddfb02719b7","sha256":"a11c13a7e144371405bcb95023255eef68dc22e9c1471af160da66b67702759d","sha512":"e62ccb4ad2132ac094a5bd9fc37ca2aa8b398c7e9ff629dc414be11f6a6afb99d2d8621c8dd83b95c721676fcdc2bda1778db8559684d9aaa579d5c6997ca702","ssdeep":"1536:EpOvTY8Afd1ow5ZEUjHzQSF63R2LbqKYmEqMTd01yLVH2WQgPrNQCld5h4s9imfg:qXLD33COgu+bAKaS6","tlshash":"fba3cad97f40f06d4271607a113fa00af25b0e46688cd59ce117f6a42fa866fe57ef28","size":106600,"data":"","first_seen":"2025-12-20T19:31:04.659625Z","last_seen":"2025-12-20T19:31:04.659625Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","fqdn":"hehehub-acsu123.pythonanywhere.com","domain":"hehehub-acsu123.pythonanywhere.com","tld":"pythonanywhere.com"},"ip":{"addr":"35.173.69.207","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":true,"md5":"3330eaa78b2dbdfb32e472f7888f13ec","sha1":"fbf90f9695f863b0cdc0f2994c69a62865bd22c7","sha256":"a4b911d02b2de66f36d56288c8fcf20c33f226f5b3ad1a12d3b605a81b3ccc91","sha512":"bf0c9b3d992fb14313dc45d561ecd284e1a064bd5d28bc7c74558d4094ceee37da3f486c156ab017ab50531ca640787e1a1b4dd576170c286a2394384e161f06","ssdeep":"96:9mGdkWOg+hX4iRWzyVGMWO9zvLxGeLxGemT:XkWO/d4iYyVGk9DmT","tlshash":"cd91fd7a79f71c3509a7a06e47efa704373210032582d82878adc24cafd6e4594f5bd9","size":4600,"data":"","first_seen":"2025-12-20T19:31:04.814001Z","last_seen":"2026-03-08T12:40:28.762439Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":false,"md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","size":85379,"data":"","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-16T16:44:00.746642Z","times_seen":19002,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"politicalpiano.com/8253a9c21e6081348abe9f05f9d8dea2/invoke.js","fqdn":"politicalpiano.com","domain":"politicalpiano.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:30.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"politicalpiano.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 02 Nov 2025 22:28:26 GMT","end":"Sat, 31 Jan 2026 22:28:25 GMT"},"fingerprint":{"sha1":"9A:6A:05:19:EF:9A:E4:3D:C0:FC:99:B5:56:DA:88:06:B3:92:38:29","sha256":"F3:43:68:96:9B:48:D9:78:B2:55:E7:27:64:2C:D9:DF:20:13:0E:A1:CF:B2:00:9C:D3:2E:4A:8B:E0:F9:C1:AF"}}},"request":{"raw":"GET /8253a9c21e6081348abe9f05f9d8dea2/invoke.js HTTP/1.1\r\nHost: politicalpiano.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:30 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 18469\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: politicalpiano.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 89bb448c10736b594cacc1ee113e56b7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46275,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (46275), with no line terminators","md5":"caa026c2df8b432e73cbc6fc5c9f44bb","sha1":"7da87ca3cb8372dbad6581b095c7f89aab9ceb01","sha256":"85d6e52d5b12b434d35768c7d22a8585fe5294d4e062b8ab0e39c5d0b9fca18b","sha512":"9f25dd915f499ac41a647d543079fdf8adc9966ce562ecd7fc5e0256c595c093d1a0fa58d4e359de7bc7e38726729547ae8beb5424982bee8cd26f50183ba9a6","ssdeep":"768:dB2Ee/5+sNKlKMHLQTwkf0R6sYeLvLoK12G6FYc0CHKC:dB2Em+aMHLQTwkf0bLDLoK12tFYNaf","tlshash":"a823fa5dbf92f006165f70b7372fa106b11a8c19280cd89cfa07fda46d68f45e837aa4","first_seen":"2025-12-20T19:31:04.58424Z","last_seen":"2025-12-20T19:31:04.58424Z","times_seen":1,"resource_available":true,"data":null}},"time_used":863,"timings":{"blocked":332,"dns":53,"connect":95,"send":0,"wait":98,"receive":93,"ssl":188},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"politicalpiano.com/df85ebbdb343866e18d5de2b6fd24249/invoke.js","fqdn":"politicalpiano.com","domain":"politicalpiano.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:30.564Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"politicalpiano.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 02 Nov 2025 22:28:26 GMT","end":"Sat, 31 Jan 2026 22:28:25 GMT"},"fingerprint":{"sha1":"9A:6A:05:19:EF:9A:E4:3D:C0:FC:99:B5:56:DA:88:06:B3:92:38:29","sha256":"F3:43:68:96:9B:48:D9:78:B2:55:E7:27:64:2C:D9:DF:20:13:0E:A1:CF:B2:00:9C:D3:2E:4A:8B:E0:F9:C1:AF"}}},"request":{"raw":"GET /df85ebbdb343866e18d5de2b6fd24249/invoke.js HTTP/1.1\r\nHost: politicalpiano.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:30 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 15829\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: politicalpiano.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: af8da48e07143202a61628cf539f0f1e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":43698,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (43696), with no line terminators","md5":"b197908957a82f1a44fd2a2730d6891f","sha1":"6d0f205dae40caebcb8615ad6779c33738bfd0c3","sha256":"e543c2919c39cef5a15be69e1e362ec419b1f5243b43128d7503f35d09bf598f","sha512":"32cb0b274cb7fcee012bd922a180c97b56c341c6f6ff9f7b22b53a56329c746f1019bc1d214bf17d8c4ec47f7d6e197d3d8056ea612306dce7e1a0eadd3f3896","ssdeep":"768:pL+PQPpOg5DGmXN43uQxjCoMSZR/IuVpPtyw4cLeJEOlhPsn3Ia3fX:pb5DR6fCoM4R/Zyw4En3I8","tlshash":"a513d79a7f91b5ac0376b47b143f922ef6399d0260c8c9acd103e8952f9ca4dc139b59","first_seen":"2025-12-20T19:31:04.59212Z","last_seen":"2025-12-20T19:31:04.59212Z","times_seen":1,"resource_available":true,"data":null}},"time_used":868,"timings":{"blocked":334,"dns":51,"connect":95,"send":0,"wait":98,"receive":94,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1094\u0026rd=1094\u0026fd=560\u0026bv=25.12.2106\u0026tmpl=70","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /pixel/purst?dl=0\u0026th=0\u0026sc=0\u0026rs=1094\u0026rd=1094\u0026fd=560\u0026bv=25.12.2106\u0026tmpl=70 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":648,"timings":{"blocked":352,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":200},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/si/d8/b1/09/d8b109165fc0ec08002c14fd9e81f6ece67b955e786b918b73abb33e5be5188f.png","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.039Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /si/d8/b1/09/d8b109165fc0ec08002c14fd9e81f6ece67b955e786b918b73abb33e5be5188f.png HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 57237\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 11 May 2025 14:02:30 GMT\r\netag: \"6820adf6-df95\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57237,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 320 x 240, 8-bit/color RGBA, non-interlaced","md5":"423a240fbfb182d7805dad3bb9e822bb","sha1":"6a853689b2cc95a6c36b98e6938e598bf2a28d52","sha256":"da19475c70c6669a83473eb52dec1feb61e629e374fdd426dd02024080d0b1a6","sha512":"98e063f429420821aa55688891aa4426d16d9e7ffa44f92f8d9d7f3e3870007872a66a718185428f197db14d070b7254e92a2cc7734cc54c39034c808daa7c8f","ssdeep":"1536:BP5oFAaPeX990yL036TelNvY6lEFLXmLw2JR:FWqaPeXz0yLDe7luXyH","tlshash":"ab430224ff03e61784be24af91eae88f1f6421bfb5b092807770221445b7c6b4282463","first_seen":"2025-05-16T16:44:08.672031Z","last_seen":"2026-06-16T09:09:31.965416Z","times_seen":4160,"resource_available":false,"data":null}},"time_used":905,"timings":{"blocked":413,"dns":53,"connect":19,"send":0,"wait":52,"receive":2,"ssl":361},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/18/a9/3a/18a93a23640bef9e9db0605254fda42d/1756661839.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.146Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/18/a9/3a/18a93a23640bef9e9db0605254fda42d/1756661839.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72107\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:37:19 GMT\r\netag: \"68b4884f-119ab\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72107,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:11:41], progressive, precision 8, 320x240, components 3","md5":"d93418e60c08a4971076f1eeb64310a2","sha1":"6bd2c394ee81cda9c8178ad29dcc625434de82e2","sha256":"a05bb96b04f8e69521e9a34c26f9e6e56303a5cfda91bb6af42d0c07dd8a0d65","sha512":"ef95fc1bf232f9c7471931ce073aa2749a8979d63d8a9d05c8685d135e7b1e9b12d4e29225b11ab1a302b4a2243ce5d8a745e45dd1a24f66b0c48bce6ab48bf1","ssdeep":"1536:QLZxtWoLZxtWzKw/QcYLEJMbqp3uZXCNnvoqFoTTiALH6Jm2cEG:QVBVpw/Xufbq1uZXCQTTRLHvbEG","tlshash":"9563f13e6b49af33f4c757b468f8dbd1e3014ed85a7310a5798c29923b31692cb4d582","first_seen":"2025-09-02T18:27:26.477089Z","last_seen":"2026-05-24T21:20:22.523215Z","times_seen":1389,"resource_available":false,"data":null}},"time_used":691,"timings":{"blocked":304,"dns":2,"connect":21,"send":0,"wait":50,"receive":2,"ssl":304},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSecyyKUCAIoj6hgADh8_4835ICYYJRREiiJMhFFKHZmVnf4L2ZZWb31nYFRAoR1RUUQMPedxc7gQiFml_RBYooEhJHwwnihr8AIUXQoXUsGSpe8b33vm-L7719c3lY7BIfBZ2deV1vyTSli2HLaT6zKhXXpW2eOt90nZZzrLkqVTs41tyowfRfcP2g5TzbfFWwdb3oOa7juI7bXJFGJHpjcU-FzG5EbityWoHXcsMAG-a_vS3mYOkceH-XPAbJp4_8nlyAZBOo3s3jwq7nOnv-lV6R0lwb9PnOG2pd6VKhd1AmpoFE7ex_DW2nhHw0B6129ieA7o_rCRDLKZl74h5itbNvE3H_6gOncQqhEPOHUfYnEOkEkk7A9CVI_hMBGMep01C97VPalHTzgUprdUrm7_8JWU7J_L3HoXpfLKdyo3lOp0UutbLYSCrIjQnk2gRZMUG-1YAsb4Pl70HyH8ni_ZNQvfFpm2pIPjtKExElUSdciMIoWAj8hC5EHVcs-IlL4yXPbXthtLcimUxA7SEUtoFCNlAkDRRZAz0-awZOJ2Au9dtJxNmSE9Ag4CJ2oo7nODRiSyhY7X2APBuApQMwc3k74918vT_OTSHGhWJ26F57QAXRHrldk0E0dG8Ub2apF7b9IPSCoTs7qlLBeNIJRRzz2A_8Trst3A4PufDidsK9wAui6xfCKHB9172IzLx7jftLwo9ZMIyxLgcwxS3YbgXLG7A5QZ9XKAVBaQlKSlBKgjInKPvVVZ5az1bbPLVF7O5nbz_71Ujna0N6VedrQhFQM4Dh1Vhmb9tLYPmh0VZi-UjXQOO8GtGYV8Nslzxa_8rG-0__hnUxa_7fMLCygrRzoLaBLTklKz__hUxOyVM37yCmt2HT22DyEGjhgpYVaLfClpo92RVd0S3iBcps4Xp-K9vMu1pRtVl2hREtpnvgukKWzyPfbAzTXXJkdPb88q29Q7v4y1cQ7C7ZDzBTITMV3pLfE6ylV0ZndUnGZ3VpyZens1z25Batj_BcTnPx0Gevic1SG37iuB1cf4nVQl3eOC9sfpIqLtWaJZ8vS86FWdGGCfLNCbsq4jOF7S4XRhXZyTMvr5zoZUZYK7WagMopOfzHB2BySo58--neAwuf-xUsewc2O_BpNUGcNZBKglQc8DSuYP_Vxwf10F7BmpkHzS9B9Sr0TYV-WoGmA9ji8CjPzN0X73xcxyeI0_lRnJr5cZya9MO9PdXwXQ0_1PA1rJw1E194zHE6S23X7yTC9QPOkrATRLxNHd8XyO1Urvy9-k8AAAD__0Irqb8SBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.247Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSecyyKUCAIoj6hgADh8_4835ICYYJRREiiJMhFFKHZmVnf4L2ZZWb31nYFRAoR1RUUQMPedxc7gQiFml_RBYooEhJHwwnihr8AIUXQoXUsGSpe8b33vm-L7719c3lY7BIfBZ2deV1vyTSli2HLaT6zKhXXpW2eOt90nZZzrLkqVTs41tyowfRfcP2g5TzbfFWwdb3oOa7juI7bXJFGJHpjcU-FzG5EbityWoHXcsMAG-a_vS3mYOkceH-XPAbJp4_8nlyAZBOo3s3jwq7nOnv-lV6R0lwb9PnOG2pd6VKhd1AmpoFE7ex_DW2nhHw0B6129ieA7o_rCRDLKZl74h5itbNvE3H_6gOncQqhEPOHUfYnEOkEkk7A9CVI_hMBGMep01C97VPalHTzgUprdUrm7_8JWU7J_L3HoXpfLKdyo3lOp0UutbLYSCrIjQnk2gRZMUG-1YAsb4Pl70HyH8ni_ZNQvfFpm2pIPjtKExElUSdciMIoWAj8hC5EHVcs-IlL4yXPbXthtLcimUxA7SEUtoFCNlAkDRRZAz0-awZOJ2Au9dtJxNmSE9Ag4CJ2oo7nODRiSyhY7X2APBuApQMwc3k74918vT_OTSHGhWJ26F57QAXRHrldk0E0dG8Ub2apF7b9IPSCoTs7qlLBeNIJRRzz2A_8Trst3A4PufDidsK9wAui6xfCKHB9172IzLx7jftLwo9ZMIyxLgcwxS3YbgXLG7A5QZ9XKAVBaQlKSlBKgjInKPvVVZ5az1bbPLVF7O5nbz_71Ujna0N6VedrQhFQM4Dh1Vhmb9tLYPmh0VZi-UjXQOO8GtGYV8Nslzxa_8rG-0__hnUxa_7fMLCygrRzoLaBLTklKz__hUxOyVM37yCmt2HT22DyEGjhgpYVaLfClpo92RVd0S3iBcps4Xp-K9vMu1pRtVl2hREtpnvgukKWzyPfbAzTXXJkdPb88q29Q7v4y1cQ7C7ZDzBTITMV3pLfE6ylV0ZndUnGZ3VpyZens1z25Batj_BcTnPx0Gevic1SG37iuB1cf4nVQl3eOC9sfpIqLtWaJZ8vS86FWdGGCfLNCbsq4jOF7S4XRhXZyTMvr5zoZUZYK7WagMopOfzHB2BySo58--neAwuf-xUsewc2O_BpNUGcNZBKglQc8DSuYP_Vxwf10F7BmpkHzS9B9Sr0TYV-WoGmA9ji8CjPzN0X73xcxyeI0_lRnJr5cZya9MO9PdXwXQ0_1PA1rJw1E194zHE6S23X7yTC9QPOkrATRLxNHd8XyO1Urvy9-k8AAAD__0Irqb8SBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a5eeb05ed29986b88beee0f00b7589e5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":377,"timings":{"blocked":278,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRidc04UoUAQRH1CAQHC5_1151tSIEwwighJlAS5iCI0OzPrG7w3s8zs3tqugEghorqCAmjYe3exE4hQqPkVnaGIIiFxNJyUuOEvQEgRdGhtS4aKKd5833tbvO_tN1eH-S7xkdPZuTf1pkwSutBqOo3nVqTiurCNMxcbrtN0TjRWpGoHJxrrFZj-S64fNJ3nG68LtqYXPMd1HNdxG8vSiFivL-ypkOmt0G2GTjPwmm4rwLr5b2_zOVg6B97fJU9A8uljv8eXINkEqnf7pLBrmU5ffK2XJzTTBn2-_ZZaU7pQ6B2WsakhVtsHX0PbKSGfzEGr7YMJoPvjagJEckrmnnqASG0f2ETUv77vNEogFCL-KIr-BCKZQNIJmL4CyX8hAOM4cxaqt3VGm4Ju7Ku0Uqek_vBPyGJK6g-ehOp9tZTI9cYFneSZ1MpiPS4h1yeQqxOk-QTZZg2y2AHLPoDkP5OFh6eheuOzNtGQfHacxiKMw05rPmyFwXzgx3Q-7Lhi3o9dGi16bttrhXsRyXgCao8gtzXksoY8riFPa-jxWSNwOgFzqd-OQ84WnYAGAReRE3Y8x6EhW0TOKu8DZOkALBmAmauz4yoRjMedlogiHvmB32m3hdvhLS68qB1zL_CC8OalVhi4vute3kp5N1vrjzOTi3GumB26N_apINwjtyoyCIfurfztNPFabT9oecHQRWrev8H9ReFHLBhGWJMDmPwObLeE5TXYjKDPSxSCoLAEBSUoJEGRERT98jpPrGfLLZ7YPHIPbu_g9suRzlaH9LrOVoUioGYAw8uxTN-1V8CyI6PN2PKRroBGWTmiES-H6S55vPqVtQ-fvY81MWv8XwqwsoS0c6C2hk05Jcu__oVUTskzt-8iojuwyQ6YPAKau6BFCdotsalmT3dFV3TzaJ4ym7ue30w3sq5WVG0UXWFEk-keuC6RZnVkG7VhskuOjc5fXLqzt2iXf_sWgt0jBwfMlEhNiXfkjwSrybXReV2Q8XldWPL12TSTPblJqyW8kNFMPPLFG2Kj0IafOmkHN19hlVCVty4Km52miku1asmXS5JzYZa1YYJ8d8quiOhcbrtLuVF5evrcq8uneqkR1kqtJqBySo7-8RGYnJJj33--98BaL9wHS9-DTQ99Wk0QpXUkkiARhzyNSth_9dFhPbTXsGrqoNkVqF6JvinRT0rQZACbHx1lqbn38t1Pq_MZoqQ-ihJTH0eJST6ucvqmgh8q-Gk_NitnjdgXHnOczmLb9TuxcP2As7jVCULepo7vC2R2Kpf_XvknAAD__1J4YEoSBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRidc04UoUAQRH1CAQHC5_1151tSIEwwighJlAS5iCI0OzPrG7w3s8zs3tqugEghorqCAmjYe3exE4hQqPkVnaGIIiFxNJyUuOEvQEgRdGhtS4aKKd5833tbvO_tN1eH-S7xkdPZuTf1pkwSutBqOo3nVqTiurCNMxcbrtN0TjRWpGoHJxrrFZj-S64fNJ3nG68LtqYXPMd1HNdxG8vSiFivL-ypkOmt0G2GTjPwmm4rwLr5b2_zOVg6B97fJU9A8uljv8eXINkEqnf7pLBrmU5ffK2XJzTTBn2-_ZZaU7pQ6B2WsakhVtsHX0PbKSGfzEGr7YMJoPvjagJEckrmnnqASG0f2ETUv77vNEogFCL-KIr-BCKZQNIJmL4CyX8hAOM4cxaqt3VGm4Ju7Ku0Uqek_vBPyGJK6g-ehOp9tZTI9cYFneSZ1MpiPS4h1yeQqxOk-QTZZg2y2AHLPoDkP5OFh6eheuOzNtGQfHacxiKMw05rPmyFwXzgx3Q-7Lhi3o9dGi16bttrhXsRyXgCao8gtzXksoY8riFPa-jxWSNwOgFzqd-OQ84WnYAGAReRE3Y8x6EhW0TOKu8DZOkALBmAmauz4yoRjMedlogiHvmB32m3hdvhLS68qB1zL_CC8OalVhi4vute3kp5N1vrjzOTi3GumB26N_apINwjtyoyCIfurfztNPFabT9oecHQRWrev8H9ReFHLBhGWJMDmPwObLeE5TXYjKDPSxSCoLAEBSUoJEGRERT98jpPrGfLLZ7YPHIPbu_g9suRzlaH9LrOVoUioGYAw8uxTN-1V8CyI6PN2PKRroBGWTmiES-H6S55vPqVtQ-fvY81MWv8XwqwsoS0c6C2hk05Jcu__oVUTskzt-8iojuwyQ6YPAKau6BFCdotsalmT3dFV3TzaJ4ym7ue30w3sq5WVG0UXWFEk-keuC6RZnVkG7VhskuOjc5fXLqzt2iXf_sWgt0jBwfMlEhNiXfkjwSrybXReV2Q8XldWPL12TSTPblJqyW8kNFMPPLFG2Kj0IafOmkHN19hlVCVty4Km52miku1asmXS5JzYZa1YYJ8d8quiOhcbrtLuVF5evrcq8uneqkR1kqtJqBySo7-8RGYnJJj33--98BaL9wHS9-DTQ99Wk0QpXUkkiARhzyNSth_9dFhPbTXsGrqoNkVqF6JvinRT0rQZACbHx1lqbn38t1Pq_MZoqQ-ihJTH0eJST6ucvqmgh8q-Gk_NitnjdgXHnOczmLb9TuxcP2As7jVCULepo7vC2R2Kpf_XvknAAD__1J4YEoSBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e8cd88d0aa70c1f04b7fc975f037b731\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":409,"timings":{"blocked":312,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.show-sb.com/sb/notifications/utility/default/robot/2/index.html","fqdn":"cdn.show-sb.com","domain":"show-sb.com","tld":"com"},"ip":{"addr":"104.21.95.140","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.334Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"show-sb.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 06 Dec 2025 18:32:18 GMT","end":"Fri, 06 Mar 2026 19:30:50 GMT"},"fingerprint":{"sha1":"9A:CB:17:6D:8B:24:6D:0F:99:B5:FD:4A:00:CB:D3:DE:2B:8E:84:93","sha256":"3B:72:94:40:4C:CD:DE:97:5A:DF:6C:E1:90:81:0D:BF:33:9E:10:3C:16:3A:61:15:FF:65:B0:6B:5D:34:32:21"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/index.html HTTP/1.1\r\nHost: cdn.show-sb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:07 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PbtFL%2FArQKZHr0m6ed7tbTj0WYCVQC%2FOGOoVzGzGQxzo%2BUNHP4akm134jE5lfalueTFPx4n26WZwX224wJbLCXF1KAPOKPzENR6zjeA%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9b118e082df3712b-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":1331,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text","md5":"6d925fca1f3623368e2c47f8ac18ea89","sha1":"3dc674f220a7ad1fa502fdd4bf353f836ece2c75","sha256":"34c0988a0d6428e37eab062e19df5661d32e9f8d11704ba50f78cdc430299712","sha512":"380f03a62b612643a9e5c252357c2bba326dd657460a03a292ad1a01e888d9390a5fc107f3cde290e3a011a1608f2253e0496703b1d474e4bf098dfa94802aca","ssdeep":"","tlshash":"7f214b4e3dadd57215c391563b702f6aa88ad6cfd90b9440b3fc4d508bd6b81cd43207","first_seen":"2025-07-06T07:29:12.190766Z","last_seen":"2026-06-14T21:26:13.849568Z","times_seen":1169,"resource_available":false,"data":null}},"time_used":168,"timings":{"blocked":9,"dns":5,"connect":1,"send":0,"wait":129,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"cdn.show-sb.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"18.194.59.7","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.240Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4:3:1; expires=Tue, 18 Dec 2035 19:30:31 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"5c28b9f530e20669482a107315710a76","sha1":"7e8a71780d0a4825db01f2f135bf6162c81b45ff","sha256":"9d14a1b01e110c4847dbf07d6163f59d75045f82143fc9e3d1068d4b49db065a","sha512":"0340bd00489e3d437d9b711ff94ab417d9271dee005c76018b68163deb4157ca287da9a06a4d3876b84e44f9dbfd6fb8e6a69f93b6c46b148015e2ca54d3e479","ssdeep":"","tlshash":"3a90047c30051c344d4c45c34f1154075c3151f34c11c3774145dfc110500537dc7443","first_seen":"2025-12-20T19:31:04.604565Z","last_seen":"2025-12-20T19:31:04.604565Z","times_seen":1,"resource_available":false,"data":null}},"time_used":251,"timings":{"blocked":22,"dns":2,"connect":39,"send":0,"wait":22,"receive":0,"ssl":164},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_1RSwWskxReuzs5pf4cfrovnQVAUdNI93ZmdcQ-LcU0IxiRmIwFlD9Vd1TNlerraqurpyXgJBnSPc_CgnjrfJBtdl2X9A8Qw0cMSUGxBDbgB8U8QlvUmPTsQfVDvfa--Orzve_XRXnpGXKT0dO1NORBRRGfnanb1hU0RM5np6spG1bFr9tXqpogb3tVqv0yq94rjejX7xeoiD7bkbN12bNuxneqCUDyU_dkJC5HcbTm1ll3z6jVnzkNf_bfXqQVNLbDeGbkEwYr__xm-CxGMEXfvX-d6y8jkpde7aUSNVOixw7fjrVhmMbrnMFQWwvhw-hpSF4R8OgMZH04VQPb2SwXwRUFmnnkIPz6cjgm_d_BkUj8Cj-Gz_yHrjcGjMQQdI5C7EOwnAgQMK6uIu7dXpMro9hOWlmxBKo_-gsgKUnl4GXH33nwk-tUbMkqNkLFGP8wh-mOI9hhJegwzsCCyYwTmQwj2A5l9tIy4u7-qIwnB8ol6EY5BtYW0PMJCGlpIEwtddlr17KYXONRthC0WXLE96nmM-3arWbdt2gquIA3KsYYwyRBBNESgdpCoHWyJIVR6BN3JoZkFbQpivbWDHsuRcYJME2SUIBMEmSHIevkBi3Rd57dZpFPfmdb6tLr5SJr2Hj2Qps1jAqqGUCzfF8n7eheBuTAahJqNZJmob_IR9Vm-l5yRp0rXrI-f_x1b_LTKwuYc933mu57bbDS402RzjNf9RsjqXt1rQYscQs9MDBmIgiz8_BiJKMhz9x_Ap8fQ0TECcQE0dUCzHLSTYxCfPtvhHd5J_ZdpoFOn7taSbdORMY23sw5XvBbILpjMkZgKzLa1F52Rp0frG_NHk52-88U18ODkmhn8sXjv8gcIVI5E5XhPfEfQjm6N1mVG9tdlpsnXq4kRXTGg5b5vGGr4hTtv8O1MKrZ0XQ-_fDUoiRLe3eDaLNOYibityVfzgjGuFqQKOPlmSW9yfy3VnflUxWmyvPbawlI3UVxrIeMxqCjIxaM7CERBLv26O_nL7uJjBMkOdHJCpgEtCfxkBpEgiPj5PfVz6H_1_jne07fQVhVQs4u4m6OncvSiHDQaQqcXRyZRJ9cefFbG5_CjysiPVGXfj1T0SUFu_vbtxKwSfV-Qm7_8CC1Oq6HL64FtN680HLcZcsf1WBDONb0Wa1DbdTmMLsTC35v_BAAA__-HzrApfQQAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.050Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSwWskxReuzs5pf4cfrovnQVAUdNI93ZmdcQ-LcU0IxiRmIwFlD9Vd1TNlerraqurpyXgJBnSPc_CgnjrfJBtdl2X9A8Qw0cMSUGxBDbgB8U8QlvUmPTsQfVDvfa--Orzve_XRXnpGXKT0dO1NORBRRGfnanb1hU0RM5np6spG1bFr9tXqpogb3tVqv0yq94rjejX7xeoiD7bkbN12bNuxneqCUDyU_dkJC5HcbTm1ll3z6jVnzkNf_bfXqQVNLbDeGbkEwYr__xm-CxGMEXfvX-d6y8jkpde7aUSNVOixw7fjrVhmMbrnMFQWwvhw-hpSF4R8OgMZH04VQPb2SwXwRUFmnnkIPz6cjgm_d_BkUj8Cj-Gz_yHrjcGjMQQdI5C7EOwnAgQMK6uIu7dXpMro9hOWlmxBKo_-gsgKUnl4GXH33nwk-tUbMkqNkLFGP8wh-mOI9hhJegwzsCCyYwTmQwj2A5l9tIy4u7-qIwnB8ol6EY5BtYW0PMJCGlpIEwtddlr17KYXONRthC0WXLE96nmM-3arWbdt2gquIA3KsYYwyRBBNESgdpCoHWyJIVR6BN3JoZkFbQpivbWDHsuRcYJME2SUIBMEmSHIevkBi3Rd57dZpFPfmdb6tLr5SJr2Hj2Qps1jAqqGUCzfF8n7eheBuTAahJqNZJmob_IR9Vm-l5yRp0rXrI-f_x1b_LTKwuYc933mu57bbDS402RzjNf9RsjqXt1rQYscQs9MDBmIgiz8_BiJKMhz9x_Ap8fQ0TECcQE0dUCzHLSTYxCfPtvhHd5J_ZdpoFOn7taSbdORMY23sw5XvBbILpjMkZgKzLa1F52Rp0frG_NHk52-88U18ODkmhn8sXjv8gcIVI5E5XhPfEfQjm6N1mVG9tdlpsnXq4kRXTGg5b5vGGr4hTtv8O1MKrZ0XQ-_fDUoiRLe3eDaLNOYibityVfzgjGuFqQKOPlmSW9yfy3VnflUxWmyvPbawlI3UVxrIeMxqCjIxaM7CERBLv26O_nL7uJjBMkOdHJCpgEtCfxkBpEgiPj5PfVz6H_1_jne07fQVhVQs4u4m6OncvSiHDQaQqcXRyZRJ9cefFbG5_CjysiPVGXfj1T0SUFu_vbtxKwSfV-Qm7_8CC1Oq6HL64FtN680HLcZcsf1WBDONb0Wa1DbdTmMLsTC35v_BAAA__-HzrApfQQAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+78b49f59e2af85769b819aa98201013f=5941311; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\niprc_l:5941311=1; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dff5b27a98b2215c977a1114e899c8cf\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":179,"timings":{"blocked":84,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRit2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6eqreqe3t2TGojB0xw8qBd73kx2Ew0S7_6Is15CQHC8OGAWxL9AhKA36c3C6sk6vPq-9_rwvtdfXRkWu8RHQWdnXtebMk3pYthyms9ckIrr0jZPnW-6Tss51rwgVTs41lyvwfRfcP2g5TzbfFXEa3rRc1zHcR23uSKNSPT64p4Kmd2M3FbktAKv5YYB1s1_e1vMwdI58P4ueQySTx_5PbkIGU-gereOC7uW6-z5V3pFSnNt0Ofbb6g1pUuF3kGZmAYStb3_NbSdEvLxHLTa3p8Auj-uJwCTUzL3xD0wtb1vE6x_7YFTlkIoMP4wyv4EIp1A0glifRmS_0SAmOPUaaje1iltSrrxQKW1OiXz9_-ELKdk_t7jUL0vl1O53jyn0yKXWlmsJxXk-gRydYKsmCDfbECWO4jz9yH5j2Tx_kmo3vi0TTUknx2liYiSqBMuRGEULAR-QheijisW_MSlbMlz214Y7UUkkwmoPYTCNlDIBoqkgSJroMdnzcDpBLFL_XYS8XjJCWgQcMGcqOM5Do3iJRRx7X2APBsgTgeIzZXZUZWKmCedUDDGmR_4nXZbuB0ecuGxdsK9wAuiGxfDKHB91720lfFuvtYf56YQ40LFduhef0AF0R65VZNBNHRvFm9lqRe2_SD0gqGLzLx3nftLwmdxMGRYkwOY4jZst4LlDdicoM8rlIKgtAQlJSglQZkTlP3qGk-tZ6stntqCufu3t3_71Ujnq0N6TeerQhFQM4Dh1Vhm79jLiPNDo83E8pGugbK8GlHGq2G2Sx6tf2Xjg6d_xZqYNf8vBVhZQdo5UNvAppySlZ__Qian5Klbd8DoDmy6g1geAi1c0LIC7VbYVLMnu6IrugVboLEtXM9vZRt5VyuqNsquMKIV6x64rpDl88g3GsN0lxwZnT2_fHtv0S798j1EfJfsH8SmQmYqvC1_IFhNr47O6pKMz-rSkq9OZ7nsyU1aL-G5nObioc9fExulNvzEcTu48VJcC3V587yw-UmquFSrlnyxLDkXZkWbWJBvTtgLgp0pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PkQsp-TIt5_tPbDwud8QZ-_CZgc-rSZg2RxSSZCKA56yCvZfPTuoh_YqVs08aH4Zqlehbyr00wo0HcAWh0d5Zu6-eOeT-nwKls6PWGrmxyw16Ud1Tt_thVXD1zXswMpZM_SY3-502iJp88TnvufzKHREFNCoHURBiNxO5crfb_4TAAD__7AMYkcSBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.311Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRit2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6eqreqe3t2TGojB0xw8qBd73kx2Ew0S7_6Is15CQHC8OGAWxL9AhKA36c3C6sk6vPq-9_rwvtdfXRkWu8RHQWdnXtebMk3pYthyms9ckIrr0jZPnW-6Tss51rwgVTs41lyvwfRfcP2g5TzbfFXEa3rRc1zHcR23uSKNSPT64p4Kmd2M3FbktAKv5YYB1s1_e1vMwdI58P4ueQySTx_5PbkIGU-gereOC7uW6-z5V3pFSnNt0Ofbb6g1pUuF3kGZmAYStb3_NbSdEvLxHLTa3p8Auj-uJwCTUzL3xD0wtb1vE6x_7YFTlkIoMP4wyv4EIp1A0glifRmS_0SAmOPUaaje1iltSrrxQKW1OiXz9_-ELKdk_t7jUL0vl1O53jyn0yKXWlmsJxXk-gRydYKsmCDfbECWO4jz9yH5j2Tx_kmo3vi0TTUknx2liYiSqBMuRGEULAR-QheijisW_MSlbMlz214Y7UUkkwmoPYTCNlDIBoqkgSJroMdnzcDpBLFL_XYS8XjJCWgQcMGcqOM5Do3iJRRx7X2APBsgTgeIzZXZUZWKmCedUDDGmR_4nXZbuB0ecuGxdsK9wAuiGxfDKHB91720lfFuvtYf56YQ40LFduhef0AF0R65VZNBNHRvFm9lqRe2_SD0gqGLzLx3nftLwmdxMGRYkwOY4jZst4LlDdicoM8rlIKgtAQlJSglQZkTlP3qGk-tZ6stntqCufu3t3_71Ujnq0N6TeerQhFQM4Dh1Vhm79jLiPNDo83E8pGugbK8GlHGq2G2Sx6tf2Xjg6d_xZqYNf8vBVhZQdo5UNvAppySlZ__Qian5Klbd8DoDmy6g1geAi1c0LIC7VbYVLMnu6IrugVboLEtXM9vZRt5VyuqNsquMKIV6x64rpDl88g3GsN0lxwZnT2_fHtv0S798j1EfJfsH8SmQmYqvC1_IFhNr47O6pKMz-rSkq9OZ7nsyU1aL-G5nObioc9fExulNvzEcTu48VJcC3V587yw-UmquFSrlnyxLDkXZkWbWJBvTtgLgp0pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PkQsp-TIt5_tPbDwud8QZ-_CZgc-rSZg2RxSSZCKA56yCvZfPTuoh_YqVs08aH4Zqlehbyr00wo0HcAWh0d5Zu6-eOeT-nwKls6PWGrmxyw16Ud1Tt_thVXD1zXswMpZM_SY3-502iJp88TnvufzKHREFNCoHURBiNxO5crfb_4TAAD__7AMYkcSBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 33cdae118ebf46d307f9bb259632f98b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":388,"timings":{"blocked":290,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/js/jquery.min.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/js/jquery.min.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=b79DNY%2FrbCWqiilV6zdz8RRREssjiumEaNmMuTdbW%2Fxk8p59aWe5srCPvxW7tFrk2q7LJyYe6uITM5cuoXenCaHcK1zV0p4EQ7ANGU%2Bi\"}]}\r\nage: 2740658\r\ncf-cache-status: HIT\r\netag: W/\"67f54bce-149a0\"\r\ncontent-encoding: br\r\ncf-ray: 9b118e0b5cb9b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":84384,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators","md5":"6326c600df01e3bfb9b40e1aa08176f8","sha1":"6b4fb754d29b297b539bf62ba9b4eaf0f33f314a","sha256":"df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3","sha512":"641aaeecb9b89bcc319cabfef18f76faa9b1ba79f9de30c6d07f22d385fc78ac3f11a718fe9ec96f8a13d82e3dff4ca34944ccb449a4ef8e378ad65dfad581c0","ssdeep":"1536:oP10iSi65U/dXXeyhzeBuG+HYE0mdDuJO1z6Oy4sh3J1x72BjmN7TwpDKba98Hri:f+41hJiz6fhdlTqya98Hri","tlshash":"eb83d6d9b2c67062977734b851bf510bb17a98dab40c8c60f0a4d8e47eb4a8d517bf2c","first_seen":"2023-03-07T01:10:11Z","last_seen":"2026-06-16T16:39:37.706311Z","times_seen":12163,"resource_available":true,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":7,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fjs%2Fscript.js\u0026l=6717\u0026fd=19","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:33.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fjs%2Fscript.js\u0026l=6717\u0026fd=19 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: uid_id2=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25634495=1; slece02ee106ac9f7f9a067c81c19bdc3c60=[6308900]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:33 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"raw.githubusercontent.com/acsu123/HohoV2/refs/heads/main/BloxFruit/keysystem/hoho_logo.png","fqdn":"raw.githubusercontent.com","domain":"raw.githubusercontent.com","tld":"githubusercontent.com"},"ip":{"addr":"185.199.109.133","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:33.323Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.github.io","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sat, 07 Mar 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8C:FF:59:E5:8E:C4:FA:76:FE:AF:2D:C5:C0:D4:13:6A:77:2D:F9:91","sha256":"7D:11:22:EA:96:98:52:34:1E:8D:D9:2B:CC:0C:7E:CC:00:96:30:D1:4D:A7:34:D7:CA:42:D5:B5:4A:2B:20:97"}}},"request":{"raw":"GET /acsu123/HohoV2/refs/heads/main/BloxFruit/keysystem/hoho_logo.png HTTP/1.1\r\nHost: raw.githubusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: max-age=300\r\ncontent-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox\r\ncontent-type: image/png\r\netag: W/\"f18e3dc65e0f4879cccac9d86a23ccbdd607e9e6eeef1803c8894e364605ffe5\"\r\nstrict-transport-security: max-age=31536000\r\nx-content-type-options: nosniff\r\nx-frame-options: deny\r\nx-xss-protection: 1; mode=block\r\nx-github-request-id: B527:2219E4:E105D8:1021045:6946F958\r\naccept-ranges: bytes\r\ndate: Sat, 20 Dec 2025 19:30:33 GMT\r\nvia: 1.1 varnish\r\nx-served-by: cache-hel1410030-HEL\r\nx-cache: MISS\r\nx-cache-hits: 0\r\nx-timer: S1766259033.369206,VS0,VE144\r\nvary: Authorization,Accept-Encoding\r\naccess-control-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\nx-fastly-request-id: 1d076bffa31a617c289d69096523ebb6fd152a1a\r\nexpires: Sat, 20 Dec 2025 19:35:33 GMT\r\nsource-age: 0\r\ncontent-length: 255904\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Fastly","description":"Fastly is a cloud computing services provider. Fastly's cloud platform provides a content delivery network, Internet security services, load balancing, and video \u0026 streaming services.","website":"https://www.fastly.com","common_platform_enumeration":"","icon":"Fastly.svg","categories":["CDN"]},{"name":"GitHub Pages","description":"GitHub Pages is a static site hosting service.","website":"https://pages.github.com/","common_platform_enumeration":"","icon":"GitHub.svg","categories":["PaaS"]},{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]}],"data":{"size":255904,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1200 x 1200, 8-bit/color RGBA, non-interlaced","md5":"8ba909a09c30969f204c1bfcdd1cab49","sha1":"aeb419cb528b9ffcc6bfc4bc4ab46d3fa126d99f","sha256":"66a48528c0a680cdd87aa839f634969b3a890b9e429bf66d72aa02cc613dd31b","sha512":"114f8891bcadd83f265f6d57a72091b9b62fa419b2c75fb6fb18f410600f4a0ec178e03e3dd282ef7c66e196c0f3c494b666ca36840ceac52879f2d055844999","ssdeep":"6144:++Gcr/cXFaFoMwHiX3frLsn+cdFnesu6QSTxn1l:+FckeoMwWzILFnet2V1l","tlshash":"2844022e9b8a9db3df5ccf57252781408a9f273b1e2d160113863bf17dbba845b2160d","first_seen":"2025-06-21T22:31:54.690206Z","last_seen":"2026-03-08T12:40:28.635206Z","times_seen":8,"resource_available":false,"data":null}},"time_used":245,"timings":{"blocked":0,"dns":2,"connect":13,"send":0,"wait":157,"receive":47,"ssl":25},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbs?c=1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:33.735Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /pixel/sbs?c=1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: uid_id2=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25634495=1; slece02ee106ac9f7f9a067c81c19bdc3c60=[6308900]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:33 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"18.194.59.7","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=0462ba9b-e333-4241-897c-6fc1638e041e:1:1; expires=Tue, 18 Dec 2035 19:30:31 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"6b4b577937c8815fa1faf8e03f3ecea1","sha1":"f74820660d0a2e3203119b730d13b2d3d218e322","sha256":"1fc655012660897693a9f0d58affe6eb0fc725e8a216fd5629a1744d5d0d7a31","sha512":"52ef3d23f73b218492f33894f475d2707e134c8a18519f519c7110effb5f36f991b9efc5293acf1db1e9febe9ea2b7f09217f9090fb52da236bf3db9d85d32d1","ssdeep":"","tlshash":"58900454701313550170155111177f53105714550f005f50133c540f10430d13770357","first_seen":"2025-12-20T19:31:04.616904Z","last_seen":"2025-12-20T19:31:04.616904Z","times_seen":1,"resource_available":false,"data":null}},"time_used":315,"timings":{"blocked":149,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":143},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2V08xINoxPMgUVTc2f41s9PmIK5xJRiTkEQihCDVVdU75fZUtVXd07t7UgMxeJqDB_VizzeT3USDxKOIGma9hIDgeHHArAf_AhGC3qR3B1ZPvsP33quveHzv1aurg3yP-Mjp9OzreksmCV1qNpz6Mxel4rqw9dMX6q7TcI7XL0rVCo7XNyowvRdcP2g4z9ZfFWxdL3mO6ziu49ZXpRGx3ljaZyHTW6HbCJ1G4DXcZoAN89_c5nOwdA68t0ceg-STR36PL0GyMVT39glh1zOdPv9KN09opg16fOcNta50odA9DGNTQ6x2Zreh7YSQj-eg1c6sA-jeqOoAkZyQuSfuI1I7M5mIetcPlEYJhELEH0bRG0MkY0g6BtNXIPlPBGAcp89AdbdPa1PQzQOWVuyELDz4E7KYkIX7j0N1v1xJ5Eb9vE7yTGplsRGXkBtjyLUx0nyMbKsGWeyCZe9D8h_J0oNTUN3RGZtoSD49RmMRxmG7uRg2w2Ax8GO6GLZdsejHLo2WPbflNcP9Ecl4DGrnkdsacllDHteQpzV0-bQeOO2AudRvxSFny05Ag4CLyAnbnuPQkC0jZ5X2PrK0D5b0wczVGynvZOu9IBxlJhfbuWI2CAfurfytNPGaLT9oesHAnR5TiWA8bjdFFPHID_x2qyXcNm9y4UWtmHuBF4Q3LzXDwPVd9_L2QdX9mqOq5sBFat67wf1l4UcsGERYl32Y_A5sp4TlNdiMoMdLFIKgsAQFJSgkQZERFL3yOk-sZ8ttntg8cmfem3m_HOpsbUCv62xNKAJq-jC8HMn0HXsFLJsfbsWWD3UFNMrKIY14OUj3yKPVU9Y-ePpXrItp_f_6g5UlpJ0DtTVsyQlZ_fkvpHJCnrp9FxHdhU12weQ8aO6CFiVop8SWmj7ZER3RyaNFymzuen4j3cw6WlG1WXSEEQ2mu-C6RJotINusDZI9cnR47sLKnf1Fu_zL9xDsHpkZmCmRmhJvyx8I1pJrw3O6IKNzurDkqzNpJrtyi1ZLeD6jmXjo89fEZqENP3nC9m--xCqiCm9dEDY7RRWXas2SL1Yk58KsasME-fakvSiis7ntrORG5empsy-vnuymRlgrtRqDygk58seHYHJCjn732f4Haz73G1j6Lmx6qNNqgiidRyIJEnF4TqMS9l95dBgP7DWsmQXQ7ApUt0TPlOglJWjSh82PDLPU3Hvx7ieVfYooWRhGiVkYRYlJPqrm9E0Fu_sTq-BrWDmtx77wmOO0l1uu346F6wecxc12EPIWdXxfILMTufr3m_8EAAD__7Vbo6ASBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.330Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2V08xINoxPMgUVTc2f41s9PmIK5xJRiTkEQihCDVVdU75fZUtVXd07t7UgMxeJqDB_VizzeT3USDxKOIGma9hIDgeHHArAf_AhGC3qR3B1ZPvsP33quveHzv1aurg3yP-Mjp9OzreksmCV1qNpz6Mxel4rqw9dMX6q7TcI7XL0rVCo7XNyowvRdcP2g4z9ZfFWxdL3mO6ziu49ZXpRGx3ljaZyHTW6HbCJ1G4DXcZoAN89_c5nOwdA68t0ceg-STR36PL0GyMVT39glh1zOdPv9KN09opg16fOcNta50odA9DGNTQ6x2Zreh7YSQj-eg1c6sA-jeqOoAkZyQuSfuI1I7M5mIetcPlEYJhELEH0bRG0MkY0g6BtNXIPlPBGAcp89AdbdPa1PQzQOWVuyELDz4E7KYkIX7j0N1v1xJ5Eb9vE7yTGplsRGXkBtjyLUx0nyMbKsGWeyCZe9D8h_J0oNTUN3RGZtoSD49RmMRxmG7uRg2w2Ax8GO6GLZdsejHLo2WPbflNcP9Ecl4DGrnkdsacllDHteQpzV0-bQeOO2AudRvxSFny05Ag4CLyAnbnuPQkC0jZ5X2PrK0D5b0wczVGynvZOu9IBxlJhfbuWI2CAfurfytNPGaLT9oesHAnR5TiWA8bjdFFPHID_x2qyXcNm9y4UWtmHuBF4Q3LzXDwPVd9_L2QdX9mqOq5sBFat67wf1l4UcsGERYl32Y_A5sp4TlNdiMoMdLFIKgsAQFJSgkQZERFL3yOk-sZ8ttntg8cmfem3m_HOpsbUCv62xNKAJq-jC8HMn0HXsFLJsfbsWWD3UFNMrKIY14OUj3yKPVU9Y-ePpXrItp_f_6g5UlpJ0DtTVsyQlZ_fkvpHJCnrp9FxHdhU12weQ8aO6CFiVop8SWmj7ZER3RyaNFymzuen4j3cw6WlG1WXSEEQ2mu-C6RJotINusDZI9cnR47sLKnf1Fu_zL9xDsHpkZmCmRmhJvyx8I1pJrw3O6IKNzurDkqzNpJrtyi1ZLeD6jmXjo89fEZqENP3nC9m--xCqiCm9dEDY7RRWXas2SL1Yk58KsasME-fakvSiis7ntrORG5empsy-vnuymRlgrtRqDygk58seHYHJCjn732f4Haz73G1j6Lmx6qNNqgiidRyIJEnF4TqMS9l95dBgP7DWsmQXQ7ApUt0TPlOglJWjSh82PDLPU3Hvx7ieVfYooWRhGiVkYRYlJPqrm9E0Fu_sTq-BrWDmtx77wmOO0l1uu346F6wecxc12EPIWdXxfILMTufr3m_8EAAD__7Vbo6ASBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9b997cd744322181c25b71142d2f6002\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":642,"timings":{"blocked":493,"dns":0,"connect":93,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTz4scVRd9PWm-Rb6FaMR1I1FUnJ761T1dZiGOcSQYk5BEIoQgr957Nf2c6vfK96q6ZmalBmJw1QsX6sbq052ZRIPEpYgaetyEgGC7scHMxr9AhKA7qZmG0ZV3ce6959Ti3Fv3XRvme8RHTmfnXtdbMknoUqvpNJ65JBXXhW2cudhwnaZzonFJqnZworFRgem_4PpB03m28apg63rJc1zHcR23sSqNiPXG0r4Kmd4O3WboNAOv6bYCbJh_9zZfgKUL4P098hgknz7yW3wZkk2gendOCrue6fT5V3p5QjNt0Oc7b6h1pQuF3mEZmxpitTP_GtpOCfl4AVrtzCeA7o-rCRDJKVl44gEitTO3iah_48BplEAoRPz_KPoTiGQCSSdg-iok_4kAjOPMWaje9hltCrp5oNJKnZL6wz8giympP3gcqvflSiI3Ghd0kmdSK4uNuITcmECuTZDmE2RbNchiFyx7H5L_SJYenobqjc_aREPy2XEaizAOO63FsBUGi4Ef08Ww44pFP3ZptOy5ba8V7q9IxhNQewS5rSGXNeRxDXlaQ4_PGoHTCZhL_XYccrbsBDQIuIicsOM5Dg3ZMnJWeR8gSwdgyQDMXNtOeTdb748zk4txrpgdujcPqCDcJ7crMgiH7u38rTTxWm0_aHnB0J0dV4lgPO60RBTxyA_8Trst3A5vceFF7Zh7gReEty63wsD1XfcKUvPeTe4vCz9iwTDCuhzA5HdhuyUsr8FmBH1eohAEhSUoKEEhCYqMoOiXN3hiPVtu88TmkTvP3jz75Uhna0N6Q2drQhFQM4Dh5Vim79irYNmR0VZs-UhXQKOsHNGIl8N0jzxa_craB0__inUxa_zXMLCyhLQLoLaGLTklqz__iVROyVN37iGiu7DJLpg8Apq7oEUJ2i2xpWZPdkVXdPNokTKbu57fTDezrlZUbRZdYUST6R64LpFmdWSbtWGyR46Nzl9cubt_aFd--RqC3SfzADMlUlPibfkDwVpyfXReF2R8XheWfHU2zWRPbtHqCC9kNBP_-_w1sVlow0-dtINbL7FKqMrbF4XNTlPFpVqz5IsVybkwq9owQb49ZS-J6Fxuuyu5UXl6-tzLq6d6qRHWSq0moHJKjv7-IZickmPffbb_wFrPzcDSd2HTQ59WE0RpHYkkSMQhT6MS9h99dFgP7XWsmTpodhWqV6JvSvSTEjQZwOZHR1lq7r9475MqPkWU1EdRYurjKDHJR9Wevqlgt4LvD9Zm5awR-8JjjtNZbrt-JxauH3AWtzpByNvU8X2BzE7l6l9v_h0AAP__R5pwXBIFAAA=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.332Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTz4scVRd9PWm-Rb6FaMR1I1FUnJ761T1dZiGOcSQYk5BEIoQgr957Nf2c6vfK96q6ZmalBmJw1QsX6sbq052ZRIPEpYgaetyEgGC7scHMxr9AhKA7qZmG0ZV3ce6959Ti3Fv3XRvme8RHTmfnXtdbMknoUqvpNJ65JBXXhW2cudhwnaZzonFJqnZworFRgem_4PpB03m28apg63rJc1zHcR23sSqNiPXG0r4Kmd4O3WboNAOv6bYCbJh_9zZfgKUL4P098hgknz7yW3wZkk2gendOCrue6fT5V3p5QjNt0Oc7b6h1pQuF3mEZmxpitTP_GtpOCfl4AVrtzCeA7o-rCRDJKVl44gEitTO3iah_48BplEAoRPz_KPoTiGQCSSdg-iok_4kAjOPMWaje9hltCrp5oNJKnZL6wz8giympP3gcqvflSiI3Ghd0kmdSK4uNuITcmECuTZDmE2RbNchiFyx7H5L_SJYenobqjc_aREPy2XEaizAOO63FsBUGi4Ef08Ww44pFP3ZptOy5ba8V7q9IxhNQewS5rSGXNeRxDXlaQ4_PGoHTCZhL_XYccrbsBDQIuIicsOM5Dg3ZMnJWeR8gSwdgyQDMXNtOeTdb748zk4txrpgdujcPqCDcJ7crMgiH7u38rTTxWm0_aHnB0J0dV4lgPO60RBTxyA_8Trst3A5vceFF7Zh7gReEty63wsD1XfcKUvPeTe4vCz9iwTDCuhzA5HdhuyUsr8FmBH1eohAEhSUoKEEhCYqMoOiXN3hiPVtu88TmkTvP3jz75Uhna0N6Q2drQhFQM4Dh5Vim79irYNmR0VZs-UhXQKOsHNGIl8N0jzxa_craB0__inUxa_zXMLCyhLQLoLaGLTklqz__iVROyVN37iGiu7DJLpg8Apq7oEUJ2i2xpWZPdkVXdPNokTKbu57fTDezrlZUbRZdYUST6R64LpFmdWSbtWGyR46Nzl9cubt_aFd--RqC3SfzADMlUlPibfkDwVpyfXReF2R8XheWfHU2zWRPbtHqCC9kNBP_-_w1sVlow0-dtINbL7FKqMrbF4XNTlPFpVqz5IsVybkwq9owQb49ZS-J6Fxuuyu5UXl6-tzLq6d6qRHWSq0moHJKjv7-IZickmPffbb_wFrPzcDSd2HTQ59WE0RpHYkkSMQhT6MS9h99dFgP7XWsmTpodhWqV6JvSvSTEjQZwOZHR1lq7r9475MqPkWU1EdRYurjKDHJR9Wevqlgt4LvD9Zm5awR-8JjjtNZbrt-JxauH3AWtzpByNvU8X2BzE7l6l9v_h0AAP__R5pwXBIFAAA= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f473811a05f0c3d3156a366d9fd15d05\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":592,"timings":{"blocked":494,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=afe9f985-9594-43fa-981e-3f1ab7216259\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=e02ee106ac9f7f9a067c81c19bdc3c60\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.379Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:45 GMT","end":"Tue, 27 Jan 2026 22:02:44 GMT"},"fingerprint":{"sha1":"F7:0F:08:42:86:24:7C:1B:49:6E:E0:01:4D:B6:85:C3:51:09:E9:4B","sha256":"57:4B:E8:D9:F8:CD:FB:C3:56:16:42:88:21:1B:6A:B3:83:F2:4E:B5:2C:AC:2C:6B:0E:46:6B:15:51:D1:3D:17"}}},"request":{"raw":"GET /pxf.gif?uuid=afe9f985-9594-43fa-981e-3f1ab7216259\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=e02ee106ac9f7f9a067c81c19bdc3c60\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 0\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7a426fecfd94f0b62de834b74a659d2a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":682,"timings":{"blocked":290,"dns":6,"connect":91,"send":0,"wait":97,"receive":0,"ssl":189},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSuSYIXD6IRvXgY1ICCO1tVXf3LHMQ1rgRjEpJIBPFQP3fK7elqu7qnd-cUDGjAy3rz2Ptmk0UNEi_ehDDrRQKBnZzmkL34JwhBPUlvFlYf1Hvvq68O36v66qvt-gAFUPPF5Y_cxGYZXw4HuP_GdZsr1_j-xWt9ggf4bP-6zSN2tr_RpXL8NgnYAL_Z_0DLdbdMMcGYYNJftaU2bmP5kAVb3E3JIMUDRgckZLBR_h_7ugee90CND9ALYNX8uT_Mp2DlDPLRvXPar1eueOv9UZ3xypUwVrsf5-u5a3IYHbem7IHJd49Og_NzhL47AS7fPZoA3HinmwCEnaMTLz0Gke8eyQQxvv1UqchA5yDUs9CMZ6CzPbB8BtLdBKv2EYBUcPES5KM7F13Z8M2nLO_YOTr15E-wzRydevwi5KOfVjK70b_qsrqyLvewYVqwGzOwazMo6j2oJj2wzR7I6kuw6iFafnIB8tHOJZ85sGrxOmYRFTwVSzoIgiVGGVlK0lguRUaSKEg0ZkQfXpE1M-C-B3W3bA9q04O66MFILfoMJ0wSHkQmVTLGjDOmtMBpQjHmqYyhlp32LaiKLZDZFsjyBhTlDVi33-6HEyjr--CHi180ZrHCWhthTEQiJZI0TQRlhlMhI6GSQBlsmDCJSDscBSYmhighsCJxzGJpTBBLTVNsVJIknMYhkQnhMSdGasNYQnmcECMpxSkPcYqFCQgzOjGRJCJlzEipeBQZGmomTagUSZVWOKRGxaHi1HTIxDiMeBzQMI14DF71wFcIxqqFRiNoPIKGI2gsgqZC0Izb2yrz1Ld3VOZrQY4qPapBO3XV2ja_7ao1nSPg5RaUqt2xxRf-Jsjq5HRivJq6LnFRtVMuVLtdHKDnO0P0vj7zENb1op_QMOCppERHOCEBS7jQqcGhSVWiNKfgbQvWnzh8xomdo9VHf0Fh5-jMvd9B8D3w2R5IexJ4_TLwZhrTBPgQUgyTfPHqUA_1sBZLXPqa0GBQbFZDl_N8sxnqUg-kG4FyLRTVKag2e9vZATo9vXJt5f6hZz_7hoCWD9BRgCxbKMoWPre_IVjLbk2vuAbtXHGNRz9fKio7shPe-flqxSv9zA8f6s3Gler8Ob_1_buyI7r27jXtqws8VzZf8-jHFauULlddKTX69by_rsXl2g9X6jKviwuX31s9PypK7b11-Qy43X-NgrRzdHp3evhT2T-vgCxugC-OVXqHQBQIMosg08f7XLTg_4PFcb_tb8Fa2QNe3YR81MK4bGGctcCzLfD1yWlVlA_eeRQcBoisNxVZiXZEVna8XfRNoKnEOIkjEiRGk4ApacKEpSriOAg0VH5uV__-5N8AAAD__9YiF2xHBQAA","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.675Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RTz4scRRSuSYIXD6IRvXgY1ICCO1tVXf3LHMQ1rgRjEpJIBPFQP3fK7elqu7qnd-cUDGjAy3rz2Ptmk0UNEi_ehDDrRQKBnZzmkL34JwhBPUlvFlYf1Hvvq68O36v66qvt-gAFUPPF5Y_cxGYZXw4HuP_GdZsr1_j-xWt9ggf4bP-6zSN2tr_RpXL8NgnYAL_Z_0DLdbdMMcGYYNJftaU2bmP5kAVb3E3JIMUDRgckZLBR_h_7ugee90CND9ALYNX8uT_Mp2DlDPLRvXPar1eueOv9UZ3xypUwVrsf5-u5a3IYHbem7IHJd49Og_NzhL47AS7fPZoA3HinmwCEnaMTLz0Gke8eyQQxvv1UqchA5yDUs9CMZ6CzPbB8BtLdBKv2EYBUcPES5KM7F13Z8M2nLO_YOTr15E-wzRydevwi5KOfVjK70b_qsrqyLvewYVqwGzOwazMo6j2oJj2wzR7I6kuw6iFafnIB8tHOJZ85sGrxOmYRFTwVSzoIgiVGGVlK0lguRUaSKEg0ZkQfXpE1M-C-B3W3bA9q04O66MFILfoMJ0wSHkQmVTLGjDOmtMBpQjHmqYyhlp32LaiKLZDZFsjyBhTlDVi33-6HEyjr--CHi180ZrHCWhthTEQiJZI0TQRlhlMhI6GSQBlsmDCJSDscBSYmhighsCJxzGJpTBBLTVNsVJIknMYhkQnhMSdGasNYQnmcECMpxSkPcYqFCQgzOjGRJCJlzEipeBQZGmomTagUSZVWOKRGxaHi1HTIxDiMeBzQMI14DF71wFcIxqqFRiNoPIKGI2gsgqZC0Izb2yrz1Ld3VOZrQY4qPapBO3XV2ja_7ao1nSPg5RaUqt2xxRf-Jsjq5HRivJq6LnFRtVMuVLtdHKDnO0P0vj7zENb1op_QMOCppERHOCEBS7jQqcGhSVWiNKfgbQvWnzh8xomdo9VHf0Fh5-jMvd9B8D3w2R5IexJ4_TLwZhrTBPgQUgyTfPHqUA_1sBZLXPqa0GBQbFZDl_N8sxnqUg-kG4FyLRTVKag2e9vZATo9vXJt5f6hZz_7hoCWD9BRgCxbKMoWPre_IVjLbk2vuAbtXHGNRz9fKio7shPe-flqxSv9zA8f6s3Gler8Ob_1_buyI7r27jXtqws8VzZf8-jHFauULlddKTX69by_rsXl2g9X6jKviwuX31s9PypK7b11-Qy43X-NgrRzdHp3evhT2T-vgCxugC-OVXqHQBQIMosg08f7XLTg_4PFcb_tb8Fa2QNe3YR81MK4bGGctcCzLfD1yWlVlA_eeRQcBoisNxVZiXZEVna8XfRNoKnEOIkjEiRGk4ApacKEpSriOAg0VH5uV__-5N8AAAD__9YiF2xHBQAA HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTYzNDI1NCwiayI6IjgyNTNhOWMyMWU2MDgxMzQ4YWJlOWYwNWY5ZDhkZWEyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NjQxNzg0LCJwaWQiOjI0NzAwODksImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoic2VhN2N2N2hndCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL2hlaGVodWItYWNzdTEyMy5weXRob25hbnl3aGVyZS5jb20vYXBpL2dldGtleT9od2lkPTE3NjYyODc4MDkuODgwMzc2NiIsInR6IjoxLCJhciI6W119fQ.3Ry_Yy0xCmV8wCO-uj-ZxFUZKtpgJ3r2U1mUaf2MXGU; uid_id2=0462ba9b-e333-4241-897c-6fc1638e041e:1:1; pdhtkv=true; uncs=1; pdhtkv23=true; uncs23=1; u_pl25634254=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8184ea0966fbfd6732d52298a271892b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRit3gwe1oPoiudBUFR00j3dM5lxD4txjQRjErORgLKH6q7qmTI9VW1V9_RkTsGALp7m4EG92HmTbPyxyPoHqMtED8uCYgtiwM1F_ANEWPQmPTsQ_aC-H_Xq8N776t399JS4SOnJ-qtqKKKIzjdqdvWpLSGZykx1dbPq2DX7YnVLyKZ3sTook-4_77hezX66-jIPttV83XZs27Gd6pLQPFSD-SkKEd9oO7W2XfPqNafhYaD_P5vUgqEWWP-UPALBiod-D9-ECCaQvZuXudlOVPzsS700oonS6LOj1-W2VJlE76wNtYVQHs1eQ5mCkA_PQcmjmQKo_kGpAL4oyLnH7sKXRzOa8PuH95n6EbiEzx5E1p-ARxMIOkGg9iDYTwQIGFbXIHvXV5XO6M59lJZoQSr3_oLIClK5-yhk78vFSAyqV1SUJkJJg0GYQwwmEJ0J4vQYydCCyI4RJO9AsB_I_L0VyN7BmokUBMun6kU4ATUW0vIIC2loIY0t9NhJ1bNbXuBQtxm2WbBge9TzGPftdqtu27QdLCANSlojJPEIQTRCoHcR611sixF0egumm8MwCyYpiPXaLvosR8YJMkOQUYJMEGQJQdbPD1lk6ia_ziKT-s6s1mfVzccq6ezTQ5V0uCSgegTN8gMRv232ECRz42Fo2FiVifpJPqY-y_fjU_Jw6Zr13pO_YZufVFnYanDfZ77rua1mkzst1mC87jdDVvfqXhtG5BDm3NSQoSjI0s9_IxYFeeLmbfj0GCY6RiDmQFMHNMtBuzmG8uTxLu_ybuo_RwOTOnW3Fu8kXSWp3Mm6XPNaoHpgKkecVJDsWPvRKbkw3thcvDXd6dVfvwcP7pBZINA5Yp3jLfEdQSe6Nt5QGTnYUJkhX63FieiJIS33fSWhCX_g81f4TqY0W75sRp-9EJRA2d7Y5CZZoZIJ2THki0XBGNdLSgecfL1stri_npruYqplGq-sv7i03Is1N0YoOQEVBTn_5_sIREEufPPJ9C83nvkDQbwLE5_xNIrAj-cQCYKIn91TP4f5z-yf9fvmGjq6AprsQfZy9HWOfpSDRiOY9Pw4ifWdS7c_KuNj-FFl7Ee6cuBHOvqg9Onbgrzx6aWpYwW5-suPMOKkGrq8Hth2a6HpuK2QO67HgrDR8tqsSW3X5UhMIZb-2fo3AAD__2y1vtZ9BAAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.051Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRit3gwe1oPoiudBUFR00j3dM5lxD4txjQRjErORgLKH6q7qmTI9VW1V9_RkTsGALp7m4EG92HmTbPyxyPoHqMtED8uCYgtiwM1F_ANEWPQmPTsQ_aC-H_Xq8N776t399JS4SOnJ-qtqKKKIzjdqdvWpLSGZykx1dbPq2DX7YnVLyKZ3sTook-4_77hezX66-jIPttV83XZs27Gd6pLQPFSD-SkKEd9oO7W2XfPqNafhYaD_P5vUgqEWWP-UPALBiod-D9-ECCaQvZuXudlOVPzsS700oonS6LOj1-W2VJlE76wNtYVQHs1eQ5mCkA_PQcmjmQKo_kGpAL4oyLnH7sKXRzOa8PuH95n6EbiEzx5E1p-ARxMIOkGg9iDYTwQIGFbXIHvXV5XO6M59lJZoQSr3_oLIClK5-yhk78vFSAyqV1SUJkJJg0GYQwwmEJ0J4vQYydCCyI4RJO9AsB_I_L0VyN7BmokUBMun6kU4ATUW0vIIC2loIY0t9NhJ1bNbXuBQtxm2WbBge9TzGPftdqtu27QdLCANSlojJPEIQTRCoHcR611sixF0egumm8MwCyYpiPXaLvosR8YJMkOQUYJMEGQJQdbPD1lk6ia_ziKT-s6s1mfVzccq6ezTQ5V0uCSgegTN8gMRv232ECRz42Fo2FiVifpJPqY-y_fjU_Jw6Zr13pO_YZufVFnYanDfZ77rua1mkzst1mC87jdDVvfqXhtG5BDm3NSQoSjI0s9_IxYFeeLmbfj0GCY6RiDmQFMHNMtBuzmG8uTxLu_ybuo_RwOTOnW3Fu8kXSWp3Mm6XPNaoHpgKkecVJDsWPvRKbkw3thcvDXd6dVfvwcP7pBZINA5Yp3jLfEdQSe6Nt5QGTnYUJkhX63FieiJIS33fSWhCX_g81f4TqY0W75sRp-9EJRA2d7Y5CZZoZIJ2THki0XBGNdLSgecfL1stri_npruYqplGq-sv7i03Is1N0YoOQEVBTn_5_sIREEufPPJ9C83nvkDQbwLE5_xNIrAj-cQCYKIn91TP4f5z-yf9fvmGjq6AprsQfZy9HWOfpSDRiOY9Pw4ifWdS7c_KuNj-FFl7Ee6cuBHOvqg9Onbgrzx6aWpYwW5-suPMOKkGrq8Hth2a6HpuK2QO67HgrDR8tqsSW3X5UhMIZb-2fo3AAD__2y1vtZ9BAAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b57a1a76708126ce2ef43e911aec3142\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":279,"timings":{"blocked":178,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRit2Qwe4kE04nkQlQg6279mMm0O4hpXgjGJSWQPIUh1V_VOuT1VbVX19O6egoEYPM3Bg3qx581k1-gi8SiohFkvIaDYgrhg9uIfICIEvUnvLqyeLOhX3_deH977-uvr43yX-MjpzvnX1bpIUzrfaTut40tCMlWY1tlLLddpOydbS0J2g5Ot1Rr08AXXD9rOs61Xebyi5j3HdRzXcVuLQvNErc7vqRDZVui2Q6cdeG23E2BV_7c3-RwMnQMb7pLHIFj1yG_JZYh4Bjm4fYqbFauy514Z5Cm1SmPINt-UK1IVEoPDMtENJHLz4G0oUxHy4RyU3DxIADWc1gkQiYrMPXEfkdw8sIloeHPfaZSCS0TsYRTDGXg6g6AzxOoaBPuRADHD2XOQg42zShd0bV-ltVqR5oM_IYqKNO8_Djn4YiEVq62LKs2tUNJgNSkhVmcQyzNk-Qx2vQFRbCO270Kw78n8gzOQg-k5kyoIVu6lF8kM1DSQ149oIE8ayLMGBmynFTi9IHap301CFp9wAhoEjEdO2PMch4bxCeRxbWsEm40QpyPE-vpGxvp2ZTi1OufTXMZm7H66TwXhHrlRk0E4drfyt7LU63T9oOMFY3fnKZnymCW9Do8iFvmB3-t2udtjHca9qJswL_CC8NblThi4vuteQaavYkWMoPM7MP0Shs3B2Io03riKIStRcILCEBSUoBAEhSUohuVNlhrPlBssNXnkHtzewe2XE2WXx_SmsstcElA9gmblVGTvmGuI7ZHJemLYRNVAI1tOaMTKcbZLHq0_T-O9Z37FCt9p_V8KGFFCmLm9ya-Liiz-9BcyUZGnb99FRLdh0m3E4gho7oIWJWi_xLrcebLP-7yfR8_T2OSu57ezNdtXksq1os81b8dqAKZKZLYJu9YYp7vk2OTCpYU7e8tz5ecfwON75OAg1iUyXeJt8R3BcnpjckEVZHpBFYZ8eS6zYiDWab1YFy21_KHPXuNrhdLs9CkzuvVSXAt1uXWJG3uGSibksiGfLwjGuF5UOubkm9NmiUfnc9NfyLXMszPnX148Pcg0N0YoOQMVFTn6x_uIRUWOffvJ3k_TOf474uwqTHbo0yiCKGsiFQQpP-RpVML8q48O67G5gWXdBLXXIAclhrrEMC1B0xFMfnRiM33vxbsf1edjRGlzEqW6OY1SnX5QkSu_fF3Ddg1f7Y_NiJ1Wx4v8bq_X5UmXJT7zPZ-FHYeHAQ27QRh0YE0lFv9e-icAAP__BODhLuYEAAA=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.140Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRit2Qwe4kE04nkQlQg6279mMm0O4hpXgjGJSWQPIUh1V_VOuT1VbVX19O6egoEYPM3Bg3qx581k1-gi8SiohFkvIaDYgrhg9uIfICIEvUnvLqyeLOhX3_deH977-uvr43yX-MjpzvnX1bpIUzrfaTut40tCMlWY1tlLLddpOydbS0J2g5Ot1Rr08AXXD9rOs61Xebyi5j3HdRzXcVuLQvNErc7vqRDZVui2Q6cdeG23E2BV_7c3-RwMnQMb7pLHIFj1yG_JZYh4Bjm4fYqbFauy514Z5Cm1SmPINt-UK1IVEoPDMtENJHLz4G0oUxHy4RyU3DxIADWc1gkQiYrMPXEfkdw8sIloeHPfaZSCS0TsYRTDGXg6g6AzxOoaBPuRADHD2XOQg42zShd0bV-ltVqR5oM_IYqKNO8_Djn4YiEVq62LKs2tUNJgNSkhVmcQyzNk-Qx2vQFRbCO270Kw78n8gzOQg-k5kyoIVu6lF8kM1DSQ149oIE8ayLMGBmynFTi9IHap301CFp9wAhoEjEdO2PMch4bxCeRxbWsEm40QpyPE-vpGxvp2ZTi1OufTXMZm7H66TwXhHrlRk0E4drfyt7LU63T9oOMFY3fnKZnymCW9Do8iFvmB3-t2udtjHca9qJswL_CC8NblThi4vuteQaavYkWMoPM7MP0Shs3B2Io03riKIStRcILCEBSUoBAEhSUohuVNlhrPlBssNXnkHtzewe2XE2WXx_SmsstcElA9gmblVGTvmGuI7ZHJemLYRNVAI1tOaMTKcbZLHq0_T-O9Z37FCt9p_V8KGFFCmLm9ya-Liiz-9BcyUZGnb99FRLdh0m3E4gho7oIWJWi_xLrcebLP-7yfR8_T2OSu57ezNdtXksq1os81b8dqAKZKZLYJu9YYp7vk2OTCpYU7e8tz5ecfwON75OAg1iUyXeJt8R3BcnpjckEVZHpBFYZ8eS6zYiDWab1YFy21_KHPXuNrhdLs9CkzuvVSXAt1uXWJG3uGSibksiGfLwjGuF5UOubkm9NmiUfnc9NfyLXMszPnX148Pcg0N0YoOQMVFTn6x_uIRUWOffvJ3k_TOf474uwqTHbo0yiCKGsiFQQpP-RpVML8q48O67G5gWXdBLXXIAclhrrEMC1B0xFMfnRiM33vxbsf1edjRGlzEqW6OY1SnX5QkSu_fF3Ddg1f7Y_NiJ1Wx4v8bq_X5UmXJT7zPZ-FHYeHAQ27QRh0YE0lFv9e-icAAP__BODhLuYEAAA= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f922913f2697664878e2a8ea0f0ceacb\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":323,"timings":{"blocked":225,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSesy2KUCAIoj6hgADh8_668y0pECYYRYQkSoJcRBGanZn1Dd6bWWZ2b21XQKQQUV1BATTsfXexE4hQqPkVXaCIIiFxNJxE3CD-AIQUQYfWPslQ8Yrvvfd9W3zv7Zsrg3yP-Mjp9OzrelsmCV1qNpz6M2tScV3Y-ukLdddpOMfra1K1guP1zQpM7wXXDxrOs_VXBdvQS57jOo7ruPVVaUSsN5f2Vcj0Zug2QqcReA23GWDT_Le3-RwsnQPv7ZHHIPnkkd_ii5BsDNW9dULYjUynz7_SzROaaYMe331DbShdKHQPy9jUEKvd2dfQdkLIR3PQanc2AXRvVE2ASE7I3BP3EandmU1EvWsHTqMEQiHiD6PojSGSMSQdg-nLkPwnAjCO02egujuntSno1oFKK3VCFh78CVlMyML9x6G6X6wkcrN-Xid5JrWy2IxLyM0x5PoYaT5Gtl2DLO6AZe9B8h_J0oNTUN3RGZtoSD49RmMRxmG7uRg2w2Ax8GO6GLZdsejHLo2WPbflNcP9Fcl4DGrnkdsacllDHteQpzV0-bQeOO2AudRvxSFny05Ag4CLyAnbnuPQkC0jZ5X3PrK0D5b0wcyVnZR3so3eKDO5GOWK2YF7_YAKwn1ypyKDcODezN9ME6_Z8oOmFwzc6TGVCMbjdlNEEY_8wG-3WsJt8yYXXtSKuRd4QXjjYjMMXN91LyE1717n_rLwIxYMImzIPkx-G7ZTwvIabEbQ4yUKQVBYgoISFJKgyAiKXnmNJ9az5Q5PbB65s-zNsl8OdbY-oNd0ti4UATV9GF6OZPq2vQyWzQ-3Y8uHugIaZeWQRrwcpHvk0epX1t5_-ldsiGn9_4aBlSWknQO1NWzLCVn9-S-kckKeunUXEb0Dm9wBk_OguQtalKCdEttq-mRHdEQnjxYps7nr-Y10K-toRdVW0RFGNJjugusSabaAbKs2SPbI0eG5Cyu39w_t0i8_QLB7ZBZgpkRqSrwlvydYT64Oz-mCjM7pwpIvz6SZ7MptWh3h-Yxm4qHPXhNbhTb85Anbv_ESq4SqvHlB2OwUVVyqdUs-X5GcC7OqDRPkm5N2TURnc9tZyY3K01NnX1492U2NsFZqNQaVE3Lkjw_A5IQc_fbT_QfWfO53sPQd2PTQp9UEUTqPRBIk4pCnUQn7rz46rAf2KtbNAmh2GapbomdK9JISNOnD5keGWWruvXj34yo-QZQsDKPELIyixCQfVnv6qoLv9jdWwdewclqPfeExx2kvt1y_HQvXDziLm-0g5C3q-L5AZidy9e-1fwIAAP__ICOzsxIFAAA=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSesy2KUCAIoj6hgADh8_668y0pECYYRYQkSoJcRBGanZn1Dd6bWWZ2b21XQKQQUV1BATTsfXexE4hQqPkVXaCIIiFxNJxE3CD-AIQUQYfWPslQ8Yrvvfd9W3zv7Zsrg3yP-Mjp9OzrelsmCV1qNpz6M2tScV3Y-ukLdddpOMfra1K1guP1zQpM7wXXDxrOs_VXBdvQS57jOo7ruPVVaUSsN5f2Vcj0Zug2QqcReA23GWDT_Le3-RwsnQPv7ZHHIPnkkd_ii5BsDNW9dULYjUynz7_SzROaaYMe331DbShdKHQPy9jUEKvd2dfQdkLIR3PQanc2AXRvVE2ASE7I3BP3EandmU1EvWsHTqMEQiHiD6PojSGSMSQdg-nLkPwnAjCO02egujuntSno1oFKK3VCFh78CVlMyML9x6G6X6wkcrN-Xid5JrWy2IxLyM0x5PoYaT5Gtl2DLO6AZe9B8h_J0oNTUN3RGZtoSD49RmMRxmG7uRg2w2Ax8GO6GLZdsejHLo2WPbflNcP9Fcl4DGrnkdsacllDHteQpzV0-bQeOO2AudRvxSFny05Ag4CLyAnbnuPQkC0jZ5X3PrK0D5b0wcyVnZR3so3eKDO5GOWK2YF7_YAKwn1ypyKDcODezN9ME6_Z8oOmFwzc6TGVCMbjdlNEEY_8wG-3WsJt8yYXXtSKuRd4QXjjYjMMXN91LyE1717n_rLwIxYMImzIPkx-G7ZTwvIabEbQ4yUKQVBYgoISFJKgyAiKXnmNJ9az5Q5PbB65s-zNsl8OdbY-oNd0ti4UATV9GF6OZPq2vQyWzQ-3Y8uHugIaZeWQRrwcpHvk0epX1t5_-ldsiGn9_4aBlSWknQO1NWzLCVn9-S-kckKeunUXEb0Dm9wBk_OguQtalKCdEttq-mRHdEQnjxYps7nr-Y10K-toRdVW0RFGNJjugusSabaAbKs2SPbI0eG5Cyu39w_t0i8_QLB7ZBZgpkRqSrwlvydYT64Oz-mCjM7pwpIvz6SZ7MptWh3h-Yxm4qHPXhNbhTb85Anbv_ESq4SqvHlB2OwUVVyqdUs-X5GcC7OqDRPkm5N2TURnc9tZyY3K01NnX1492U2NsFZqNQaVE3Lkjw_A5IQc_fbT_QfWfO53sPQd2PTQp9UEUTqPRBIk4pCnUQn7rz46rAf2KtbNAmh2GapbomdK9JISNOnD5keGWWruvXj34yo-QZQsDKPELIyixCQfVnv6qoLv9jdWwdewclqPfeExx2kvt1y_HQvXDziLm-0g5C3q-L5AZidy9e-1fwIAAP__ICOzsxIFAAA= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 61e9c0208daad468c8317e28d4786a10\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":386,"timings":{"blocked":290,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhokHkXUMOslBATHi4NmL_4FIgS9SW8WVk--w_d-fM3je69fXRkWu8RHQWdnXtebMk3pYthyms9ckIrr0jZPnW-6Tss51rwgVTs41lyvwfRfcP2g5TzbfFXEa3rRc1zHcR23uSKNSPT64h4Lmd2M3FbktAKv5YYB1s1_c1vMwdI58P4ueQySTx_5PbkIGU-gereOC7uW6-z5V3pFSnNt0Ofbb6g1pUuF3kGYmAYStb3_NbSdEvLxHLTa3p8Auj-uJwCTUzL3xD0wtb0vE6x_7YFSlkIoMP4wyv4EIp1A0glifRmS_0SAmOPUaaje1iltSrrxgKU1OyXz9_-ELKdk_t7jUL0vl1O53jyn0yKXWlmsJxXk-gRydYKsmCDfbECWO4jz9yH5j2Tx_kmo3vi0TTUknx2liYiSqBMuRGEULAR-QheijisW_MSlbMlz214Y7a1IJhNQewiFbaCQDRRJA0XWQI_PmoHTCWKX-u0k4vGSE9Ag4II5UcdzHBrFSyjiWvsAeTZAnA4QmyvjQsV26F7PeDdf6wfRODeF2KqLQTR0bxZvZakXtv0g9IKhOzuqUhHzpBMKxjjzA7_Tbgu3w0MuPNZOuBd4QXTjYhgFru-6l7YedN3ricy8d537S8JncTBkWJMDmOI2bLeC5Q3YnKDPK5SCoLQEJSUoJUGZE5T96hpPrWerLZ7agrn73tv3fjXS-eqQXtP5qlAE1AxgeDWW2Tv2MuL80GgzsXyka6Asr0aU8WqY7ZJH61_Z-ODp37AmZs3_GwxWVpB2DtQ2sCmnZOXnv5DJKXnq1h0wugOb7iCWh0ALF7SsQLsVNtXsya7oim7BFmhsC9fzW9lG3tWKqo2yK4xoxboHritk-TzyjcYw3SVHRmfPL9_eO7RLv3wDEd8l-4bYVMhMhbflDwSr6dXRWV2S8VldWvLV6SyXPblJ6yM8l9NcPPT5a2Kj1IafOG4HN16Ka6IOb54XNj9JFZdq1ZIvliXnwqxoEwvy7Ql7QbAzhe0uF0YV2ckzL6-c6GVGWCu1moDKKTn8x4eI5ZQc-e6zvQcWPvcr4uxd2OxAp9UELGsglQSpOKhTVsH-K2cH8dBexaqZB80vQ_Uq9E2FflqBpgPY4vAoz8zdF-98UtunYOn8iKVmfsxSk360t6cadmr4voavYeWsGXrMb3c6bZG0eeJz3_N5FDoiCmjUDqIgRG6ncuXvN_8JAAD__w4Tmj4SBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.322Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhokHkXUMOslBATHi4NmL_4FIgS9SW8WVk--w_d-fM3je69fXRkWu8RHQWdnXtebMk3pYthyms9ckIrr0jZPnW-6Tss51rwgVTs41lyvwfRfcP2g5TzbfFXEa3rRc1zHcR23uSKNSPT64h4Lmd2M3FbktAKv5YYB1s1_c1vMwdI58P4ueQySTx_5PbkIGU-gereOC7uW6-z5V3pFSnNt0Ofbb6g1pUuF3kGYmAYStb3_NbSdEvLxHLTa3p8Auj-uJwCTUzL3xD0wtb0vE6x_7YFSlkIoMP4wyv4EIp1A0glifRmS_0SAmOPUaaje1iltSrrxgKU1OyXz9_-ELKdk_t7jUL0vl1O53jyn0yKXWlmsJxXk-gRydYKsmCDfbECWO4jz9yH5j2Tx_kmo3vi0TTUknx2liYiSqBMuRGEULAR-QheijisW_MSlbMlz214Y7a1IJhNQewiFbaCQDRRJA0XWQI_PmoHTCWKX-u0k4vGSE9Ag4II5UcdzHBrFSyjiWvsAeTZAnA4QmyvjQsV26F7PeDdf6wfRODeF2KqLQTR0bxZvZakXtv0g9IKhOzuqUhHzpBMKxjjzA7_Tbgu3w0MuPNZOuBd4QXTjYhgFru-6l7YedN3ricy8d537S8JncTBkWJMDmOI2bLeC5Q3YnKDPK5SCoLQEJSUoJUGZE5T96hpPrWerLZ7agrn73tv3fjXS-eqQXtP5qlAE1AxgeDWW2Tv2MuL80GgzsXyka6Asr0aU8WqY7ZJH61_Z-ODp37AmZs3_GwxWVpB2DtQ2sCmnZOXnv5DJKXnq1h0wugOb7iCWh0ALF7SsQLsVNtXsya7oim7BFmhsC9fzW9lG3tWKqo2yK4xoxboHritk-TzyjcYw3SVHRmfPL9_eO7RLv3wDEd8l-4bYVMhMhbflDwSr6dXRWV2S8VldWvLV6SyXPblJ6yM8l9NcPPT5a2Kj1IafOG4HN16Ka6IOb54XNj9JFZdq1ZIvliXnwqxoEwvy7Ql7QbAzhe0uF0YV2ckzL6-c6GVGWCu1moDKKTn8x4eI5ZQc-e6zvQcWPvcr4uxd2OxAp9UELGsglQSpOKhTVsH-K2cH8dBexaqZB80vQ_Uq9E2FflqBpgPY4vAoz8zdF-98UtunYOn8iKVmfsxSk360t6cadmr4voavYeWsGXrMb3c6bZG0eeJz3_N5FDoiCmjUDqIgRG6ncuXvN_8JAAD__w4Tmj4SBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: close\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cf03610a2c82b242f788286514eaf76b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":500,"timings":{"blocked":403,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/img/banner.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.885Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/img/banner.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 29534\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67f54bcb-735e\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 2731824\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=kfJ701%2FPr9j462Tn6limza3gcVPfCOCcCuUSPMXwBZAfs%2BwZe5PqbG7uxW7xHe0ehJu1hhZuJ3qhichBM0Bto6bCIYVrZ%2FMIokDi2GTJ\"}]}\r\ncf-ray: 9b118e0b5cb3b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29534,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 600 x 400, 8-bit colormap, non-interlaced","md5":"563e092f6677dac51659d62dccd159bf","sha1":"d04ac2cbce54e7c4849bbe28ecef94b464f3246e","sha256":"9d9611a42fcdbfd80c5d0774a743891691d0a09ce3c9830ceab54e920dbb64e1","sha512":"c2e1135a6b532df9332a2cc53477df0f3a2e69be2b45ab5ced0d764b977b6bc4b1362775957b96c5ae7862c73dbcbfb07f115074f3b554ea1ec8ff3afe2f1dc8","ssdeep":"768:ftP+gBsKWXjW1Mg3j/xQkRSP8d2iOF4aI:12gBsnXiH3tkUoo","tlshash":"a1d2e1512e22c71b09c92debbe15d8f6f8617da7f835692d201db2ac906639fc2501dc","first_seen":"2025-07-06T07:29:12.195371Z","last_seen":"2026-06-14T21:26:13.872814Z","times_seen":1151,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.242Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /1e/e3/36/1ee3363d3f6736b5616821dca2afa5c7.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 27e8705b7c9a2b5b4a7ad80d49be8af3\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":405,"timings":{"blocked":-1,"dns":0,"connect":105,"send":0,"wait":98,"receive":0,"ssl":202},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRuu2SzfId9BNOJ5EBUVne2e7pnMmIO4xpVgTGIS2UMIUl1VvVNuT1VbVT29u6dgIAZPc_CgXux5ZrJrNEg8Ciph1ksIKLYgDpi9-BeIEPQmPbuwevKFfn89TfE8b711bZTtkQAZnZ17XW_JJKFLrYZXf3pVKq5zWz9zse57De9EfVWqdniivlE5M3jBD8KG90z9VcHW9VLT8z3P9_z6ijQi1htLcxQyvdX1G12vETYbfivEhvl3bbMFWLoAPtgjj0Dy8qHf4kuQbArVv31S2HWn0-de6WcJddpgwHfeVOtK5wr9wzQ2NcRq5-BvaFsS8uECtNo5UAA9mFQKEMmSLDx2H5HaOaCJaHBjn2mUQChE_P_IB1OIZApJp2D6KiT_kQCM48xZqP72GW1yurmP0gotyeKDPyDzkizefxSq_8VyIjfqF3SSOamVxUZcQG5MIdemSLMp3FYNMt8Fc-9C8u_J0oPTUP3JWZtoSF7M1ct4CmpryKpP1pDFNWRpDX0-q4deJ2Q-Ddpxl7PjXkjDkIvI63aanke77DgyVtEawqVDsGQIZq5tZ4rZsDvyb2VvpUmz1Q7CVjMc-bMnVCIYjzstEUU8CsKg024Lv8NbXDSjdsybYTPs3rzU6oZ-4PuXt1Pec-uDiTOZmFRnjvxP91thd95Eaq5gXQ5hsjuwvQKWL8C6ktTeuIIBL5ALgtwS5JQglwS5I8gHxQ2e2KYttnlis8g_iM2DGBRj7dZG9IZ2a0IRUDOE4cVEpu_Yq2DuyHgrtnysK0cjV4xpxItRukcerq6n9t5Tv2JdzOr_JRNWFpB2YT75LVmSlZ_-RCpL8uTtu4joLmyyCyaPgGY-aF6A9gpsqdnjPdETvSx6njKb-c2gkW66nlZUbeY9YUSD6T64LpC6RbjN2ijZI8fG5y8u35kvz-VfvoJg98iBgZkCqSnwtvyOYC25Pj6vczI5r3NLvjybOtmXW7RarAuOOvG_z14Tm7k2_NRJO7z5EquAKr11UVh3miou1Zolny9LzoVZ0YYJ8s0puyqic5ntLWdGZenpcy-vnOqnRlgrtZqCypIc_f19MFmSY99-Mn80rWdnYOkV2PSQp9UEUXoEiSRIxGGfRgXsP-roMB_Z61gzi6DuKlS_wMAUGCQFaDKEzY6OXWruvXj3o8o-RpQsjqPELE6ixCQfVHP6unK784mV5PLPP8DKWT0ORJN5Xud42w86sfCDkLO41Qm7vE29IBBwtpQrf63-HQAA__9yJwR95gQAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRuu2SzfId9BNOJ5EBUVne2e7pnMmIO4xpVgTGIS2UMIUl1VvVNuT1VbVT29u6dgIAZPc_CgXux5ZrJrNEg8Ciph1ksIKLYgDpi9-BeIEPQmPbuwevKFfn89TfE8b711bZTtkQAZnZ17XW_JJKFLrYZXf3pVKq5zWz9zse57De9EfVWqdniivlE5M3jBD8KG90z9VcHW9VLT8z3P9_z6ijQi1htLcxQyvdX1G12vETYbfivEhvl3bbMFWLoAPtgjj0Dy8qHf4kuQbArVv31S2HWn0-de6WcJddpgwHfeVOtK5wr9wzQ2NcRq5-BvaFsS8uECtNo5UAA9mFQKEMmSLDx2H5HaOaCJaHBjn2mUQChE_P_IB1OIZApJp2D6KiT_kQCM48xZqP72GW1yurmP0gotyeKDPyDzkizefxSq_8VyIjfqF3SSOamVxUZcQG5MIdemSLMp3FYNMt8Fc-9C8u_J0oPTUP3JWZtoSF7M1ct4CmpryKpP1pDFNWRpDX0-q4deJ2Q-Ddpxl7PjXkjDkIvI63aanke77DgyVtEawqVDsGQIZq5tZ4rZsDvyb2VvpUmz1Q7CVjMc-bMnVCIYjzstEUU8CsKg024Lv8NbXDSjdsybYTPs3rzU6oZ-4PuXt1Pec-uDiTOZmFRnjvxP91thd95Eaq5gXQ5hsjuwvQKWL8C6ktTeuIIBL5ALgtwS5JQglwS5I8gHxQ2e2KYttnlis8g_iM2DGBRj7dZG9IZ2a0IRUDOE4cVEpu_Yq2DuyHgrtnysK0cjV4xpxItRukcerq6n9t5Tv2JdzOr_JRNWFpB2YT75LVmSlZ_-RCpL8uTtu4joLmyyCyaPgGY-aF6A9gpsqdnjPdETvSx6njKb-c2gkW66nlZUbeY9YUSD6T64LpC6RbjN2ijZI8fG5y8u35kvz-VfvoJg98iBgZkCqSnwtvyOYC25Pj6vczI5r3NLvjybOtmXW7RarAuOOvG_z14Tm7k2_NRJO7z5EquAKr11UVh3miou1Zolny9LzoVZ0YYJ8s0puyqic5ntLWdGZenpcy-vnOqnRlgrtZqCypIc_f19MFmSY99-Mn80rWdnYOkV2PSQp9UEUXoEiSRIxGGfRgXsP-roMB_Z61gzi6DuKlS_wMAUGCQFaDKEzY6OXWruvXj3o8o-RpQsjqPELE6ixCQfVHP6unK784mV5PLPP8DKWT0ORJN5Xud42w86sfCDkLO41Qm7vE29IBBwtpQrf63-HQAA__9yJwR95gQAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1c47b53d5be3605778835a5600d4dcaf\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":333,"timings":{"blocked":235,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scxRev2SzfQ74H0YjnQaKouLP9c3baHMQ1rgRjEpJIhBCkqqt6p9yeqraqe3p3T2ogBk9z8KBe7PnMZDfRIPEoooZZLyEgOF4cMHvxLxAh6E16d2H15Dt83o9P8_i816-uDYtd4qOgs3Ov602ZpnQxbDnNZy5JxXVpm2cuNl2n5ZxoXpKqHZxortdg-i-4ftBynm2-KuI1veg5ruO4jttckUYken1xj4XMbkduK3JagddywwDr5t-5LeZg6Rx4f5c8Bsmnj_yWXIaMJ1C9OyeFXct19vwrvSKluTbo8-031JrSpULvMExMA4naPvga2k4J-XgOWm0fTADdH9cTgMkpmXviAZjaPpAJ1r-xr5SlEAqM_x9lfwKRTiDpBLG-Csl_IkDMceYsVG_rjDYl3dhnac1OyfzDPyDLKZl_8DhU78vlVK43L-i0yKVWFutJBbk-gVydICsmyDcbkOUO4vx9SP4jWXx4Gqo3PmtTDclnx2kioiTqhAtRGAULgZ_QhajjigU_cSlb8ty2F0Z7K5LJBNQeQWEbKGQDRdJAkTXQ47Nm4HSC2KV-O4l4vOQENAi4YE7U8RyHRvESirjWPkCeDRCnA8Tm2rhQsR26NzPezdf6QTTOTSG26mIQDd3bxVtZ6oVtPwi9YOjOjqtUxDzphIIxzvzA77Tbwu3wkAuPtRPuBV4Q3bocRoHru-6Vrf2uez2Rmfducn9J-CwOhgxrcgBT3IXtVrC8AZsT9HmFUhCUlqCkBKUkKHOCsl_d4Kn1bLXFU1sw98B7B96vRjpfHdIbOl8VioCaAQyvxjJ7x15FnB8ZbSaWj3QNlOXViDJeDbNd8mj9KxsfPP0r1sSs-V-DwcoK0s6B2gY25ZSs_PwnMjklT925B0Z3YNMdxPIIaOGClhVot8Kmmj3ZFV3RLdgCjW3hen4r28i7WlG1UXaFEa1Y98B1hSyfR77RGKa75Njo_MXlu3uHduWXryHi--TAEJsKmanwtvyBYDW9PjqvSzI-r0tLvjqb5bInN2l9hBdymov_ff6a2Ci14adO2sGtl-KaqMPbF4XNT1PFpVq15ItlybkwK9rEgnx7yl4S7Fxhu8uFUUV2-tzLK6d6mRHWSq0moHJKjv7-IWI5Jce--2zvgYXPzRBn78JmhzqtJmDZPFJJkIrDOmUV7D9ydhgP7XWsmnnQ_CpUr0LfVOinFWg6gC2OjvLM3H_x3ie1fQqWzo9YaubHLDXpR_Wevqlhp4bv99dm5awZesxvdzptkbR54nPf83kUOiIKaNQOoiBEbqdy5a83_w4AAP__LFv8QxIFAAA=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.326Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scxRev2SzfQ74H0YjnQaKouLP9c3baHMQ1rgRjEpJIhBCkqqt6p9yeqraqe3p3T2ogBk9z8KBe7PnMZDfRIPEoooZZLyEgOF4cMHvxLxAh6E16d2H15Dt83o9P8_i816-uDYtd4qOgs3Ov602ZpnQxbDnNZy5JxXVpm2cuNl2n5ZxoXpKqHZxortdg-i-4ftBynm2-KuI1veg5ruO4jttckUYken1xj4XMbkduK3JagddywwDr5t-5LeZg6Rx4f5c8Bsmnj_yWXIaMJ1C9OyeFXct19vwrvSKluTbo8-031JrSpULvMExMA4naPvga2k4J-XgOWm0fTADdH9cTgMkpmXviAZjaPpAJ1r-xr5SlEAqM_x9lfwKRTiDpBLG-Csl_IkDMceYsVG_rjDYl3dhnac1OyfzDPyDLKZl_8DhU78vlVK43L-i0yKVWFutJBbk-gVydICsmyDcbkOUO4vx9SP4jWXx4Gqo3PmtTDclnx2kioiTqhAtRGAULgZ_QhajjigU_cSlb8ty2F0Z7K5LJBNQeQWEbKGQDRdJAkTXQ47Nm4HSC2KV-O4l4vOQENAi4YE7U8RyHRvESirjWPkCeDRCnA8Tm2rhQsR26NzPezdf6QTTOTSG26mIQDd3bxVtZ6oVtPwi9YOjOjqtUxDzphIIxzvzA77Tbwu3wkAuPtRPuBV4Q3bocRoHru-6Vrf2uez2Rmfducn9J-CwOhgxrcgBT3IXtVrC8AZsT9HmFUhCUlqCkBKUkKHOCsl_d4Kn1bLXFU1sw98B7B96vRjpfHdIbOl8VioCaAQyvxjJ7x15FnB8ZbSaWj3QNlOXViDJeDbNd8mj9KxsfPP0r1sSs-V-DwcoK0s6B2gY25ZSs_PwnMjklT925B0Z3YNMdxPIIaOGClhVot8Kmmj3ZFV3RLdgCjW3hen4r28i7WlG1UXaFEa1Y98B1hSyfR77RGKa75Njo_MXlu3uHduWXryHi--TAEJsKmanwtvyBYDW9PjqvSzI-r0tLvjqb5bInN2l9hBdymov_ff6a2Ci14adO2sGtl-KaqMPbF4XNT1PFpVq15ItlybkwK9rEgnx7yl4S7Fxhu8uFUUV2-tzLK6d6mRHWSq0moHJKjv7-IWI5Jce--2zvgYXPzRBn78JmhzqtJmDZPFJJkIrDOmUV7D9ydhgP7XWsmnnQ_CpUr0LfVOinFWg6gC2OjvLM3H_x3ie1fQqWzo9YaubHLDXpR_Wevqlhp4bv99dm5awZesxvdzptkbR54nPf83kUOiIKaNQOoiBEbqdy5a83_w4AAP__LFv8QxIFAAA= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 21119a99f51e84ba2214245899cb889e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":545,"timings":{"blocked":449,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026uuid=afe9f985-9594-43fa-981e-3f1ab7216259%3A3%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026uuid=afe9f985-9594-43fa-981e-3f1ab7216259%3A3%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: application/json\r\nContent-Length: 11809\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; expires=Sat, 27 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nuncs49=2; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 9\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d9489927bb00d69cbfb3f9099947f76b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17309,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5f82ccdcf53ebaccab172493258c3cfb","sha1":"e337e6fa137c66c932c423d25d7fbe0bbb50996b","sha256":"b7064615e7e543caa8c19d76bb9b21154db72a7d924ba1f955d180677125263c","sha512":"86d95bc4d651ba8360b516e0fcdcb466ef89ba79622ab5245fc7faec8fefc6fe7920001c33dc7951f9d2b51a1f5835f4124f82d0faa6362b3ee20c106ccd1b01","ssdeep":"384:KVmF10lO70/H7GulqRvrVA64efuzuPLWVGnD9:KG1DMHquSJDrLMy","tlshash":"a57290f90512095e06a4a6fe286fbe76cec8811facdc8dd7ca6596dd74398dc02b84c1","first_seen":"2025-12-20T19:31:04.620867Z","last_seen":"2025-12-20T19:31:04.620867Z","times_seen":1,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":14,"dns":0,"connect":0,"send":0,"wait":115,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_1RSz28bRRSebS0O5YCgiLOFBAIEzq69dm16qAglqKIkIQ2KBOphZmfWHrKeWWZ2vY5PEZGg4uQDB-DC5nPS8KNC5Q8AKgcOVSUQi4SIRMOBvwAhVXBD61oKPGne-958c_je9-bd3fSYNJDSo9VX9UhGEV1o1tzqUxtScZ3Z6vJ61XNr7vnqhlQt_3x1WCYzeN5r-DX36erLItjUC3XXc13P9apL0ohQDxdmLGR8o-PVOm7Nr9e8po-h-X9vUweWOuCDY_IIJC8e-iN8EzKYQvVvXhR2M9Hxsy_104gm2mDAD15Xm0pnCv0TGBoHoTqYv4a2BSEfnoJWB_MJoAd75QRgsiCnHrsLpg7mMsEG-_eVsghCgfEHkQ2mENEUkk4R6B1I_hMBAo7lFaj-9WVtMrp1n6UlW5DKvb8gs4JU7j4K1f9yMZLD6hUdpYnUymIY5pDDKWR3ijg9RDJyILNDBMk7kPwHsnDvMlR_b8VGGpLns-llOAW1DtLySAdp6CCNHfT5UdV3237g0UYr7PDgnOtT3-eCuZ123XVpJziHNChljZHEYwTRGIHZRmy2sSnHMOkt2F4Oyx3YpCDOa9sY8ByZIMgsQUYJMkmQJQTZIN_nka3b_DqPbMq8ea3PayOf6KS7S_d10hWKgJoxDM_3ZPy23UGQnJ6MQssnukyUJfmEMp7vxsfk4dI1570nf8OmOKrysN0UjHHW8BvtVkt4bd7kos5aIa_7db8DK3NIe2pmyEgWZOnnvxHLgjxx8zYYPYSNDhHI06CpB5rloL0cI3X0eE_0RC9lz9HApl69UYu3kp5WVG1lPWFELdB9cJ0jTipItpzd6JicnaytL96a7fTqr99CBHfIPBCYHLHJ8Zb8jqAbXZus6YzsrenMkq9W4kT25YiW-76S0EQ88PkrYivThl-6aMefvRCURAlvrAubXKaKS9W15ItFybkwS9oEgnx9yW4Itpra3mJqVBpfXn1x6VI_NsJaqdUUVBbkzJ_vI5AFOfvNJ7O_3HzmdwTxNmx8otNqAhY7iCRBJE7uKcth_9OzE7xrr6FrKqDJDlQ_x8DkGEQ5aDSGTc9MktjcuXD7ozI-BosqExaZyh6LTPTBzKeCvPHphRJ9X5Crv_wIK4-qzTprtNrtlghbPGzwRr3BO01XdHzaafkdv4nEFnLpn41_AwAA___g1rNAfQQAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.025Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz28bRRSebS0O5YCgiLOFBAIEzq69dm16qAglqKIkIQ2KBOphZmfWHrKeWWZ2vY5PEZGg4uQDB-DC5nPS8KNC5Q8AKgcOVSUQi4SIRMOBvwAhVXBD61oKPGne-958c_je9-bd3fSYNJDSo9VX9UhGEV1o1tzqUxtScZ3Z6vJ61XNr7vnqhlQt_3x1WCYzeN5r-DX36erLItjUC3XXc13P9apL0ohQDxdmLGR8o-PVOm7Nr9e8po-h-X9vUweWOuCDY_IIJC8e-iN8EzKYQvVvXhR2M9Hxsy_104gm2mDAD15Xm0pnCv0TGBoHoTqYv4a2BSEfnoJWB_MJoAd75QRgsiCnHrsLpg7mMsEG-_eVsghCgfEHkQ2mENEUkk4R6B1I_hMBAo7lFaj-9WVtMrp1n6UlW5DKvb8gs4JU7j4K1f9yMZLD6hUdpYnUymIY5pDDKWR3ijg9RDJyILNDBMk7kPwHsnDvMlR_b8VGGpLns-llOAW1DtLySAdp6CCNHfT5UdV3237g0UYr7PDgnOtT3-eCuZ123XVpJziHNChljZHEYwTRGIHZRmy2sSnHMOkt2F4Oyx3YpCDOa9sY8ByZIMgsQUYJMkmQJQTZIN_nka3b_DqPbMq8ea3PayOf6KS7S_d10hWKgJoxDM_3ZPy23UGQnJ6MQssnukyUJfmEMp7vxsfk4dI1570nf8OmOKrysN0UjHHW8BvtVkt4bd7kos5aIa_7db8DK3NIe2pmyEgWZOnnvxHLgjxx8zYYPYSNDhHI06CpB5rloL0cI3X0eE_0RC9lz9HApl69UYu3kp5WVG1lPWFELdB9cJ0jTipItpzd6JicnaytL96a7fTqr99CBHfIPBCYHLHJ8Zb8jqAbXZus6YzsrenMkq9W4kT25YiW-76S0EQ88PkrYivThl-6aMefvRCURAlvrAubXKaKS9W15ItFybkwS9oEgnx9yW4Itpra3mJqVBpfXn1x6VI_NsJaqdUUVBbkzJ_vI5AFOfvNJ7O_3HzmdwTxNmx8otNqAhY7iCRBJE7uKcth_9OzE7xrr6FrKqDJDlQ_x8DkGEQ5aDSGTc9MktjcuXD7ozI-BosqExaZyh6LTPTBzKeCvPHphRJ9X5Crv_wIK4-qzTprtNrtlghbPGzwRr3BO01XdHzaafkdv4nEFnLpn41_AwAA___g1rNAfQQAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: dbc5ff90e34d195df05627bb00e69387\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":496,"timings":{"blocked":206,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":192},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSu3h08rAfRFc-DoKygk-6ZntkZ97AY18hiTGI2ElD2UNVVPVOmp6qt6p6ezCkY0MXTHDyoFzvfJBt_LLL-Aeoy0cOyoNiCGHBz8Q8QERa9SScD0Qf13vfqq8P3vlfv7qRHpIGUHq68qkcyiuhcs-ZWL6xLxXVmq0trVc-tuZeq61K1_EvVYZnM4Hmv4dfcZ6ovi2BDz9Vdz3U916suSCNCPZw7ZiHjWx2v1nFrfr3mNX0Mzf97mzqw1AEfHJHHIHnxyO_hm5DBFKp_-4qwG4mOn32pn0Y00QYDvv-62lA6U-ifwtA4CNX-7DW0LQj58Ay02p9NAD3YLScAkwU588R9MLU_kwk22DtRyiIIBcYfRjaYQkRTSDpFoLch-U8ECDiWlqH6N5e0yejmCUtLtiCVB39BZgWp3H8cqv_lfCSH1Ws6ShOplcUwzCGHU8juFHF6gGTkQGYHCJJ3IPkPZO7BIlR_d9lGGpLnx9PLcApqHaTlkQ7S0EEaO-jzw6rvtv3Ao41W2OHBRdenvs8FczvtuuvSTnARaVDKGiOJxwiiMQKzhdhsYUOOYdI7sL0cljuwSUGc17Yw4DkyQZBZgowSZJIgSwiyQb7HI1u3-U0e2ZR5s1qf1UY-0Ul3h-7ppCsUATVjGJ7vyvhtu40gOTsZhZZPdJkoS_IJZTzfiY_Io6VrzntP_4YNcVjlYbspGOOs4TfarZbw2rzJRZ21Ql73634HVuaQ9syxISNZkIWf_0YsC_LU7btg9AA2OkAgz4KmHmiWg_ZyjNThkz3RE72UPUcDm3r1Ri3eTHpaUbWZ9YQRtUD3wXWOOKkg2XR2oiNyfrK6Nn_neKfXf_kRIrhHZoHA5IhNjrfkdwTd6MZkVWdkd1Vnlny1HCeyL0e03Pe1hCbioc9fEZuZNvzqFTv-7IWgJEp4a03YZJEqLlXXki_mJefCLGgTCPL1Vbsu2Epqe_OpUWm8uPLiwtV-bIS1UqspqCzIuT_fRyALcv6bT47_cvPCHwjiLdj4VKfVBCyuIJIEkTi9pyyH_U_PTvGOvYGuqYAm21D9HAOTYxDloNEYNj03SWJz7_Ldj8r4GCyqTFhkKrssMtEHBbn-67cFeePTyyX6_sQ2Kw-rzTprtNrtlghbPGzwRr3BO01XdHzaafkdv4nEFnLhn_V_AwAA___ufLgQfQQAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.032Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSu3h08rAfRFc-DoKygk-6ZntkZ97AY18hiTGI2ElD2UNVVPVOmp6qt6p6ezCkY0MXTHDyoFzvfJBt_LLL-Aeoy0cOyoNiCGHBz8Q8QERa9SScD0Qf13vfqq8P3vlfv7qRHpIGUHq68qkcyiuhcs-ZWL6xLxXVmq0trVc-tuZeq61K1_EvVYZnM4Hmv4dfcZ6ovi2BDz9Vdz3U916suSCNCPZw7ZiHjWx2v1nFrfr3mNX0Mzf97mzqw1AEfHJHHIHnxyO_hm5DBFKp_-4qwG4mOn32pn0Y00QYDvv-62lA6U-ifwtA4CNX-7DW0LQj58Ay02p9NAD3YLScAkwU588R9MLU_kwk22DtRyiIIBcYfRjaYQkRTSDpFoLch-U8ECDiWlqH6N5e0yejmCUtLtiCVB39BZgWp3H8cqv_lfCSH1Ws6ShOplcUwzCGHU8juFHF6gGTkQGYHCJJ3IPkPZO7BIlR_d9lGGpLnx9PLcApqHaTlkQ7S0EEaO-jzw6rvtv3Ao41W2OHBRdenvs8FczvtuuvSTnARaVDKGiOJxwiiMQKzhdhsYUOOYdI7sL0cljuwSUGc17Yw4DkyQZBZgowSZJIgSwiyQb7HI1u3-U0e2ZR5s1qf1UY-0Ul3h-7ppCsUATVjGJ7vyvhtu40gOTsZhZZPdJkoS_IJZTzfiY_Io6VrzntP_4YNcVjlYbspGOOs4TfarZbw2rzJRZ21Ql73634HVuaQ9syxISNZkIWf_0YsC_LU7btg9AA2OkAgz4KmHmiWg_ZyjNThkz3RE72UPUcDm3r1Ri3eTHpaUbWZ9YQRtUD3wXWOOKkg2XR2oiNyfrK6Nn_neKfXf_kRIrhHZoHA5IhNjrfkdwTd6MZkVWdkd1Vnlny1HCeyL0e03Pe1hCbioc9fEZuZNvzqFTv-7IWgJEp4a03YZJEqLlXXki_mJefCLGgTCPL1Vbsu2Epqe_OpUWm8uPLiwtV-bIS1UqspqCzIuT_fRyALcv6bT47_cvPCHwjiLdj4VKfVBCyuIJIEkTi9pyyH_U_PTvGOvYGuqYAm21D9HAOTYxDloNEYNj03SWJz7_Ldj8r4GCyqTFhkKrssMtEHBbn-67cFeePTyyX6_sQ2Kw-rzTprtNrtlghbPGzwRr3BO01XdHzaafkdv4nEFnLhn_V_AwAA___ufLgQfQQAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 0\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f482017c40ceadde4cd8f683ef3f29f1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":657,"timings":{"blocked":267,"dns":6,"connect":93,"send":0,"wait":97,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","fqdn":"hehehub-acsu123.pythonanywhere.com","domain":"hehehub-acsu123.pythonanywhere.com","tld":"pythonanywhere.com"},"ip":{"addr":"35.173.69.207","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-12-20T19:30:30.012Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.pythonanywhere.com","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Wed, 10 Dec 2025 12:27:37 GMT","end":"Tue, 10 Mar 2026 12:27:36 GMT"},"fingerprint":{"sha1":"3F:C3:72:83:D0:DC:ED:70:8B:88:69:0B:D1:00:62:30:95:C9:DC:44","sha256":"70:3F:A8:B5:19:C3:81:C7:F6:59:C9:DA:E5:1C:5B:7F:41:AB:6D:4D:16:53:5A:37:6D:04:BD:ED:1E:CA:37:E5"}}},"request":{"raw":"GET /api/getkey?hwid=1766287809.8803766 HTTP/1.1\r\nHost: hehehub-acsu123.pythonanywhere.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nDate: Sat, 20 Dec 2025 19:30:30 GMT\r\nContent-Type: text/html; charset=utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nVary: Accept-Encoding\r\nX-Clacks-Overhead: GNU Terry Pratchett\r\nContent-Encoding: gzip\r\nServer: PythonAnywhere\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Python","description":"Python is an interpreted and general-purpose programming language.","website":"https://python.org","common_platform_enumeration":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","icon":"Python.png","categories":["Programming languages"]},{"name":"PythonAnywhere","description":"PythonAnywhere is an online integrated development environment (IDE) and web hosting service (Platform as a service) based on the Python programming language.","website":"https://www.pythonanywhere.com","common_platform_enumeration":"","icon":"PythonAnywhere.svg","categories":["PaaS","Hosting"]}],"data":{"size":14215,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text","md5":"7a0ad75b333cbde2ddc55f76102d5d99","sha1":"7862118bc8de8f365a203a594c3e1cdead980dc4","sha256":"138f4e4af504c1966689c4585055f63aba6037650c9c04d27ef9b83f16d44069","sha512":"817582bdd78e884b17803c8a35e5fb5ec90945087a583e845d2b7280d04cf031139817da714b65f0f043d9fda09b26e9d559445d8ff0bda79a734a256c9dc1ec","ssdeep":"192:BS+oWchPJcZQYYAQDn6uu+kTb1wTMPCTPqKcezrd8P/Q6TYA9DM6NynLyJugbVZh:b+Y+SWRgtOmu5mh","tlshash":"1252859a6cf71475a417a0691bfb8b4933389103b107cc3c3acd524c9fc5a98dce6798","first_seen":"2025-12-20T19:31:04.626488Z","last_seen":"2026-03-08T12:40:28.67963Z","times_seen":5,"resource_available":true,"data":null}},"time_used":505,"timings":{"blocked":200,"dns":1,"connect":93,"send":0,"wait":104,"receive":0,"ssl":104},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.215Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /1b/50/e5/1b50e57a5911fd0a5b46962ab48ca22b.js HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 133515ede0ac8303e5a41f7f864e53a1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":720,"timings":{"blocked":302,"dns":0,"connect":96,"send":0,"wait":109,"receive":7,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/sbar.json?key=e02ee106ac9f7f9a067c81c19bdc3c60\u0026uuid=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4%3A3%3A1","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /sbar.json?key=e02ee106ac9f7f9a067c81c19bdc3c60\u0026uuid=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4%3A3%3A1 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: text/plain; charset=utf-8\r\nContent-Length: 4331\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4:3:1; expires=Sat, 27 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\npdhtkv29=true; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nuncs29=1; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nu_pl25634495=1; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nslece02ee106ac9f7f9a067c81c19bdc3c60=[6308900]; expires=Sat, 20 Dec 2025 19:30:37 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 133\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c50f6312ceebed29e879f2aa9ec02cbd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5890,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"JSON text data","md5":"082b9cc5401d2a1d1383b29855641c0e","sha1":"167bb96482cd022a04ef710b6792ebb9889295f0","sha256":"bcc63a62e3be3f05093fb311962c8d0e285194f3829f24fe89f86434b0741303","sha512":"3eb6919cbebfaf7bd1ed43875898f3ad232a6856aa4abf2f6470682656d39082d35df92522b8430786f574955890ddf159db7a2b65b6ef7d031e79815c435863","ssdeep":"96:9zmRYuhGI+MHVF4RDkz+d99rXapfJrJItXjXKFf71xQTzYuuA7PDNxpXb:9zoGXM1JYjXKR7GVN","tlshash":"e4c19fdb48644df47bd344cc03978ef84d8c39894d68bb69cad3850f81564a42efa604","first_seen":"2025-12-20T19:31:04.628647Z","last_seen":"2025-12-20T19:31:04.628647Z","times_seen":1,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":227,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRit2Swe4kE04nkQFRWd7V8zmTYHcY0rwZjEJLKHEKS6q3qn3J6qtqp6endPwUAMnubgQb3Y82ayazRIPAoqYdZLCCi2IC4ke_EvECHoTXoysHqyoF9933t9eO_rr6-M8n3iI6d7Z95UWyJN6VK75TSfXRWSqcI0T51vuk7LOdZcFbITHGtu1KAHL7l-0HKea77O43W15Dmu47iO21wRmidqY2mmQmQ3QrcVOq3Aa7ntABv6v73JF2DoAthgnzwGwapHfk8uQMRTyP7N49ysW5W98Fo_T6lVGgO287Zcl6qQ6B-UiW4gkTvzt6FMRcjHC1ByZ54AajCpEyASFVl44h4iuTO3iWhw7YHTKAWXiNjDKAZT8HQKQaeI1WUI9jMBYoZTpyH726eULujmA5XWakUW7_8JUVRk8d7jkP2vllOx0Tyn0twKJQ02khJiYwqxNkWWT2G3GhDFLmL7PgT7kSzdPwnZn5w2qYJg5Sy9SKagpoG8fkQDedJAnjXQZ3vNwOkGsUv9ThKy-KgT0CBgPHLCruc4NIyPIo9rW0PYbIg4HSLWV7Yz1rPrg4nVOZ_kMjYj9_MHVBDOyO2aDMKReyN_J0u9dscP2l4wcveekimPWdJt8yhikR_43U6Hu13WZtyLOgnzAi8Ir19oh4Hru-5FZPoS1sUQOr8F0yth2AKMrUjjrUsYsBIFJygMQUEJCkFQWIJiUF5jqfFMuc1Sk0fu_Pbmt1-OlV0b0WvKrnFJQPUQmpUTkb1nLiO2h8ZbiWFjVQONbDmmEStH2T55tP48jQ-euYt1vtf8vxQwooQwC7PJb4mKrPzyFzJRkadv3kZEd2HSXcTiEGjughYlaK_Eltx7ssd7vJdHL9LY5K7nt7JN21OSys2ixzVvxaoPpkpkdhF2szFK98mR8dnzy7dmy3Pxt2_B4ztkfhDrEpku8a74gWAtvTo-qwoyOasKQ74-nVnRF1u0Xqxzllr-0Bdv8M1CaXbiuBlefyWuhbq8cZ4be5JKJuSaIV8uC8a4XlE65uS7E2aVR2dy01vOtcyzk2deXTnRzzQ3Rig5BRUVOfzHh4hFRY58_9nsp2k_fxdxdgkmO_BpFEGUNZAKgpQf8DQqYf7VRwf1yFzFml4EtZch-yUGusQgLUHTIUx-eGwzfefl25_U51NE6eI4SvXiJEp1-tFsTjXs1vBNRS7--hOM2Gu2vcjvdLsdnnRY4jPf81nYdngY0LAThEEb1lRi5e_VfwIAAP__Z4gwoOYEAAA=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.116Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRit2Swe4kE04nkQFRWd7V8zmTYHcY0rwZjEJLKHEKS6q3qn3J6qtqp6endPwUAMnubgQb3Y82ayazRIPAoqYdZLCCi2IC4ke_EvECHoTXoysHqyoF9933t9eO_rr6-M8n3iI6d7Z95UWyJN6VK75TSfXRWSqcI0T51vuk7LOdZcFbITHGtu1KAHL7l-0HKea77O43W15Dmu47iO21wRmidqY2mmQmQ3QrcVOq3Aa7ntABv6v73JF2DoAthgnzwGwapHfk8uQMRTyP7N49ysW5W98Fo_T6lVGgO287Zcl6qQ6B-UiW4gkTvzt6FMRcjHC1ByZ54AajCpEyASFVl44h4iuTO3iWhw7YHTKAWXiNjDKAZT8HQKQaeI1WUI9jMBYoZTpyH726eULujmA5XWakUW7_8JUVRk8d7jkP2vllOx0Tyn0twKJQ02khJiYwqxNkWWT2G3GhDFLmL7PgT7kSzdPwnZn5w2qYJg5Sy9SKagpoG8fkQDedJAnjXQZ3vNwOkGsUv9ThKy-KgT0CBgPHLCruc4NIyPIo9rW0PYbIg4HSLWV7Yz1rPrg4nVOZ_kMjYj9_MHVBDOyO2aDMKReyN_J0u9dscP2l4wcveekimPWdJt8yhikR_43U6Hu13WZtyLOgnzAi8Ir19oh4Hru-5FZPoS1sUQOr8F0yth2AKMrUjjrUsYsBIFJygMQUEJCkFQWIJiUF5jqfFMuc1Sk0fu_Pbmt1-OlV0b0WvKrnFJQPUQmpUTkb1nLiO2h8ZbiWFjVQONbDmmEStH2T55tP48jQ-euYt1vtf8vxQwooQwC7PJb4mKrPzyFzJRkadv3kZEd2HSXcTiEGjughYlaK_Eltx7ssd7vJdHL9LY5K7nt7JN21OSys2ixzVvxaoPpkpkdhF2szFK98mR8dnzy7dmy3Pxt2_B4ztkfhDrEpku8a74gWAtvTo-qwoyOasKQ74-nVnRF1u0Xqxzllr-0Bdv8M1CaXbiuBlefyWuhbq8cZ4be5JKJuSaIV8uC8a4XlE65uS7E2aVR2dy01vOtcyzk2deXTnRzzQ3Rig5BRUVOfzHh4hFRY58_9nsp2k_fxdxdgkmO_BpFEGUNZAKgpQf8DQqYf7VRwf1yFzFml4EtZch-yUGusQgLUHTIUx-eGwzfefl25_U51NE6eI4SvXiJEp1-tFsTjXs1vBNRS7--hOM2Gu2vcjvdLsdnnRY4jPf81nYdngY0LAThEEb1lRi5e_VfwIAAP__Z4gwoOYEAAA= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 573c3a0c2638da50c0ac714c697287e7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":310,"timings":{"blocked":214,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTzYscxRuu2Sy_Q34H0YjnQVRUdLa_ZjJtDuIaV4IxiUlkDyFIdVf1Trk9VW1V9fTunoKBGDzNwYN6seeZya7RIPEoqIRZLyGg2II4YPbiXyBC0Jv07MLqyRf6_XiePjzP229fG-V7xEdOZ-deV1siTelSu-U0n14VkqnCNM9cbLpOyznRXBWyE5xobtRJD15w_aDlPNN8lcfraslzXMdxHbe5IjRP1MbSnIXIboVuK3Ragddy2wE29L9nky_A0AWwwR55BIJVD_2WXIKIp5D92ye5Wbcqe-6Vfp5SqzQGbOdNuS5VIdE_bBPdQCJ3Dt6GMhUhHy5AyZ0DB1CDSe0AkajIwmP3EcmdA5mIBjf2lUYpuETE_o9iMAVPpxB0ilhdhWA_EiBmOHMWsr99RumCbu6ztGYrsvjgD4iiIov3H4Xsf7Gcio3mBZXmVihpsJGUEBtTiLUpsnwKu9WAKHYR23ch2Pdk6cFpyP7krEkVBCvn7kUyBTUN5PUjGsiTBvKsgT6bNQOnG8Qu9TtJyOLjTkCDgPHICbue49AwPo48rmUNYbMh4nSIWF_bzljPrg8mVud8ksvYjNxP96EgnIPbNRiEI_dW_laWeu2OH7S9YOTOnpApj1nSbfMoYpEf-N1Oh7td1mbcizoJ8wIvCG9eaoeB67vuZWT6CtbFEDq_A9MrYdgCjK1I440rGLASBScoDEFBCQpBUFiCYlDeYKnxTLnNUpNH7kH1DqpfjpVdG9Ebyq5xSUD1EJqVE5G9Y64itkfGW4lhY1UnGtlyTCNWjrI98nD9eRrvPfUr1vms-V8uYEQJYRbmm98SFVn56U9koiJP3r6LiO7CpLuIxRHQ3AUtStBeiS05e7zHe7yXR8_T2OSu57eyTdtTksrNosc1b8WqD6ZKZHYRdrMxSvfIsfH5i8t35sdz-ZevwON75CAQ6xKZLvG2-I5gLb0-Pq8KMjmvCkO-PJtZ0RdbtD6sC5Za_r_PXuObhdLs1EkzvPlSXBN1e-siN_Y0lUzINUM-XxaMcb2idMzJN6fMKo_O5aa3nGuZZ6fPvbxyqp9pboxQcgoqKnL09_cRi4oc-_aT-U_TfnaGOLsCkx3qNIogyo4gFQQpP8RpVML8Y44O-5G5jjW9CGqvQvZLDHSJQVqCpkOY_OjYZvrei3c_quNjROniOEr14iRKdfpBvaev67Q731hFLv_8A4yYNdte5He63Q5POizxme_5LGw7PAxo2AnCoA1rKrHy1-rfAQAA__9AGumI5gQAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.131Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTzYscxRuu2Sy_Q34H0YjnQVRUdLa_ZjJtDuIaV4IxiUlkDyFIdVf1Trk9VW1V9fTunoKBGDzNwYN6seeZya7RIPEoqIRZLyGg2II4YPbiXyBC0Jv07MLqyRf6_XiePjzP229fG-V7xEdOZ-deV1siTelSu-U0n14VkqnCNM9cbLpOyznRXBWyE5xobtRJD15w_aDlPNN8lcfraslzXMdxHbe5IjRP1MbSnIXIboVuK3Ragddy2wE29L9nky_A0AWwwR55BIJVD_2WXIKIp5D92ye5Wbcqe-6Vfp5SqzQGbOdNuS5VIdE_bBPdQCJ3Dt6GMhUhHy5AyZ0DB1CDSe0AkajIwmP3EcmdA5mIBjf2lUYpuETE_o9iMAVPpxB0ilhdhWA_EiBmOHMWsr99RumCbu6ztGYrsvjgD4iiIov3H4Xsf7Gcio3mBZXmVihpsJGUEBtTiLUpsnwKu9WAKHYR23ch2Pdk6cFpyP7krEkVBCvn7kUyBTUN5PUjGsiTBvKsgT6bNQOnG8Qu9TtJyOLjTkCDgPHICbue49AwPo48rmUNYbMh4nSIWF_bzljPrg8mVud8ksvYjNxP96EgnIPbNRiEI_dW_laWeu2OH7S9YOTOnpApj1nSbfMoYpEf-N1Oh7td1mbcizoJ8wIvCG9eaoeB67vuZWT6CtbFEDq_A9MrYdgCjK1I440rGLASBScoDEFBCQpBUFiCYlDeYKnxTLnNUpNH7kH1DqpfjpVdG9Ebyq5xSUD1EJqVE5G9Y64itkfGW4lhY1UnGtlyTCNWjrI98nD9eRrvPfUr1vms-V8uYEQJYRbmm98SFVn56U9koiJP3r6LiO7CpLuIxRHQ3AUtStBeiS05e7zHe7yXR8_T2OSu57eyTdtTksrNosc1b8WqD6ZKZHYRdrMxSvfIsfH5i8t35sdz-ZevwON75CAQ6xKZLvG2-I5gLb0-Pq8KMjmvCkO-PJtZ0RdbtD6sC5Za_r_PXuObhdLs1EkzvPlSXBN1e-siN_Y0lUzINUM-XxaMcb2idMzJN6fMKo_O5aa3nGuZZ6fPvbxyqp9pboxQcgoqKnL09_cRi4oc-_aT-U_TfnaGOLsCkx3qNIogyo4gFQQpP8RpVML8Y44O-5G5jjW9CGqvQvZLDHSJQVqCpkOY_OjYZvrei3c_quNjROniOEr14iRKdfpBvaev67Q731hFLv_8A4yYNdte5He63Q5POizxme_5LGw7PAxo2AnCoA1rKrHy1-rfAQAA__9AGumI5gQAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 7\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 32abf47e1a59f0fabfad46fa8ad13a77\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":306,"timings":{"blocked":201,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c497c06ecdf179536d156e85438afbca\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-16T16:44:00.746642Z","times_seen":19002,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":114,"dns":1,"connect":26,"send":0,"wait":19,"receive":22,"ssl":82},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/f0/fb/23/f0fb231c3868f7f970a30d973f7bfa93/1756662127.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.041Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/f0/fb/23/f0fb231c3868f7f970a30d973f7bfa93/1756662127.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81446\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:42:07 GMT\r\netag: \"68b4896f-13e26\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81446,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:39:09], progressive, precision 8, 320x240, components 3","md5":"5cc1ea1ae22514d2a4e634a3fc00fc38","sha1":"17a827b9ae082506fe9d086fd2d006d0593ae5e8","sha256":"2a7d63fc873f793b91adea7c866b01e00bb59f075fc29953fd108f52fb5ede09","sha512":"9b57eb1e4bf4668182319d2f0bfa356c766de2afe94f188dc84054140014267d1f1ad0cf81b91421d88cdba16a9ad51b8acc87b9540c93c523bd66dd444304b5","ssdeep":"1536:LNkk6f2Nkk6fvhbg2DyMgTuF+faDypx3cvkYWMwjYz8+HjFOn:LZk2ZkJb+XTuF80sYWnYz8MjFQ","tlshash":"c183e125b3d1efb2e5d8973498a3c719f6219e45673760913e8db5a03fe2361da8c023","first_seen":"2025-09-02T19:18:23.934309Z","last_seen":"2026-05-30T22:14:17.864959Z","times_seen":1461,"resource_available":false,"data":null}},"time_used":484,"timings":{"blocked":-1,"dns":52,"connect":29,"send":0,"wait":65,"receive":46,"ssl":286},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTQYscRRSu2Qwe4kE04nkQlQg62z3dM5kxB3GNK8GYxCSyhxCkuqp6p9yeqraqenp3T8FADJ7m4EG92PPNZNfoIvEoqIRZLyGg2IK4YPbiDxARgt6kdxdWTxb0997rr3l83-tX18fZLgmQ0Z3zr-t1mSR0vt30GseXpOI6t42zlxq-1_RONpak6oQnG6sVmOELfhA2vWcbrwq2oudbnu95vuc3FqURsV6d32Mh062e3-x5zbDV9NshVs1_a5vNwdI58OEueQySl4_8Fl-GZDOowe1Twq44nT73yiBLqNMGQ775plpROlcYHKaxqSFWmwdfQ9uSkA_noNXmgQPo4bRygEiWZO6J-4jU5oFMRMOb-0qjBEIh4g8jH84gkhkknYHpa5D8RwIwjrPnoAYbZ7XJ6do-Syu2JPUHf0LmJanffxxq8MVCIlcbF3WSOamVxWpcQK7OIJdnSLMZ3HoNMt8Gc-9C8u_J_IMzUIPpOZtoSF7suZfxDNTWkFWPrCGLa8jSGgZ8pxF63ZD5NOjEPc5OeCENQy4ir9dteR7tsRPIWCVrBJeOwJIRmLn-acr7bmUY9qbOZGIjU8yGvbG_lb2VJq12JwjbrXDs7zylEsF43G2LKOJREAbdTkf4Xd7mohV1Yt4KW2Hv1uV2L_QD37-ysd91r-e06jn2kZqrWJEjmOwObL-A5XOwriS1N65iyAvkgiC3BDklyCVB7gjyYXGTJ7Zliw2e2CzyD2LrIAbFRLvlMb2p3bJQBNSMYHgxlek79hqYOzJZjy2f6Apo5IoJjXgxTnfJo9Xvqb33zK9YETuN_zMGKwtIO7c3-XVZksWf_kIqS_L07buI6DZssg0mj4BmPmhegPYLrKudJ_uiL_pZ9DxlNvNbQTNdc32tqFrL-8KIJtMDcF0gdXW4tdo42SXHJhcuLdzZW54rP_8Awe6RgwNmCqSmwNvyO4Ll5Mbkgs7J9ILOLfnyXOrkQK7TarEuOurEQ5-9JtZybfjpU3Z06yVWEVW6dUlYd4YqLtWyJZ8vSM6FWdSGCfLNabskovOZ7S9kRmXpmfMvL54epEZYK7WagcqSHP3jfTBZkmPffrJ3adrHfwdLr8KmhzqtJojSOhJJkIjD9zQqYP9VR4f52N7AsqmDumtQgwJDU2CYFKDJCDY7OnGpuffi3Y-q8zGipD6JElOfRolJPijJlV--rmC7gq_2x2blTiMORIt5XvdExw-6sfCDkLO43Q17vEO9IBBwtpSLfy_9EwAA__-08lts5gQAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTQYscRRSu2Qwe4kE04nkQlQg62z3dM5kxB3GNK8GYxCSyhxCkuqp6p9yeqraqenp3T8FADJ7m4EG92PPNZNfoIvEoqIRZLyGg2IK4YPbiDxARgt6kdxdWTxb0997rr3l83-tX18fZLgmQ0Z3zr-t1mSR0vt30GseXpOI6t42zlxq-1_RONpak6oQnG6sVmOELfhA2vWcbrwq2oudbnu95vuc3FqURsV6d32Mh062e3-x5zbDV9NshVs1_a5vNwdI58OEueQySl4_8Fl-GZDOowe1Twq44nT73yiBLqNMGQ775plpROlcYHKaxqSFWmwdfQ9uSkA_noNXmgQPo4bRygEiWZO6J-4jU5oFMRMOb-0qjBEIh4g8jH84gkhkknYHpa5D8RwIwjrPnoAYbZ7XJ6do-Syu2JPUHf0LmJanffxxq8MVCIlcbF3WSOamVxWpcQK7OIJdnSLMZ3HoNMt8Gc-9C8u_J_IMzUIPpOZtoSF7suZfxDNTWkFWPrCGLa8jSGgZ8pxF63ZD5NOjEPc5OeCENQy4ir9dteR7tsRPIWCVrBJeOwJIRmLn-acr7bmUY9qbOZGIjU8yGvbG_lb2VJq12JwjbrXDs7zylEsF43G2LKOJREAbdTkf4Xd7mohV1Yt4KW2Hv1uV2L_QD37-ysd91r-e06jn2kZqrWJEjmOwObL-A5XOwriS1N65iyAvkgiC3BDklyCVB7gjyYXGTJ7Zliw2e2CzyD2LrIAbFRLvlMb2p3bJQBNSMYHgxlek79hqYOzJZjy2f6Apo5IoJjXgxTnfJo9Xvqb33zK9YETuN_zMGKwtIO7c3-XVZksWf_kIqS_L07buI6DZssg0mj4BmPmhegPYLrKudJ_uiL_pZ9DxlNvNbQTNdc32tqFrL-8KIJtMDcF0gdXW4tdo42SXHJhcuLdzZW54rP_8Awe6RgwNmCqSmwNvyO4Ll5Mbkgs7J9ILOLfnyXOrkQK7TarEuOurEQ5-9JtZybfjpU3Z06yVWEVW6dUlYd4YqLtWyJZ8vSM6FWdSGCfLNabskovOZ7S9kRmXpmfMvL54epEZYK7WagcqSHP3jfTBZkmPffrJ3adrHfwdLr8KmhzqtJojSOhJJkIjD9zQqYP9VR4f52N7AsqmDumtQgwJDU2CYFKDJCDY7OnGpuffi3Y-q8zGipD6JElOfRolJPijJlV--rmC7gq_2x2blTiMORIt5XvdExw-6sfCDkLO43Q17vEO9IBBwtpSLfy_9EwAA__-08lts5gQAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 60c97317b0efead5f4e7e37bbe36c3e2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":217,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/watch.5084047548.js?key=8253a9c21e6081348abe9f05f9d8dea2\u0026kw=%5B%22get%22%2C%22key%22%2C%22hoho%22%2C%22hub%22%2C%22-%22%2C%22step%22%2C%221%22%5D\u0026refer=https%3A%2F%2Fhehehub-acsu123.pythonanywhere.com%2Fapi%2Fgetkey%3Fhwid%3D1766287809.8803766\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=0462ba9b-e333-4241-897c-6fc1638e041e%3A1%3A1\u0026shu=e047d0eefbff616db8998b24fa2bc6bd83df0f4bf8b9c6bd63f71f1dbb0d17747cff37ce290fd888a2751c81a7a1fcef4482a781fc2209a5090bf314fe8f6c1b944fccda66f25e4cf5dd19ded052fd75da2fded0f7056a732596a7\u0026pst=1766259091\u0026rmtc=t","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /watch.5084047548.js?key=8253a9c21e6081348abe9f05f9d8dea2\u0026kw=%5B%22get%22%2C%22key%22%2C%22hoho%22%2C%22hub%22%2C%22-%22%2C%22step%22%2C%221%22%5D\u0026refer=https%3A%2F%2Fhehehub-acsu123.pythonanywhere.com%2Fapi%2Fgetkey%3Fhwid%3D1766287809.8803766\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=0462ba9b-e333-4241-897c-6fc1638e041e%3A1%3A1\u0026shu=e047d0eefbff616db8998b24fa2bc6bd83df0f4bf8b9c6bd63f71f1dbb0d17747cff37ce290fd888a2751c81a7a1fcef4482a781fc2209a5090bf314fe8f6c1b944fccda66f25e4cf5dd19ded052fd75da2fded0f7056a732596a7\u0026pst=1766259091\u0026rmtc=t HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTYzNDI1NCwiayI6IjgyNTNhOWMyMWU2MDgxMzQ4YWJlOWYwNWY5ZDhkZWEyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NjQxNzg0LCJwaWQiOjI0NzAwODksImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoic2VhN2N2N2hndCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL2hlaGVodWItYWNzdTEyMy5weXRob25hbnl3aGVyZS5jb20vYXBpL2dldGtleT9od2lkPTE3NjYyODc4MDkuODgwMzc2NiIsInR6IjoxLCJhciI6W119fQ.3Ry_Yy0xCmV8wCO-uj-ZxFUZKtpgJ3r2U1mUaf2MXGU\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: text/html\r\nContent-Length: 3408\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=0462ba9b-e333-4241-897c-6fc1638e041e:1:1; expires=Sat, 27 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\npdhtkv=true; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\npdhtkv23=true; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nuncs23=1; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nu_pl25634254=1; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 19\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7b03d90bfa53a94519cd233fa592ed7d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4781,"size_decoded":0,"mime_type":"text/html","magic":"JavaScript source, ASCII text, with very long lines (3905)","md5":"a7302240ae4165218a079b2b0c739112","sha1":"b92b46d5f6531e670c5d8742c6bdb54bc3f5e201","sha256":"92e0a469b4bc4dc3fff0431c76a0857f0ed54fd2bf3781da7058d641b51be5b3","sha512":"b2833b439898725f818abef6f2b444aee50c7950be42764f1da23d88c7beea01416139138e8127f1c64ce0b271750d6ddd54bd085b942c2c2cebed0bebf0b3eb","ssdeep":"96:ztNqUozCqYOSnoak/X24paGBkk/9RVX5hJGWDPZqEiq1ZD+CfMEDaH:2zUOJ/TYGBkkFRlJ3DPJi+V+CkCaH","tlshash":"b4a11ab91dd2846d5466b0fb50bf90183e94b10b3e40ca09f89dea890b24be15db9dd9","first_seen":"2025-12-20T19:31:04.633457Z","last_seen":"2025-12-20T19:31:04.633457Z","times_seen":1,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":112,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSesy2KUCAIoj6hgADh8_668y0pECYYRYQkSoKCFEVodmbWN3hvZpnZvbVdAZFCRHUFBdCw993FTiBCoedHONNEkZA4Gk5K3PAXIKQIOrT2SYaKV3zvve_b4ntv31wd5HvER06nZ9_UWzJJ6FKz4dSfuygV14Wtn75Qd52Gc7x-UapWcLy-UYHpveT6QcN5vv66YOt6yXNcx3Edt74qjYj1xtK-CpneCt1G6DQCr-E2A2yY__Y2n4Olc-C9PfIEJJ889nt8CZKNobq3Twi7nun0xde6eUIzbdDjO2-pdaULhe5hGZsaYrUz-xraTgj5dA5a7cwmgO6NqgkQyQmZe-oBIrUzs4mod_3AaZRAKET8URS9MUQyhqRjMH0Fkv9CAMZx-gxUd_u0NgXdPFBppU7IwsM_IYsJWXjwJFT365VEbtTP6yTPpFYWG3EJuTGGXBsjzcfItmqQxS5Y9iEk_5ksPTwF1R2dsYmG5NNjNBZhHLabi2EzDBYDP6aLYdsVi37s0mjZc1teM9xfkYzHoHYeua0hlzXkcQ15WkOXT-uB0w6YS_1WHHK27AQ0CLiInLDtOQ4N2TJyVnnvI0v7YEkfzFzdTnknW--NMpOLUa6YHbg3Dqgg3Ce3KzIIB-6t_J008ZotP2h6wcCdHlOJYDxuN0UU8cgP_HarJdw2b3LhRa2Ye4EXhDcvNcPA9V33MlLzwQ3uLws_YsEgwrrsw-R3YDslLK_BZgQ9XqIQBIUlKChBIQmKjKDoldd5Yj1bbvPE5pE7y94s--VQZ2sDel1na0IRUNOH4eVIpu_ZK2DZ_HArtnyoK6BRVg5pxMtBukcer35l7aNn72NdTOv_NwysLCHtHKitYUtOyOqvfyGVE_LM7buI6C5ssgsm50FzF7QoQTslttT06Y7oiE4eLVJmc9fzG-lm1tGKqs2iI4xoMN0F1yXSbAHZZm2Q7JGjw3MXVu7sH9rl376FYPfILMBMidSUeFf-RLCWXBue0wUZndOFJd-cSTPZlVu0OsLzGc3EI1--ITYLbfjJE7Z_8xVWCVV564Kw2SmquFRrlny1IjkXZlUbJsh3J-1FEZ3NbWclNypPT519dfVkNzXCWqnVGFROyJE_PgaTE3L0-y_2H1jzhftg6fuw6aFPqwmidB6JJEjEIU-jEvZffXRYD-w1rJkF0OwKVLdEz5ToJSVo0ofNjwyz1Nx7-e5nVXyOKFkYRolZGEWJST6p9vRDBT_ub6yCXVg5rce-8JjjtJdbrt-OhesHnMXNdhDyFnV8XyCzE7n699v_BAAA__8eTZ9OEgUAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSesy2KUCAIoj6hgADh8_668y0pECYYRYQkSoKCFEVodmbWN3hvZpnZvbVdAZFCRHUFBdCw993FTiBCoedHONNEkZA4Gk5K3PAXIKQIOrT2SYaKV3zvve_b4ntv31wd5HvER06nZ9_UWzJJ6FKz4dSfuygV14Wtn75Qd52Gc7x-UapWcLy-UYHpveT6QcN5vv66YOt6yXNcx3Edt74qjYj1xtK-CpneCt1G6DQCr-E2A2yY__Y2n4Olc-C9PfIEJJ889nt8CZKNobq3Twi7nun0xde6eUIzbdDjO2-pdaULhe5hGZsaYrUz-xraTgj5dA5a7cwmgO6NqgkQyQmZe-oBIrUzs4mod_3AaZRAKET8URS9MUQyhqRjMH0Fkv9CAMZx-gxUd_u0NgXdPFBppU7IwsM_IYsJWXjwJFT365VEbtTP6yTPpFYWG3EJuTGGXBsjzcfItmqQxS5Y9iEk_5ksPTwF1R2dsYmG5NNjNBZhHLabi2EzDBYDP6aLYdsVi37s0mjZc1teM9xfkYzHoHYeua0hlzXkcQ15WkOXT-uB0w6YS_1WHHK27AQ0CLiInLDtOQ4N2TJyVnnvI0v7YEkfzFzdTnknW--NMpOLUa6YHbg3Dqgg3Ce3KzIIB-6t_J008ZotP2h6wcCdHlOJYDxuN0UU8cgP_HarJdw2b3LhRa2Ye4EXhDcvNcPA9V33MlLzwQ3uLws_YsEgwrrsw-R3YDslLK_BZgQ9XqIQBIUlKChBIQmKjKDoldd5Yj1bbvPE5pE7y94s--VQZ2sDel1na0IRUNOH4eVIpu_ZK2DZ_HArtnyoK6BRVg5pxMtBukcer35l7aNn72NdTOv_NwysLCHtHKitYUtOyOqvfyGVE_LM7buI6C5ssgsm50FzF7QoQTslttT06Y7oiE4eLVJmc9fzG-lm1tGKqs2iI4xoMN0F1yXSbAHZZm2Q7JGjw3MXVu7sH9rl376FYPfILMBMidSUeFf-RLCWXBue0wUZndOFJd-cSTPZlVu0OsLzGc3EI1--ITYLbfjJE7Z_8xVWCVV564Kw2SmquFRrlny1IjkXZlUbJsh3J-1FEZ3NbWclNypPT519dfVkNzXCWqnVGFROyJE_PgaTE3L0-y_2H1jzhftg6fuw6aFPqwmidB6JJEjEIU-jEvZffXRYD-w1rJkF0OwKVLdEz5ToJSVo0ofNjwyz1Nx7-e5nVXyOKFkYRolZGEWJST6p9vRDBT_ub6yCXVg5rce-8JjjtJdbrt-OhesHnMXNdhDyFnV8XyCzE7n699v_BAAA__8eTZ9OEgUAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b54d7e382c21ec84401806cc8366e2f4\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":476,"timings":{"blocked":377,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/ren.gif?sid=H4sIAAAAAAAC_1RSTWgkRRit3uSkB1EXb8Igq6xoJt3TPT_tHoJxjQRjEpJIBC9WV1XPlOnpaqu6pydzCgZ0j-PNv0PnTbJBXWQ9epBdJl4koDh7msPm4F48CsqqN5lkYPEdvu8rXlG89-r76CA7Iy4yOl5_S_VkFNH5atkuXd2WMVe5Ka1ulRy7bF8rbcu45l0rdSdFd15xXK9sv1h6Q7AdNV-xHdt2bKe0JLUIVXf-nIVMbvlO2bfLXqXsVD109f_PJrNgqAXeOSNPQfLREw_CdyHZEHH79nVhdlKVvPx6O4toqjQ6_PjteCdWeYz2ozHUFsL4eHobyowI-fQSVHw8dQDVOZw4QCBH5NIz9xHEx1OZCDpHF0qDCCJGwB9H3hlCRENIOgRT-5D8VwIwjtU1xO2bq0rndPeCpRN2RGYf_gmZj8js_cuI298uRrJb2lRRlkoVG3TDArI7hGwOkWQnSHsWZH4Cln4IyX8m8w9XELcP10ykIPn4iuPVXS-ktTkncBpzHvW8ORraYi6oibARirrwA-88IhkOQc0MMmMhkxay0EKWWGjzccmzGx5zqFsLfc7q9uQVLgLbb1Rsm_qsjoxNtPeRJn2wqA-m95DoPezIPnR2F6ZVwHALJiXo8AK5IMgNQU4JckmQpwR5pzjikamY4iaPTBY4016ZdrcYqLR5QI9U2hQxAdV9aF4cyuQDsw-Wzgx6oeEDNSk0SIsBDXhxkJyRJyexWh-_cAc7YlwSdkUIx65R5of10Kd2rc4aDnP8gDOX1WwYWUCaS6DGQk-OyNK9f5DIEXn-9k8I6AlMdAImZ0CzZ0HzArRVoBePn2uJlmhlwRxlJnMqbjnZTVsqpvFu3hJalJlqg6sCSTqLdNc6iM7I04ONrcW755_-3vUrEOx04fcvjh5s_v0LmC6Q6ALvyx8JmtGNwYbKyeGGyg35bi1JZVv26GQhNlOaitmv3xS7udJ8-brpf_UqmxCT8daWMOkKjbmMm4Z8syg5F3pJaSbID8tmWwTrmWktZjrOkpX115aW24kWxkgVD0HliDz25UtgckQuX104X_bqX7-BJXswyenC959N8DmMIggSC5EkiMQpmQI0KGDEIz-BOL3zxwV3YG6gqS3QdB9xu0BHF-hEBWjUh8lmBmmiTxfuuedAEFmDINLWYRDp6JOLnIwcl6qVwK01GjUR1njocrficr9qC9-jfs3zvSpSM5JL_77zXwAAAP__ZXGg4o8EAAA=","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.333Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSTWgkRRit3uSkB1EXb8Igq6xoJt3TPT_tHoJxjQRjEpJIBC9WV1XPlOnpaqu6pydzCgZ0j-PNv0PnTbJBXWQ9epBdJl4koDh7msPm4F48CsqqN5lkYPEdvu8rXlG89-r76CA7Iy4yOl5_S_VkFNH5atkuXd2WMVe5Ka1ulRy7bF8rbcu45l0rdSdFd15xXK9sv1h6Q7AdNV-xHdt2bKe0JLUIVXf-nIVMbvlO2bfLXqXsVD109f_PJrNgqAXeOSNPQfLREw_CdyHZEHH79nVhdlKVvPx6O4toqjQ6_PjteCdWeYz2ozHUFsL4eHobyowI-fQSVHw8dQDVOZw4QCBH5NIz9xHEx1OZCDpHF0qDCCJGwB9H3hlCRENIOgRT-5D8VwIwjtU1xO2bq0rndPeCpRN2RGYf_gmZj8js_cuI298uRrJb2lRRlkoVG3TDArI7hGwOkWQnSHsWZH4Cln4IyX8m8w9XELcP10ykIPn4iuPVXS-ktTkncBpzHvW8ORraYi6oibARirrwA-88IhkOQc0MMmMhkxay0EKWWGjzccmzGx5zqFsLfc7q9uQVLgLbb1Rsm_qsjoxNtPeRJn2wqA-m95DoPezIPnR2F6ZVwHALJiXo8AK5IMgNQU4JckmQpwR5pzjikamY4iaPTBY4016ZdrcYqLR5QI9U2hQxAdV9aF4cyuQDsw-Wzgx6oeEDNSk0SIsBDXhxkJyRJyexWh-_cAc7YlwSdkUIx65R5of10Kd2rc4aDnP8gDOX1WwYWUCaS6DGQk-OyNK9f5DIEXn-9k8I6AlMdAImZ0CzZ0HzArRVoBePn2uJlmhlwRxlJnMqbjnZTVsqpvFu3hJalJlqg6sCSTqLdNc6iM7I04ONrcW755_-3vUrEOx04fcvjh5s_v0LmC6Q6ALvyx8JmtGNwYbKyeGGyg35bi1JZVv26GQhNlOaitmv3xS7udJ8-brpf_UqmxCT8daWMOkKjbmMm4Z8syg5F3pJaSbID8tmWwTrmWktZjrOkpX115aW24kWxkgVD0HliDz25UtgckQuX104X_bqX7-BJXswyenC959N8DmMIggSC5EkiMQpmQI0KGDEIz-BOL3zxwV3YG6gqS3QdB9xu0BHF-hEBWjUh8lmBmmiTxfuuedAEFmDINLWYRDp6JOLnIwcl6qVwK01GjUR1njocrficr9qC9-jfs3zvSpSM5JL_77zXwAAAP__ZXGg4o8EAAA= HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: uid_id2=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25634495=1; slece02ee106ac9f7f9a067c81c19bdc3c60=[6308900]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e0ed8ef147d66afa28e8b35d8756102a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":271,"timings":{"blocked":174,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"flushpersist.com/pxf.gif?uuid=afe9f985-9594-43fa-981e-3f1ab7216259\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=c24088fb2a6cd3f2c2336679f397c764\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19","fqdn":"flushpersist.com","domain":"flushpersist.com","tld":"com"},"ip":{"addr":"172.240.127.242","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"flushpersist.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 22:02:45 GMT","end":"Tue, 27 Jan 2026 22:02:44 GMT"},"fingerprint":{"sha1":"F7:0F:08:42:86:24:7C:1B:49:6E:E0:01:4D:B6:85:C3:51:09:E9:4B","sha256":"57:4B:E8:D9:F8:CD:FB:C3:56:16:42:88:21:1B:6A:B3:83:F2:4E:B5:2C:AC:2C:6B:0E:46:6B:15:51:D1:3D:17"}}},"request":{"raw":"GET /pxf.gif?uuid=afe9f985-9594-43fa-981e-3f1ab7216259\u0026eb=bff3d6bf6d16c0bb5e58232c1a99ef63\u0026te=fe015aeda515c30449c87b1701cc307f\u0026ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026dev=e\u0026res=14.3095\u0026b_frame=0\u0026pk=c24088fb2a6cd3f2c2336679f397c764\u0026bl=en-US\u0026sr=1024x1280\u0026sz=1024x1280\u0026hjs=19 HTTP/1.1\r\nHost: flushpersist.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 1\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\nx-envoy-upstream-service-time: 1\r\nHost: flushpersist.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0b651dd87a914740696bf085633033c7\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":671,"timings":{"blocked":285,"dns":2,"connect":96,"send":0,"wait":98,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"flushpersist.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/6f/ae/1d/6fae1d89a4b9fab7c320bd94571ea3ef/1755792852.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.661Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/6f/ae/1d/6fae1d89a4b9fab7c320bd94571ea3ef/1755792852.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 59676\r\nserver: nginx/1.21.6\r\nlast-modified: Thu, 21 Aug 2025 16:14:12 GMT\r\netag: \"68a745d4-e91c\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59676,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2023:02:16 18:23:53], baseline, precision 8, 728x90, components 3","md5":"38c179ae01870013eb2e282cff2b3840","sha1":"38219533f839692c22c62aba40a0578dee5d269c","sha256":"699936be3cf3af72d954b1c51411bd25bc2c97a5019fe13e3009e8b95dd1f7e4","sha512":"dbc2397996494d9fbb0a4bdefb16cd4a79f32c4b913f601cb3b5cddc0769f4750a93c96e5bb25b44f3331a37ff83630f797a54c7e83f409f241beb4b79c68a54","ssdeep":"768:Oir3XfIusjovhPBmbKmcQ6cw5gvoQCf+dzmoa4NsJM8vCyhzGxd7qTg7MZ:Rn/v5cbK7Q6lKvfQkWa8vFhzGT7MZ","tlshash":"9043bf297a114d51e8dc793a94fcc662d3b31ed40eb3155ebb8c9c043fb1a998cc968b","first_seen":"2023-12-14T03:39:17Z","last_seen":"2026-05-19T08:00:14.389331Z","times_seen":283,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":20,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"relishsubsequentlytank.com/c2/40/88/c24088fb2a6cd3f2c2336679f397c764.js","fqdn":"relishsubsequentlytank.com","domain":"relishsubsequentlytank.com","tld":"com"},"ip":{"addr":"172.240.253.132","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:30.561Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"relishsubsequentlytank.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 03 Dec 2025 21:56:14 GMT","end":"Tue, 03 Mar 2026 21:56:13 GMT"},"fingerprint":{"sha1":"AE:C0:37:62:05:CE:68:5D:4C:88:C9:8D:70:AF:F7:6D:9C:31:92:3A","sha256":"1A:FD:86:A0:5C:2E:36:A8:2B:3C:C3:36:88:DC:A6:22:BE:80:83:11:B2:53:A8:02:03:67:04:57:B7:C0:12:EA"}}},"request":{"raw":"GET /c2/40/88/c24088fb2a6cd3f2c2336679f397c764.js HTTP/1.1\r\nHost: relishsubsequentlytank.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:30 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 38163\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: relishsubsequentlytank.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 76b42baa10b798564ffb5b279f4853f6\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":106600,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"2b240697414042e59f9809da79735184","sha1":"346632d84a3acd434243990b4cf52ddfb02719b7","sha256":"a11c13a7e144371405bcb95023255eef68dc22e9c1471af160da66b67702759d","sha512":"e62ccb4ad2132ac094a5bd9fc37ca2aa8b398c7e9ff629dc414be11f6a6afb99d2d8621c8dd83b95c721676fcdc2bda1778db8559684d9aaa579d5c6997ca702","ssdeep":"1536:EpOvTY8Afd1ow5ZEUjHzQSF63R2LbqKYmEqMTd01yLVH2WQgPrNQCld5h4s9imfg:qXLD33COgu+bAKaS6","tlshash":"fba3cad97f40f06d4271607a113fa00af25b0e46688cd59ce117f6a42fa866fe57ef28","first_seen":"2025-12-20T19:31:04.659625Z","last_seen":"2025-12-20T19:31:04.659625Z","times_seen":1,"resource_available":true,"data":null}},"time_used":813,"timings":{"blocked":306,"dns":31,"connect":91,"send":0,"wait":99,"receive":96,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"relishsubsequentlytank.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"relishsubsequentlytank.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"relishsubsequentlytank.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"preferencenail.com/sfp.js","fqdn":"preferencenail.com","domain":"preferencenail.com","tld":"com"},"ip":{"addr":"185.196.197.71","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"preferencenail.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:40:35 GMT","end":"Tue, 27 Jan 2026 23:40:34 GMT"},"fingerprint":{"sha1":"AA:22:33:AC:0A:FC:0D:31:C5:9F:92:99:20:7A:02:E4:46:E3:08:8C","sha256":"72:5A:79:00:74:D1:90:EF:9A:D3:3F:01:E6:E5:14:1D:41:4F:F2:28:D3:FD:4C:AA:70:DE:D8:BE:C2:15:3F:EE"}}},"request":{"raw":"GET /sfp.js HTTP/1.1\r\nHost: preferencenail.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nContent-Length: 32181\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\nP3P: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\nAccess-Control-Allow-Origin: *\r\nVary: Accept-Encoding\r\nHost: preferencenail.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 98189bdfa84010ba788a1707c9657953\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85379,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators","md5":"b3a5ba94d627e64a77c0e11eaffc96ed","sha1":"f7358693b31e44211dd98b5aa0dc2a3f423286aa","sha256":"600f01dd96f043e58e0e70a82afbba6ffe0923d836f6293c1e6fc1cb5b074d34","sha512":"64800bcce3e1a65638dfedfe22f205b51725865db3332be95a142e39e4cb40f57358d0c4c01ebb366b8da56aa978b6c7ee992e2c27563bac76c3998014c3d64b","ssdeep":"1536:nPncLBSUBULrSVvTfMtfj3FkdFcE5PnoRC:nPncLBSUBULGVTfGpucE5foM","tlshash":"488395807ac06488d3979b7bb73bf4eaf65a299f38c4044bd100fc48b69562af9f5534","first_seen":"2025-11-18T17:36:30.149277Z","last_seen":"2026-06-16T16:44:00.746642Z","times_seen":19002,"resource_available":true,"data":null}},"time_used":192,"timings":{"blocked":63,"dns":0,"connect":17,"send":0,"wait":32,"receive":31,"ssl":44},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"preferencenail.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"18.194.59.7","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=f1786c3a-475a-495c-b711-8252f7739cb8:3:1; expires=Tue, 18 Dec 2035 19:30:31 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"40db291ad634df7da6f0f5ee12108410","sha1":"ba059ca92a2322def5b83bd0f7c15197e138a411","sha256":"d2b6745b020cc2ab3c2294646a89abcea729e7c2d36b65aeb58833ae88bb0419","sha512":"5c61faf3bb2b1cafb32b21ac5356d2de2070857b9b3ffd5fb6787757ff08dc59ae5df3d65a456f565a6cae261d237d45cbdf323fd41604371fde2c3f0f12cda7","ssdeep":"","tlshash":"619002414829a4d0100531000d099001506d8631593e50426380d2898814005a4dc551","first_seen":"2025-12-20T19:31:04.662623Z","last_seen":"2025-12-20T19:31:04.662623Z","times_seen":1,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":181,"dns":6,"connect":21,"send":0,"wait":26,"receive":1,"ssl":137},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_1RSwW8bxReeTX3q7_ATpeJsIYFAAmfXu3ZteqgIJVVFSEIaFAnUw-zOrD1kvbPMzHodc4mIBD36wAE4bT4nDZSqKn8AInLgUEUCsUhAJBoJ8ScgVeWG1rUUeNK897355vC-781Hu-kpcZHSk9U35VBEEZ1v1OzqCxsiZjLT1eX1qmPX7MvVDRE3vcvVQZlU_xXH9Wr2i9VrPNiU83XbsW3HdqqLQvFQDuanLERyt-3U2nbNq9echoeB-m-vUwuaWmD9U3IBghX__zN8FyKYIO7dv8r1ppHJS6_30ogaqdBnB2_Hm7HMYvTOYKgshPHB7DWkLgj5dA4yPpgpgOzvlQrgi4LMPfMQfnwwGxN-f__JpH4EHsNn_0PWn4BHEwg6QSB3INhPBAgYllcQ924vS5XRrScsLdmCVB79BZEVpPLwIuLevYVIDKo3ZJQaIWONQZhDDCYQnQmS9AhmaEFkRwjMhxDsBzL_aAlxb29FRxKC5VP1IpyAagtpeYSFNLSQJhZ67KTq2S0vcKjbDNssuGR71PMY9-12q27btB1cQhqUY41gkhGCaIRAbSNR29gUI6j0ELqbQzML2hTEemsbfZYj4wSZJsgoQSYIMkOQ9fN9Fum6zm-zSKe-M6v1WXXzsTSdXbovTYfHBFSNoFi-J5L39Q4Cc248DDUbyzJR3-Rj6rN8NzklT5WuWR8__zs2-UmVha0G933mu57baja502INxut-M2R1r-61oUUOoeemhgxFQRZ_foxEFOS5-w_g0yPo6AiBOAeaOqBZDtrNMYxPnu3yLu-m_ss00KlTd2vJlunKmMZbWZcrXgtkD0zmSEwFZsvajU7J0-O19YXD6U7f-eIKeHB8xQz_uHbv4gcIVI5E5XhPfEfQiW6N12RG9tZkpsnXK4kRPTGk5b5vGGr4uTtv8K1MKnb9qh59-WpQEiW8u861WaIxE3FHk68WBGNcLUoVcPLNdb3B_dVUdxdSFafJ0upri9d7ieJaCxlPQEVBzh_eQSAKcuHXnelfdq89RpBsQyfHZBbQksBP5hAJgoif3VM_h_5X75_hXX0LHVUBNTuIezn6Kkc_ykGjEXR6fmwSdXzlwWdlfA4_qoz9SFX2_EhFnxTk5m_fTs0q0fcFufnLj9DipNqo-26z1WrysMlCl7l1l7UbNm97tN302l4DRhdi8e-NfwIAAP__e6Yg930EAAA=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSwW8bxReeTX3q7_ATpeJsIYFAAmfXu3ZteqgIJVVFSEIaFAnUw-zOrD1kvbPMzHodc4mIBD36wAE4bT4nDZSqKn8AInLgUEUCsUhAJBoJ8ScgVeWG1rUUeNK897355vC-781Hu-kpcZHSk9U35VBEEZ1v1OzqCxsiZjLT1eX1qmPX7MvVDRE3vcvVQZlU_xXH9Wr2i9VrPNiU83XbsW3HdqqLQvFQDuanLERyt-3U2nbNq9echoeB-m-vUwuaWmD9U3IBghX__zN8FyKYIO7dv8r1ppHJS6_30ogaqdBnB2_Hm7HMYvTOYKgshPHB7DWkLgj5dA4yPpgpgOzvlQrgi4LMPfMQfnwwGxN-f__JpH4EHsNn_0PWn4BHEwg6QSB3INhPBAgYllcQ924vS5XRrScsLdmCVB79BZEVpPLwIuLevYVIDKo3ZJQaIWONQZhDDCYQnQmS9AhmaEFkRwjMhxDsBzL_aAlxb29FRxKC5VP1IpyAagtpeYSFNLSQJhZ67KTq2S0vcKjbDNssuGR71PMY9-12q27btB1cQhqUY41gkhGCaIRAbSNR29gUI6j0ELqbQzML2hTEemsbfZYj4wSZJsgoQSYIMkOQ9fN9Fum6zm-zSKe-M6v1WXXzsTSdXbovTYfHBFSNoFi-J5L39Q4Cc248DDUbyzJR3-Rj6rN8NzklT5WuWR8__zs2-UmVha0G933mu57baja502INxut-M2R1r-61oUUOoeemhgxFQRZ_foxEFOS5-w_g0yPo6AiBOAeaOqBZDtrNMYxPnu3yLu-m_ss00KlTd2vJlunKmMZbWZcrXgtkD0zmSEwFZsvajU7J0-O19YXD6U7f-eIKeHB8xQz_uHbv4gcIVI5E5XhPfEfQiW6N12RG9tZkpsnXK4kRPTGk5b5vGGr4uTtv8K1MKnb9qh59-WpQEiW8u861WaIxE3FHk68WBGNcLUoVcPLNdb3B_dVUdxdSFafJ0upri9d7ieJaCxlPQEVBzh_eQSAKcuHXnelfdq89RpBsQyfHZBbQksBP5hAJgoif3VM_h_5X75_hXX0LHVUBNTuIezn6Kkc_ykGjEXR6fmwSdXzlwWdlfA4_qoz9SFX2_EhFnxTk5m_fTs0q0fcFufnLj9DipNqo-26z1WrysMlCl7l1l7UbNm97tN302l4DRhdi8e-NfwIAAP__e6Yg930EAAA= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9eb16cfb027a9c60683722bd625b330f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":622,"timings":{"blocked":241,"dns":0,"connect":94,"send":0,"wait":96,"receive":1,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJLKHEKSqq3qn3J6qtqp7endPaiAGT3PwoF7s-Waym2iQePZXmOghBATHiwNmPfgXiBD0Jr1ZWD35Dt_78RXF9169ujwsdomPgs7OvK63ZJrSxbDlNJ9ZlYrr0jZPnW-6Tss51lyVqh0ca27UYPovuH7Qcp5tviridb3oOa7juI7bXJFGJHpjcY-FzG5EbityWoHXcsMAG-a_uS3mYOkceH-XPAbJp4_8nlyAjCdQvZvHhV3Pdfb8K70ipbk26POdN9S60qVC7yBMTAOJ2tk_DW2nhHw0B6129juA7o_rDsDklMw9cQ9M7ezLBOtffaCUpRAKjD-Msj-BSCeQdIJYX4LkPxEg5jh1Gqq3fUqbkm4-YGnNTsn8_T8hyymZv_c4VO-L5VRuNM_ptMilVhYbSQW5MYFcmyArJsi3GpDlbcT5e5D8R7J4_yRUb3zaphqSz47SRERJ1AkXojAKFgI_oQtRxxULfuJStuS5bS-M9kYkkwmoPYTCNlDIBoqkgSJroMdnzcDpBLFL_XYS8XjJCWgQcMGcqOM5Do3iJRRxrX2APBsgTgeIzeXtQsU2iIbujeLNLPXCth-EXjB0Z0dVKmKedELBGGd-4HfabeF2eMiFx9oJ9wIviK5fCKPA9V334nbGu_l6f5ybQozrO4futQelINorIjPvXuP-kvBZHAwZ1uUAprgF261geQM2J-jzCqUgKC1BSQlKSVDmBGW_uspT69lqm6e2YO6-9_a9X410vjakV3W-JhQBNQMYXo1l9ra9hDg_NNpKLB_pGijLqxFlvBpmu-TR-ikb7z_9K9bFrPl_3cLKCtLOgdoGtuSUrPz8FzI5JU_dvANGb8OmtxHLQ6CFC1pWoN0KW2r2ZFd0RbdgCzS2hev5rWwz72pF1WbZFUa0Yt0D1xWyfB75ZmOY7pIjo7Pnl2_tLdrFX76DiO-SfUNsKmSmwlvye4K19MrorC7J-KwuLfnydJbLntyi9RKey2kuHvrsNbFZasNPHLeD6y_FNVGHN84Lm5-kiku1Zsnny5JzYVa0iQX55oRdFexMYbvLhVFFdvLMyysnepkR1kqtJqBySg7_8QFiOSVHvv1074OFz_2GOHsHNjvQaTUBy-aQSoJUHNQpq2D_lbODeGivYM3Mg-aXoHoV-qZCP61A0wFscXiUZ-bui3c-ru0TsHR-xFIzP2apST-s5_TV3rBq-KGGr2HlrBl6zG93Om2RtHnic9_zeRQ6Igpo1A6iIERup3Ll79V_AgAA___mibKmEgUAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJLKHEKSqq3qn3J6qtqp7endPaiAGT3PwoF7s-Waym2iQePZXmOghBATHiwNmPfgXiBD0Jr1ZWD35Dt_78RXF9169ujwsdomPgs7OvK63ZJrSxbDlNJ9ZlYrr0jZPnW-6Tss51lyVqh0ca27UYPovuH7Qcp5tviridb3oOa7juI7bXJFGJHpjcY-FzG5EbityWoHXcsMAG-a_uS3mYOkceH-XPAbJp4_8nlyAjCdQvZvHhV3Pdfb8K70ipbk26POdN9S60qVC7yBMTAOJ2tk_DW2nhHw0B6129juA7o_rDsDklMw9cQ9M7ezLBOtffaCUpRAKjD-Msj-BSCeQdIJYX4LkPxEg5jh1Gqq3fUqbkm4-YGnNTsn8_T8hyymZv_c4VO-L5VRuNM_ptMilVhYbSQW5MYFcmyArJsi3GpDlbcT5e5D8R7J4_yRUb3zaphqSz47SRERJ1AkXojAKFgI_oQtRxxULfuJStuS5bS-M9kYkkwmoPYTCNlDIBoqkgSJroMdnzcDpBLFL_XYS8XjJCWgQcMGcqOM5Do3iJRRxrX2APBsgTgeIzeXtQsU2iIbujeLNLPXCth-EXjB0Z0dVKmKedELBGGd-4HfabeF2eMiFx9oJ9wIviK5fCKPA9V334nbGu_l6f5ybQozrO4futQelINorIjPvXuP-kvBZHAwZ1uUAprgF261geQM2J-jzCqUgKC1BSQlKSVDmBGW_uspT69lqm6e2YO6-9_a9X410vjakV3W-JhQBNQMYXo1l9ra9hDg_NNpKLB_pGijLqxFlvBpmu-TR-ikb7z_9K9bFrPl_3cLKCtLOgdoGtuSUrPz8FzI5JU_dvANGb8OmtxHLQ6CFC1pWoN0KW2r2ZFd0RbdgCzS2hev5rWwz72pF1WbZFUa0Yt0D1xWyfB75ZmOY7pIjo7Pnl2_tLdrFX76DiO-SfUNsKmSmwlvye4K19MrorC7J-KwuLfnydJbLntyi9RKey2kuHvrsNbFZasNPHLeD6y_FNVGHN84Lm5-kiku1Zsnny5JzYVa0iQX55oRdFexMYbvLhVFFdvLMyysnepkR1kqtJqBySg7_8QFiOSVHvv1074OFz_2GOHsHNjvQaTUBy-aQSoJUHNQpq2D_lbODeGivYM3Mg-aXoHoV-qZCP61A0wFscXiUZ-bui3c-ru0TsHR-xFIzP2apST-s5_TV3rBq-KGGr2HlrBl6zG93Om2RtHnic9_zeRQ6Igpo1A6iIERup3Ll79V_AgAA___mibKmEgUAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 29fa1fb6ba5d1edce95b19035a72316f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":344,"timings":{"blocked":245,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/98/4a/ea/984aea0590243673d8100824b542b2eb/1756662026.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.316Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/98/4a/ea/984aea0590243673d8100824b542b2eb/1756662026.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 54266\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:40:26 GMT\r\netag: \"68b4890a-d3fa\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54266,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:29:30], progressive, precision 8, 320x240, components 3","md5":"61ed57bf223ebc615f8a1df5d6df4368","sha1":"efb61d1f59f6dcdb45ff2205a02ce0cd6d8577b1","sha256":"301c9c6b429a2b8c70326d0acd72bf1d503fdde4c081f8da9a71f60f90b27442","sha512":"d3323768584bf852bc18a08ebcff711b49c72b3797e973c18aee182e17d44da76937f8db37f17cbc6601e758d31e79c551fe825b153809d253d4effc00025d06","ssdeep":"768:XnaGnvGicnaGnvVhsSYymkxswdA5HURFmI2PI+KIaSMUeFBhMkIh:XbSbVVzmwdA5HURFL2PzMUeFbMkQ","tlshash":"dc33d128f3a2ef22f4d4fab55195e7a372259b2483d71b517c6d70593736090cc8e2c6","first_seen":"2025-09-02T17:23:30.730781Z","last_seen":"2026-05-24T00:35:06.918554Z","times_seen":1381,"resource_available":false,"data":null}},"time_used":173,"timings":{"blocked":32,"dns":0,"connect":0,"send":0,"wait":88,"receive":53,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRitTgYP8SAa8TwIiorOds_0TGbMIbjGlWDcXTcrC0oOVV3VM-X2VLVV3dOzc1pc0OBpDh7Ui71vdrP-CBL_ADXM6iEEFFsQF8xexD9AhKA36cnA6gf1_ahXh_feV-_upsekgZQerb6qRzKK6EKz5laf2pCK68xWl9ernltzz1c3pGr556vDMpnB817Dr7lPV18WwaZeqLue63quV12SRoR6uDBDIeMbHa_WcWt-veY1fQzN_2ebOrDUAR8ck0cgefHQ7-GbkMEUqn_zorCbiY6ffamfRjTRBgN-8LraVDpT6J-0oXEQqoP5a2hbEPLhKWh1MFcAPdgrFYDJgpx67C6YOpjTBBvs32fKIggFxh9ENphCRFNIOkWgdyD5TwQIOJZXoPrXl7XJ6NZ9lJZoQSr3_oLMClK5-yhU_8vFSA6rV3SUJlIri2GYQw6nkN0p4vQQyciBzA4RJO9A8h_Iwr3LUP29FRtpSJ7P1MtwCmodpOWRDtLQQRo76POjqu-2_cCjjVbY4cE516e-zwVzO-2669JOcA5pUNIaI4nHCKIxArON2GxjU45h0luwvRyWO7BJQZzXtjHgOTJBkFmCjBJkkiBLCLJBvs8jW7f5dR7ZlHnzWp_XRj7RSXeX7uukKxQBNWMYnu_J-G27gyA5PRmFlk90mShL8gllPN-Nj8nDpWvOe0_-hk1xVOVhuykY46zhN9qtlvDavMlFnbVCXvfrfgdW5pD21MyQkSzI0s9_I5YFeeLmbTB6CBsdIpCnQVMPNMtBezlG6ujxnuiJXsqeo4FNvXqjFm8lPa2o2sp6wohaoPvgOkecVJBsObvRMTk7WVtfvDXb6dVfv4cI7pB5IDA5YpPjLfkdQTe6NlnTGdlb05klX63EiezLES33fSWhiXjg81fEVqYNv3TRjj97ISiBsr2xLmxymSouVdeSLxYl58IsaRMI8vUluyHYamp7i6lRaXx59cWlS_3YCGulVlNQWZAzf76PQBbk7DefzP5y85k_EMTbsPEJT6sJWHwakSSIxMk9ZTnsf2Z20u_aa-iaCmiyA9XPMTA5BlEOGo1h0zOTJDZ3Ltz-qIyPwaLKhEWmssciE31Q-vRtQd749MLMsYJc_eVHWHlUbdZZo9Vut0TY4mGDN-oN3mm6ouPTTsvv-E0ktpBL_2z8GwAA__-Q3S4IfQQAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_1RSz4scRRitTgYP8SAa8TwIiorOds_0TGbMIbjGlWDcXTcrC0oOVV3VM-X2VLVV3dOzc1pc0OBpDh7Ui71vdrP-CBL_ADXM6iEEFFsQF8xexD9AhKA36cnA6gf1_ahXh_feV-_upsekgZQerb6qRzKK6EKz5laf2pCK68xWl9ernltzz1c3pGr556vDMpnB817Dr7lPV18WwaZeqLue63quV12SRoR6uDBDIeMbHa_WcWt-veY1fQzN_2ebOrDUAR8ck0cgefHQ7-GbkMEUqn_zorCbiY6ffamfRjTRBgN-8LraVDpT6J-0oXEQqoP5a2hbEPLhKWh1MFcAPdgrFYDJgpx67C6YOpjTBBvs32fKIggFxh9ENphCRFNIOkWgdyD5TwQIOJZXoPrXl7XJ6NZ9lJZoQSr3_oLMClK5-yhU_8vFSA6rV3SUJlIri2GYQw6nkN0p4vQQyciBzA4RJO9A8h_Iwr3LUP29FRtpSJ7P1MtwCmodpOWRDtLQQRo76POjqu-2_cCjjVbY4cE516e-zwVzO-2669JOcA5pUNIaI4nHCKIxArON2GxjU45h0luwvRyWO7BJQZzXtjHgOTJBkFmCjBJkkiBLCLJBvs8jW7f5dR7ZlHnzWp_XRj7RSXeX7uukKxQBNWMYnu_J-G27gyA5PRmFlk90mShL8gllPN-Nj8nDpWvOe0_-hk1xVOVhuykY46zhN9qtlvDavMlFnbVCXvfrfgdW5pD21MyQkSzI0s9_I5YFeeLmbTB6CBsdIpCnQVMPNMtBezlG6ujxnuiJXsqeo4FNvXqjFm8lPa2o2sp6wohaoPvgOkecVJBsObvRMTk7WVtfvDXb6dVfv4cI7pB5IDA5YpPjLfkdQTe6NlnTGdlb05klX63EiezLES33fSWhiXjg81fEVqYNv3TRjj97ISiBsr2xLmxymSouVdeSLxYl58IsaRMI8vUluyHYamp7i6lRaXx59cWlS_3YCGulVlNQWZAzf76PQBbk7DefzP5y85k_EMTbsPEJT6sJWHwakSSIxMk9ZTnsf2Z20u_aa-iaCmiyA9XPMTA5BlEOGo1h0zOTJDZ3Ltz-qIyPwaLKhEWmssciE31Q-vRtQd749MLMsYJc_eVHWHlUbdZZo9Vut0TY4mGDN-oN3mm6ouPTTsvv-E0ktpBL_2z8GwAA__-Q3S4IfQQAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: edfbdea828ce4140c3dc97e9c6a33071\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":648,"timings":{"blocked":266,"dns":4,"connect":93,"send":0,"wait":94,"receive":0,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/bb/5e/7a/bb5e7a409e9493480d272715857de006/1756661819.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.236Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/bb/5e/7a/bb5e7a409e9493480d272715857de006/1756661819.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 81333\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:36:59 GMT\r\netag: \"68b4883b-13db5\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":81333,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:01:08], progressive, precision 8, 320x240, components 3","md5":"37216fc5eeed9ad5265913b11e7cdb2a","sha1":"b503474df8033aa8618961be68df64198b8def1c","sha256":"f72be2709677c7315d46e09e382db81a10d42f9da63e4b0fcebcfb91cc920c19","sha512":"80ab464711d9b4b0f57182872eff6ae25289b870fdec7c85295f60c742829b0955db4dccbae1bf875003751cbc17d6f2c7114ee7c80ef7e9f3d576ba7e2bf0a2","ssdeep":"1536:bA9iNcqwL9iNcqwhOW5r8XCOMs8dTDMbw0DGeY5So53yGTscD:6iCxiCUWKXC6Suid53y2D","tlshash":"6083f17cb38ade03f0e9257e54a2d3ebc3799e98a3832605785da9443bf60107d4e249","first_seen":"2025-09-02T18:13:44.358405Z","last_seen":"2026-05-25T10:53:19.587504Z","times_seen":1403,"resource_available":false,"data":null}},"time_used":235,"timings":{"blocked":111,"dns":0,"connect":0,"send":0,"wait":88,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz28cRRPtta3vkO_w6SOI8woFBAiv5-d6hxwQJhhFhCRKgoIURah7usfbeLZ76J7ZsX0CIoWI0x44ABdm327sBCIU7vwIay5RJCSWCyslvvAXIKQIbmgcS4YTdXhV9d4cXtVUXx0We8RHQWdnX9dbMk3pUthyms9clIrr0jZPX2i6Tss53rwoVTs43tyowfRfcP2g5TzbfFXE63rJc1zHcR23uSqNSPTG0r4Kmd2K3FbktAKv5YYBNsw_e1vMwdI58P4eeQyST__3a3IJMp5A9W6fEHY919nzr_SKlObaoM933lDrSpcKvcMyMQ0kaufga2g7JeTjOWi1czABdH9cTwAmp2TuiQdgaufAJlj_-iOnLIVQYPy_KPsTiHQCSSeI9RVI_hMBYo7TZ6B626e1KenmI5XW6pQsPPwdspyShQePQ_W-XEnlRvO8TotcamWxkVSQGxPItQmyYoJ8qwFZ7iLO34fkP5Klh6egeuMzNtWQfHaMJiJKok64GIVRsBj4CV2MOq5Y9BOXsmXPbXthtL8imUxA7TwK20AhGyiSBoqsgR6fNQOnE8Qu9dtJxONlJ6BBwAVzoo7nODSKl1HEtfcB8myAOB0gNle3M97N1_vj3BRiXKjYDt0bj6gg2ie3azKIhu6t4q0s9cK2H4ReMHRnx1QqYp50QsEYZ37gd9pt4XZ4yIXH2gn3Ai-Ibl4Ko8D1XfcyMvPeDe4vC5_FwZBhXQ5gijuw3QqWN2Bzgj6vUAqC0hKUlKCUBGVOUPar6zy1nq22eWoL5h5k7yD71Ujna0N6XedrQhFQM4Dh1Vhm79griPP50VZi-UjXQFlejSjj1TDbI_-vf2Xjg6fvY13Mmv82DKysIO0cqG1gS07J6s9_IJNT8tTtu2B0FzbdRSznQQsXtKxAuxW21OzJruiKbsEWaWwL1_Nb2Wbe1YqqzbIrjGjFugeuK2T5AvLNxjDdI0dH5y6s3Nk_tMu_fA0R3yMHgdhUyEyFt-UPBGvptdE5XZLxOV1a8tWZLJc9uUXrIzyf01z85_PXxGapDT95wg5uvhTXQl3euiBsfooqLtWaJV-sSM6FWdUmFuSbk_aiYGcL210pjCqyU2dfXj3Zy4ywVmo1AZVTcuS3DxHLKTn67Wf7Dyx87j7i7F3Y7NCn1QQsm0cqCVJxyFNWwf6tZ4f10F7DmlkAza9A9Sr0TYV-WoGmA9jiyCjPzL0X735Sx6dg6cKIpWZhzFKTflTv6bsavt_fWA27sHLWDD3mtzudtkjaPPG57_k8Ch0RBTRqB1EQIrdTufrnm38FAAD__-IlD5ASBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.313Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz28cRRPtta3vkO_w6SOI8woFBAiv5-d6hxwQJhhFhCRKgoIURah7usfbeLZ76J7ZsX0CIoWI0x44ABdm327sBCIU7vwIay5RJCSWCyslvvAXIKQIbmgcS4YTdXhV9d4cXtVUXx0We8RHQWdnX9dbMk3pUthyms9clIrr0jZPX2i6Tss53rwoVTs43tyowfRfcP2g5TzbfFXE63rJc1zHcR23uSqNSPTG0r4Kmd2K3FbktAKv5YYBNsw_e1vMwdI58P4eeQyST__3a3IJMp5A9W6fEHY919nzr_SKlObaoM933lDrSpcKvcMyMQ0kaufga2g7JeTjOWi1czABdH9cTwAmp2TuiQdgaufAJlj_-iOnLIVQYPy_KPsTiHQCSSeI9RVI_hMBYo7TZ6B626e1KenmI5XW6pQsPPwdspyShQePQ_W-XEnlRvO8TotcamWxkVSQGxPItQmyYoJ8qwFZ7iLO34fkP5Klh6egeuMzNtWQfHaMJiJKok64GIVRsBj4CV2MOq5Y9BOXsmXPbXthtL8imUxA7TwK20AhGyiSBoqsgR6fNQOnE8Qu9dtJxONlJ6BBwAVzoo7nODSKl1HEtfcB8myAOB0gNle3M97N1_vj3BRiXKjYDt0bj6gg2ie3azKIhu6t4q0s9cK2H4ReMHRnx1QqYp50QsEYZ37gd9pt4XZ4yIXH2gn3Ai-Ibl4Ko8D1XfcyMvPeDe4vC5_FwZBhXQ5gijuw3QqWN2Bzgj6vUAqC0hKUlKCUBGVOUPar6zy1nq22eWoL5h5k7yD71Ujna0N6XedrQhFQM4Dh1Vhm79griPP50VZi-UjXQFlejSjj1TDbI_-vf2Xjg6fvY13Mmv82DKysIO0cqG1gS07J6s9_IJNT8tTtu2B0FzbdRSznQQsXtKxAuxW21OzJruiKbsEWaWwL1_Nb2Wbe1YqqzbIrjGjFugeuK2T5AvLNxjDdI0dH5y6s3Nk_tMu_fA0R3yMHgdhUyEyFt-UPBGvptdE5XZLxOV1a8tWZLJc9uUXrIzyf01z85_PXxGapDT95wg5uvhTXQl3euiBsfooqLtWaJV-sSM6FWdUmFuSbk_aiYGcL210pjCqyU2dfXj3Zy4ywVmo1AZVTcuS3DxHLKTn67Wf7Dyx87j7i7F3Y7NCn1QQsm0cqCVJxyFNWwf6tZ4f10F7DmlkAza9A9Sr0TYV-WoGmA9jiyCjPzL0X735Sx6dg6cKIpWZhzFKTflTv6bsavt_fWA27sHLWDD3mtzudtkjaPPG57_k8Ch0RBTRqB1EQIrdTufrnm38FAAD__-IlD5ASBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d068ec8fd53ded8323ea7d717927ba24\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":410,"timings":{"blocked":309,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/css/style.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.837Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/css/style.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:33 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"67f54bc9-1610\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wVVfYmYaXP0wmweox1eNdpLIZYsVr8rocGL%2F1yVG8k0byXQh7eUVw0PZiBi7IXNYKDHd%2BS8mn2AsL5N5wHRvi2MektFm4fXBM1XDuRx%2B\"}]}\r\ncf-ray: 9b118e0b0c60b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":5648,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1622d5dbd3ee323f1f251cb3de7b1f03","sha1":"bf821b06f4b67fc40dbd4398e00be1e12b566d41","sha256":"58789b7eb6e198a1a16151797ce4b1218e36c8708a9cd8a1808cdc40b21b1bb8","sha512":"4e0dfd40e4363c28d49965b28566cb98bd98b3de021cc4ebd60f15f7ff4bb2238d8534f3c98d162a5c2c54c24e15a3fd3db60e04ddef648d8a0752f3d69ca2d3","ssdeep":"96:5zlzMUmZ1CfICcfXgCfViOtAYiY5mnM0pfionq4OHBCHLmOCp0PkuCo1CCJ0xFCL:fMFInadiOyXnM0M0srv4Dv","tlshash":"e0c12fa617650204750bd8563e126f17a7688043ef0fd9b86ed2240c8fca6ce96e378f","first_seen":"2025-07-06T07:29:12.192872Z","last_seen":"2026-06-14T21:26:13.855243Z","times_seen":1125,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":-1,"dns":1,"connect":4,"send":0,"wait":521,"receive":0,"ssl":18},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=766","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:33.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fmagic.css\u0026l=45054\u0026fd=766 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: uid_id2=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25634495=1; slece02ee106ac9f7f9a067c81c19bdc3c60=[6308900]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:33 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:33.769Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 16 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 16 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 346077\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-06-16T17:50:35.49609Z","times_seen":884618,"resource_available":false,"data":null}},"time_used":276,"timings":{"blocked":106,"dns":2,"connect":20,"send":0,"wait":49,"receive":10,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026rb=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026rb= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/json\r\nContent-Length: 12164\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: pdhtkv=true; expires=Sun, 21 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\nuncs=1; expires=Sun, 21 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\npdhtkv49=true; expires=Sun, 21 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\nuncs49=1; expires=Sun, 21 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\nu_pl25634524=1; expires=Sun, 21 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\nnlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; expires=Sat, 20 Dec 2025 19:30:36 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 70\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 3fead65b73b366fad3c7f772b33d983d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":15913,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"c7a7f8777da4876cd001d1d99ec0506e","sha1":"4c3e2969d7d9c6b732256ea2f97e36c67d996bad","sha256":"8533952655e68df2cb85ed6471f74b9bfe9aa01367b3cf992555e5cfd2cff935","sha512":"b33723849b1ea6f9ce79c0200903ab20ab4428700dd003e3e98d64a8e4cdd99882eadccec84abd884367b8e93385a91302ff94e82566b6f0b23cd39e8624a326","ssdeep":"384:NvEzg3GpptNny45vEUWqq45o7SKSDERKnEGUVhfXaZPNA+Rzi:NMTpZy4dtHqSo7kDIKnBUX+g","tlshash":"a862bfbfc05d159f09d17c0f799b29cb1fdb122664ec7d90815988ed1d709812b1607e","first_seen":"2025-12-20T19:31:04.668734Z","last_seen":"2025-12-20T19:31:04.668734Z","times_seen":1,"resource_available":false,"data":null}},"time_used":481,"timings":{"blocked":0,"dns":32,"connect":92,"send":0,"wait":165,"receive":1,"ssl":191},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/53/23/86/5323869a8beda1d7db01e9c875b2f49f.js","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.263Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /53/23/86/5323869a8beda1d7db01e9c875b2f49f.js HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: fd0840ff2923732876422a45665887fa\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":431,"timings":{"blocked":-1,"dns":39,"connect":96,"send":0,"wait":100,"receive":1,"ssl":194},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"realizationnewestfangs.com/watch.5084047548.js?key=8253a9c21e6081348abe9f05f9d8dea2\u0026kw=%5B%22get%22%2C%22key%22%2C%22hoho%22%2C%22hub%22%2C%22-%22%2C%22step%22%2C%221%22%5D\u0026refer=https%3A%2F%2Fhehehub-acsu123.pythonanywhere.com%2Fapi%2Fgetkey%3Fhwid%3D1766287809.8803766\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=0462ba9b-e333-4241-897c-6fc1638e041e%3A1%3A1","fqdn":"realizationnewestfangs.com","domain":"realizationnewestfangs.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.600Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"realizationnewestfangs.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Oct 2025 23:53:00 GMT","end":"Tue, 27 Jan 2026 23:52:59 GMT"},"fingerprint":{"sha1":"1B:06:06:C7:58:90:D0:32:92:B4:AF:0D:13:36:3E:BD:15:17:6B:46","sha256":"5B:0B:55:E5:3A:EB:48:93:35:E0:BA:60:C4:23:AE:E5:7C:C0:C8:63:A3:06:E6:FA:BA:9E:F0:CB:1E:B7:A1:E4"}}},"request":{"raw":"GET /watch.5084047548.js?key=8253a9c21e6081348abe9f05f9d8dea2\u0026kw=%5B%22get%22%2C%22key%22%2C%22hoho%22%2C%22hub%22%2C%22-%22%2C%22step%22%2C%221%22%5D\u0026refer=https%3A%2F%2Fhehehub-acsu123.pythonanywhere.com%2Fapi%2Fgetkey%3Fhwid%3D1766287809.8803766\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=0462ba9b-e333-4241-897c-6fc1638e041e%3A1%3A1 HTTP/1.1\r\nHost: realizationnewestfangs.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 307 Temporary Redirect\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: text/html\r\nContent-Length: 0\r\nConnection: keep-alive\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\naccess-control-allow-credentials: true\r\nlocation: https://realizationnewestfangs.com/watch.5084047548.js?key=8253a9c21e6081348abe9f05f9d8dea2\u0026kw=%5B%22get%22%2C%22key%22%2C%22hoho%22%2C%22hub%22%2C%22-%22%2C%22step%22%2C%221%22%5D\u0026refer=https%3A%2F%2Fhehehub-acsu123.pythonanywhere.com%2Fapi%2Fgetkey%3Fhwid%3D1766287809.8803766\u0026tz=0\u0026dev=e\u0026res=14.3095\u0026rb=\u0026uuid=0462ba9b-e333-4241-897c-6fc1638e041e%3A1%3A1\u0026shu=e047d0eefbff616db8998b24fa2bc6bd83df0f4bf8b9c6bd63f71f1dbb0d17747cff37ce290fd888a2751c81a7a1fcef4482a781fc2209a5090bf314fe8f6c1b944fccda66f25e4cf5dd19ded052fd75da2fded0f7056a732596a7\u0026pst=1766259091\u0026rmtc=t\r\nset-cookie: ain=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJwIjp7ImlkIjoyNTYzNDI1NCwiayI6IjgyNTNhOWMyMWU2MDgxMzQ4YWJlOWYwNWY5ZDhkZWEyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0NjQxNzg0LCJwaWQiOjI0NzAwODksImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MywiYWlkIjoyMywicHQiOjQsInBrIjoic2VhN2N2N2hndCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjoyNjY1NjExMTUsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMzY5MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTM0LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJjdCI6eyJpZCI6MzE0MzI0NCwibiI6Ik9zbG8ifSwicmciOnsiaWQiOjE4NDQsIm4iOiJPc2xvIENvdW50eSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsIml3ZiI6dHJ1ZSwidXAiOnRydWUsInIiOiJodHRwczovL2hlaGVodWItYWNzdTEyMy5weXRob25hbnl3aGVyZS5jb20vYXBpL2dldGtleT9od2lkPTE3NjYyODc4MDkuODgwMzc2NiIsInR6IjoxLCJhciI6W119fQ.3Ry_Yy0xCmV8wCO-uj-ZxFUZKtpgJ3r2U1mUaf2MXGU; expires=Sat, 20 Dec 2025 19:31:31 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 1\r\nHost: realizationnewestfangs.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d4b74c4f63f30c7a7a943b06ccd07219\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"307","status_text":"Temporary Redirect","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4781,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":133,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"realizationnewestfangs.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRuu2V2-Q77Dx2fE8yBRVNzZ_jk7bQ7iGleCMQlJJEIIUtVVvVNuT1Vb1T29uyc1EIOnOXhQL_Y8M9lNNEg8iqhh1ksICI4XB8x68C8QIehNerOwevI9PO-Ppyie9623rg6LPeKjoLOzr-otmaZ0KWw5zacuSsV1aZunLzRdp-Ucb16Uqh0cb27UYPrPuX7Qcp5uvizidb3kOa7juI7bXJVGJHpjaZ-FzG5FbityWoHXcsMAG-afuS3mYOkceH-PPALJp__7NbkEGU-gerdPCLue6-zZl3pFSnNt0Oc7r6l1pUuF3mGYmAYStXNwGtpOCflwDlrtHHQA3R_XHYDJKZl77D6Y2jmQCda__lApSyEUGP8vyv4EIp1A0glifQWS_0CAmOP0Gaje9mltSrr5kKU1OyULD36HLKdk4f6jUL3PV1K50Tyv0yKXWllsJBXkxgRybYKsmCDfakCWu4jzdyH592TpwSmo3viMTTUknx2jiYiSqBMuRmEULAZ-QhejjisW_cSlbNlz214Y7Y9IJhNQO4_CNlDIBoqkgSJroMdnzcDpBLFL_XYS8XjZCWgQcMGcqOM5Do3iZRRxrX2APBsgTgeIzdXtQsU2iIbureKNLPXCth-EXjB0Z8dUKmKedELBGGd-4HfabeF2eMiFx9oJ9wIviG5eCqPA9V338nbGu_l6f5ybQozrO4fujYelINovIjPv3OD-svBZHAwZ1uUAprgD261geQM2J-jzCqUgKC1BSQlKSVDmBGW_us5T69lqm6e2YO6B9w68X410vjak13W-JhQBNQMYXo1l9pa9gjifH20llo90DZTl1YgyXg2zPfL_-ikb7z35M9bFrPlv3cLKCtLOgdoGtuSUrP74BzI5JU_cvgtGd2HTXcRyHrRwQcsKtFthS80e74qu6BZskca2cD2_lW3mXa2o2iy7wohWrHvgukKWLyDfbAzTPXJ0dO7Cyp39Rbv807cQ8T1yYIhNhcxUeFN-R7CWXhud0yUZn9OlJV-cyXLZk1u0XsLzOc3Ffz59RWyW2vCTJ-zg5gtxTdThrQvC5qeo4lKtWfLZiuRcmFVtYkG-PmkvCna2sN2VwqgiO3X2xdWTvcwIa6VWE1A5JUd-ex-xnJKj33yy_8HCZ35BnL0Nmx3qtJqAZfNIJUEqDuuUVbB_y9lhPLTXsGYWQPMrUL0KfVOhn1ag6QC2ODLKM3Pv-bsf1fYxWLowYqlZGLPUpB_Uc_qqht39idXwJaycNUOP-e1Opy2SNk987ns-j0JHRAGN2kEUhMjtVK7--fpfAQAA__-JGtadEgUAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.325Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRuu2V2-Q77Dx2fE8yBRVNzZ_jk7bQ7iGleCMQlJJEIIUtVVvVNuT1Vb1T29uyc1EIOnOXhQL_Y8M9lNNEg8iqhh1ksICI4XB8x68C8QIehNerOwevI9PO-Ppyie9623rg6LPeKjoLOzr-otmaZ0KWw5zacuSsV1aZunLzRdp-Ucb16Uqh0cb27UYPrPuX7Qcp5uvizidb3kOa7juI7bXJVGJHpjaZ-FzG5FbityWoHXcsMAG-afuS3mYOkceH-PPALJp__7NbkEGU-gerdPCLue6-zZl3pFSnNt0Oc7r6l1pUuF3mGYmAYStXNwGtpOCflwDlrtHHQA3R_XHYDJKZl77D6Y2jmQCda__lApSyEUGP8vyv4EIp1A0glifQWS_0CAmOP0Gaje9mltSrr5kKU1OyULD36HLKdk4f6jUL3PV1K50Tyv0yKXWllsJBXkxgRybYKsmCDfakCWu4jzdyH592TpwSmo3viMTTUknx2jiYiSqBMuRmEULAZ-QhejjisW_cSlbNlz214Y7Y9IJhNQO4_CNlDIBoqkgSJroMdnzcDpBLFL_XYS8XjZCWgQcMGcqOM5Do3iZRRxrX2APBsgTgeIzdXtQsU2iIbureKNLPXCth-EXjB0Z8dUKmKedELBGGd-4HfabeF2eMiFx9oJ9wIviG5eCqPA9V338nbGu_l6f5ybQozrO4fujYelINovIjPv3OD-svBZHAwZ1uUAprgD261geQM2J-jzCqUgKC1BSQlKSVDmBGW_us5T69lqm6e2YO6B9w68X410vjak13W-JhQBNQMYXo1l9pa9gjifH20llo90DZTl1YgyXg2zPfL_-ikb7z35M9bFrPlv3cLKCtLOgdoGtuSUrP74BzI5JU_cvgtGd2HTXcRyHrRwQcsKtFthS80e74qu6BZskca2cD2_lW3mXa2o2iy7wohWrHvgukKWLyDfbAzTPXJ0dO7Cyp39Rbv807cQ8T1yYIhNhcxUeFN-R7CWXhud0yUZn9OlJV-cyXLZk1u0XsLzOc3Ffz59RWyW2vCTJ-zg5gtxTdThrQvC5qeo4lKtWfLZiuRcmFVtYkG-PmkvCna2sN2VwqgiO3X2xdWTvcwIa6VWE1A5JUd-ex-xnJKj33yy_8HCZ35BnL0Nmx3qtJqAZfNIJUEqDuuUVbB_y9lhPLTXsGYWQPMrUL0KfVOhn1ag6QC2ODLKM3Pv-bsf1fYxWLowYqlZGLPUpB_Uc_qqht39idXwJaycNUOP-e1Opy2SNk987ns-j0JHRAGN2kEUhMjtVK7--fpfAQAA__-JGtadEgUAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: close\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ce8c17e5b0155f3007ffa2344a26c5f5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":507,"timings":{"blocked":410,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/js/script.js","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.995Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/js/script.js HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:14 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=yX%2FfBktVeCehupGSPf7CtZ%2FcjcMPUhwzjraofnzOxNZH6VG6xhXZIQ4RM96TUhP5HYLQB7AY%2Fl3UuLmGestXOzZ1vVzx8yxXC9gE7Psb\"}]}\r\nage: 320190\r\ncf-cache-status: HIT\r\netag: W/\"67f54bce-20dc\"\r\ncontent-encoding: br\r\ncf-ray: 9b118e0c3d61b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8412,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text","md5":"066cc70a926c6ed2bd892cb5b2ef2127","sha1":"6ba3eb39830a2ef9e522cf28d779d25359a12587","sha256":"3a81ae28e6ed4c4b72715adf753ffb80cea10bccdb8aa81053fbcfa7d935a560","sha512":"d63b0c210b2b76569b7b79df20c58b3571fff409090fe40b1e7ffeeb219fe3991cfc82bf0889c30a29b18dff878910d4c3480dad8a85fb9cb10180124309f5ba","ssdeep":"96:KyLqrYLHwX1O/D3cYmeDjlwjeqFczLCDsnvuRQs01GKyBspfkxzUXe2lJK9zbdro:dLF4crcYmeV+VHJmQxdCnV8oDeQToS","tlshash":"ee02310809fad521d01da13e203e3265f7244a53ac5abed8bb8451055fded6fb9b903f","first_seen":"2025-07-06T07:29:12.196612Z","last_seen":"2026-06-14T21:26:13.850284Z","times_seen":1392,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/impr.gif?sid=H4sIAAAAAAAC_1RSPWwcRRidjV1BgYCIDumEAgoCn3dv1_dDCgsTjCKCbdlGRqJhdmb2bvDezDKze3u-ysISpDw6_or1OzsWEKFQUqBEZxpkCcSluiIuSEOJBArQobNPinjF932jNxq99-b7aD87JT4yOl57S_dkHNP5hbJburwlFde5La1sljy37F4pbUlVDa6UupNiOq94flB2Xyy9Idi2nq-4nut6rldalkZEujt_xkImtxpeueGWg0rZWwjQNf8_28yBpQ5455Q8BclHTzyI3oVkQ6j27avCbqc6efn1dhbTVBt0-NHbalvpXKH9aIyMg0gdTW9D2xEhn16AVkdTB9Cdg4kDhHJELjxzH6E6mspE2Dk8VxrGEAohfxx5ZwgRDyHpEEzvQfJfCcA4Vlah2jdXtMnpzjlLJ-yIzD78EzIfkdn7F6Ha3y7Fslva0HGWSq0sulEB2R1CNodIsmOkPQcyPwZLP4TkP5P5h9eh2gerNtaQfHzJC2p-ENHqnBd69bmABsEcjVwxF1ZFVI9ETTTC4CwiGQ1B7Qwy6yCTDrLIQZY4aPNxKXDrAfOoX40anNXcyStchG6jXnFd2mA1ZGyivY806YPFfTCzi8TsYlv2YbK7sK0CljuwKUGHF8gFQW4JckqQS4I8Jcg7xSGPbcUWN3lss9Cb9sq0-8VAp819eqjTplAE1PRheHEgkw_sHlg6M-hFlg_0pNAwLQY05MV-ckqenMTqfPzCHWyLcUm4FSE8t0pZI6pFDepWa6zuMa8RcuazqgsrC0h7AdQ66MkRWb73DxI5Is_f_gkhPYaNj8HkDGj2LGhegLYK9NT4uZZoiVYWzlFmM6_il5OdtKUVVTt5SxhRZroNrgsk6SzSHWc_PiVPD9Y3l-6effp7Vy9BsJPF3784fLDx9y9gpkBiCrwvfyRoxjcG6zonB-s6t-S71SSVbdmjk4XYSGkqZr9-U-zk2vBrV23_q1fZhJiMtzaFTa9TxaVqWvLNkuRcmGVtmCA_XLNbIlzLbGspMypLrq-9tnytnRhhrdRqCCpH5LEvXwKTI3Lx8uLZsi_89RtYsgubnCx-_9kEn8NqgjBxEEuCWJyQKUDDAlY88hOKkzt_nHP79gaaxgFN96DaBTqmQCcuQOM-bDYzSBNzsnjPPwPC2BmEsXEOwtjEn5znZOW4FPmiwly3Xqt6fj0Snh9wFi3UgwavUtf3BVI7ksv_vvNfAAAA__-ZGTA8jwQAAA==","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:33.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSPWwcRRidjV1BgYCIDumEAgoCn3dv1_dDCgsTjCKCbdlGRqJhdmb2bvDezDKze3u-ysISpDw6_or1OzsWEKFQUqBEZxpkCcSluiIuSEOJBArQobNPinjF932jNxq99-b7aD87JT4yOl57S_dkHNP5hbJburwlFde5La1sljy37F4pbUlVDa6UupNiOq94flB2Xyy9Idi2nq-4nut6rldalkZEujt_xkImtxpeueGWg0rZWwjQNf8_28yBpQ5455Q8BclHTzyI3oVkQ6j27avCbqc6efn1dhbTVBt0-NHbalvpXKH9aIyMg0gdTW9D2xEhn16AVkdTB9Cdg4kDhHJELjxzH6E6mspE2Dk8VxrGEAohfxx5ZwgRDyHpEEzvQfJfCcA4Vlah2jdXtMnpzjlLJ-yIzD78EzIfkdn7F6Ha3y7Fslva0HGWSq0sulEB2R1CNodIsmOkPQcyPwZLP4TkP5P5h9eh2gerNtaQfHzJC2p-ENHqnBd69bmABsEcjVwxF1ZFVI9ETTTC4CwiGQ1B7Qwy6yCTDrLIQZY4aPNxKXDrAfOoX40anNXcyStchG6jXnFd2mA1ZGyivY806YPFfTCzi8TsYlv2YbK7sK0CljuwKUGHF8gFQW4JckqQS4I8Jcg7xSGPbcUWN3lss9Cb9sq0-8VAp819eqjTplAE1PRheHEgkw_sHlg6M-hFlg_0pNAwLQY05MV-ckqenMTqfPzCHWyLcUm4FSE8t0pZI6pFDepWa6zuMa8RcuazqgsrC0h7AdQ66MkRWb73DxI5Is_f_gkhPYaNj8HkDGj2LGhegLYK9NT4uZZoiVYWzlFmM6_il5OdtKUVVTt5SxhRZroNrgsk6SzSHWc_PiVPD9Y3l-6effp7Vy9BsJPF3784fLDx9y9gpkBiCrwvfyRoxjcG6zonB-s6t-S71SSVbdmjk4XYSGkqZr9-U-zk2vBrV23_q1fZhJiMtzaFTa9TxaVqWvLNkuRcmGVtmCA_XLNbIlzLbGspMypLrq-9tnytnRhhrdRqCCpH5LEvXwKTI3Lx8uLZsi_89RtYsgubnCx-_9kEn8NqgjBxEEuCWJyQKUDDAlY88hOKkzt_nHP79gaaxgFN96DaBTqmQCcuQOM-bDYzSBNzsnjPPwPC2BmEsXEOwtjEn5znZOW4FPmiwly3Xqt6fj0Snh9wFi3UgwavUtf3BVI7ksv_vvNfAAAA__-ZGTA8jwQAAA== HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: uid_id2=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25634495=1; slece02ee106ac9f7f9a067c81c19bdc3c60=[6308900]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:33 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nset-cookie: iprc_l+cb0aa92c03aee03ed07cb606c9158085=6308900; expires=Sun, 21 Dec 2025 19:30:33 GMT; path=/; secure; SameSite=None\niprc_l:6308900=1; expires=Sun, 21 Dec 2025 19:30:33 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 3\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 26549b88af89e22bb619b568fc74560f\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":100,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /9c/5d/14/9c5d14453d6b11cdec5b98e5ce5af0dc.js HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 3403\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: ff897a4e0c5c74348809a9423005bd7e\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6454,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6454), with no line terminators","md5":"81c010ddfde2faeaf1c598844287df5a","sha1":"cd0fb06af4d1e8878a8c2c8d0311892ef13ff47b","sha256":"44442357bcab05b20364ed17aae2a3ae173b906529612b0e2f7d2217a76e51ab","sha512":"0acadda1dc3bba9f6178ba54356f2aed3dba23fbaf3b53b683fc5dd78eeff47a63ec7815ffbdb1e07041b274646eaa0a71ada2500f181775833f40761fc7cac8","ssdeep":"96:A9+XCx+8Ixmzn2ySej3zqIDNcxE6204l4sNm+E/0NK4Amfnqkk7lDAP2CwU6:A6Cg/S2yPXXWxW04fNPw6K4Amf4DAPA","tlshash":"13d1859c3e80b0a057b26077b97fa019b3696c50657fd80cd012b1a03e7562ad9bbba5","first_seen":"2025-12-01T12:09:20.892186Z","last_seen":"2026-01-29T12:50:40.978548Z","times_seen":4063,"resource_available":true,"data":null}},"time_used":770,"timings":{"blocked":336,"dns":22,"connect":106,"send":0,"wait":97,"receive":0,"ssl":201},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"weirdopt.com/ad/advertisers.js","fqdn":"weirdopt.com","domain":"weirdopt.com","tld":"com"},"ip":{"addr":"185.196.197.72","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.251Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"weirdopt.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Thu, 30 Oct 2025 01:14:37 GMT","end":"Wed, 28 Jan 2026 01:14:36 GMT"},"fingerprint":{"sha1":"5A:67:AA:88:D5:BE:C4:00:42:86:CC:4E:FC:E7:73:FE:CB:85:71:60","sha256":"F5:6C:A4:39:AC:04:F6:11:7E:DB:94:93:4C:93:FC:EC:A2:B4:4E:A4:FE:19:8E:22:C0:D8:D4:84:67:37:70:C0"}}},"request":{"raw":"GET /ad/advertisers.js HTTP/1.1\r\nHost: weirdopt.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 0\r\nConnection: keep-alive\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: cd166f3d144a21811d7a4882b1ac12a8\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/javascript","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":127,"timings":{"blocked":0,"dns":6,"connect":21,"send":0,"wait":22,"receive":0,"ssl":77},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"weirdopt.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"protrafficinspector.com/stats","fqdn":"protrafficinspector.com","domain":"protrafficinspector.com","tld":"com"},"ip":{"addr":"18.194.59.7","port":443,"asn":16509,"as":"AMAZON-02","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.261Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"P256","signature_name":"RSA-PKCS1-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"traffinspector.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Wed, 19 Nov 2025 00:00:00 GMT","end":"Fri, 18 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"11:9F:BE:35:27:7B:7B:85:C9:B3:FF:0E:CA:F6:0D:13:B0:A9:A0:BB","sha256":"81:A4:38:32:0D:BC:66:C8:7B:6D:08:BC:93:91:76:73:A2:BD:D0:53:3C:BF:2F:FD:B8:87:00:C6:EC:3B:6C:77"}}},"request":{"raw":"GET /stats HTTP/1.1\r\nHost: protrafficinspector.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:31 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 40\r\nserver: fasthttp\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\nset-cookie: uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; expires=Tue, 18 Dec 2035 19:30:31 GMT; secure; SameSite=None\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"ASCII text, with no line terminators","md5":"97f6d86fe0cf7b3e8633e12f797b61d5","sha1":"c6f2b11c9c59c901947ba2e5e0b13144f308c131","sha256":"83e60516e78bb58b7ae38538ea578e5206fbeb3aee2a862a936308d77e3a43c3","sha512":"1ee6df85781e8644392ca33dcd1c94e6a56526c8eb9283de75ba5a54269c14b6218f07cf2b3fc109f32bf6046e1ef65e86fe12571efbcdc02305ce00bd63a30b","ssdeep":"","tlshash":"08900246aa0067065091944164a406a039018924016442950513528215568006591e83","first_seen":"2025-12-20T19:31:04.683465Z","last_seen":"2025-12-20T19:31:04.683465Z","times_seen":1,"resource_available":false,"data":null}},"time_used":698,"timings":{"blocked":332,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":323},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/ae/79/89/ae7989f2633270f8048003ed9cebf55b/1756661969.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/ae/79/89/ae7989f2633270f8048003ed9cebf55b/1756661969.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 100950\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:39:29 GMT\r\netag: \"68b488d1-18a56\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100950,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:27:26], progressive, precision 8, 320x240, components 3","md5":"5188b48a2994b55c67b2211a8ed9208d","sha1":"bb1c8a605f489997516d624fbd593b3639e517f8","sha256":"571cbce9dfe4866d792c5bee341d78496f485c467f62fc02b05ceefb08ec6640","sha512":"e399ae6cb27bb09cf3b6103ddb797913f01b43bdafe23d901cd146ed2d544950268e28dd3ee6636fc04d0e6b3c46efdf4141e79de3cfeecd7f18e98e3ab25905","ssdeep":"3072:ooliolMDPZveGJW14aqv8nDsabzPqaqEGf:H92Nzv8UaqJ","tlshash":"bda3f12d6b69ce53f4d4277d3aa38ac68751a91253a3b7843cbd504933b064dbcce907","first_seen":"2025-09-02T18:27:26.483242Z","last_seen":"2026-05-24T23:15:49.41749Z","times_seen":1368,"resource_available":false,"data":null}},"time_used":647,"timings":{"blocked":309,"dns":0,"connect":0,"send":0,"wait":34,"receive":63,"ssl":241},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/5c/a6/f9/5ca6f9517dd500f87e3a4b75cd9c0009/1756661718.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/5c/a6/f9/5ca6f9517dd500f87e3a4b75cd9c0009/1756661718.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76594\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:35:18 GMT\r\netag: \"68b487d6-12b32\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":76594,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 14:55:59], progressive, precision 8, 320x240, components 3","md5":"69be0ae352649c5c4534bade7a52fcda","sha1":"52c5b614ab2213cd48b483e4336ed81b6c5c40c4","sha256":"637a6132b53002fd82f88455665944757438b103df6e9cac8eb21c9402faecb3","sha512":"2d324c37c48798431de06ce5d34f37b9ca477e02b793c743e8203abc5b2976912ca45ae8a22e55def5eae164752e24df805b327a8cae636debbc4122ed2cfbbd","ssdeep":"1536:Ye0NCH4JwffwHpxlCaw0pQYi64OAEseKD:YesIffwHs3/6VAEsn","tlshash":"1e73f130179b4d23d4d2f57849e9cbd26390f7b93f83a7427aac250173f03a26ca9196","first_seen":"2025-09-02T17:23:30.749389Z","last_seen":"2026-05-25T10:53:19.667549Z","times_seen":1397,"resource_available":false,"data":null}},"time_used":321,"timings":{"blocked":190,"dns":0,"connect":0,"send":0,"wait":88,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRitmSwe4kE04nkQFRWd7V8zmTYHcY0rwZjEJLKHEKS6q3qn3J6qtqp6endPwUAMnubgQb3Y82ayazRIPAoqYdZLCCi2IC6YveQvECHoTXqysHryg_5-vNeH977--so43yM-crp75k21KdKULnbaTuvZFSGZKkzr1PmW67SdY60VIbvBsdZ6nfTwJdcP2s5zrdd5vKYWPcd1HNdxW8tC80StL85ZiOxG6LZDpx14bbcTYF3_dzZ5E4Y2wYZ75DEIVj1yL7kAEc8gBzePc7NmVfbCa4M8pVZpDNn223JNqkJicNAmuoFEbu-_DWUqQj5uQsntfQdQw2ntAJGoSPOJu4jk9r5MRMNrD5RGKbhExB5GMZyBpzMIOkOsLkOwnwkQM5w6DTnYOqV0QTcesLRmK7Jw_0-IoiILdx-HHHy1lIr11jmV5lYoabCelBDrM4jVGbJ8BrvZgCh2ENv3IdiPZPH-ScjB9LRJFQQr5-5FMgM1DeT1IxrIkwbyrIEB220FTi-IXep3k5DFR52ABgHjkRP2PMehYXwUeVzLGsFmI8TpCLG-ciN_J0u9TtcPOl4wdnefkimPWdLr8ChikR_4vW6Xuz3WYdyLugnzAi8Ir1_ohIHru-7FrYz17dpwanXOp7mMzdj9_AEUhHNwqwaDcOwi05ewJkbQ-S2YfgnDmjC2Io23LmHIShScoDAEBSUoBEFhCYpheY2lxjPlFktNHrn71duvfjlRdnVMrym7yiUB1SNoVk5F9p65jNgemmwmhk1UnWhkywmNWDnO9sij9edpfPDM71jju63_8wsjSgjTnG9-U1Rk-Ze_kImKPH3zNiK6A5PuIBaHQHMXtChB-yU25e6Tfd7n_Tx6kcYmdz2_nW3YvpJUbhR9rnk7VgMwVSKzC7AbjXG6R45Mzp5fujU_nou_7YDHd8h-INYlMl3iXfEDwWp6dXJWFWR6VhWGfH06s2IgNml9WOcstfyhL97gG4XS7MRxM7r-SlwTdXvjPDf2JJVMyFVDvlwSjHG9rHTMyXcnzAqPzuSmv5RrmWcnz7y6fGKQaW6MUHIGKipy-I8PEYuKHPn-s_lP03n-HuLsEkx2oNMogihrIhUEKT_AaVTC_GuODvqxuYpVvQBqL0MOSgx1iWFagqYjmPzwxGb6zsu3P6njU0TpwiRK9cI0SnX6Ub2nb-fLqtM3Fbn4608wYrfV8SK_2-t1edJlic98z2dhx-FhQMNuEAYdWFOJ5b9X_gkAAP__JW4a-OYEAAA=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.123Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRitmSwe4kE04nkQFRWd7V8zmTYHcY0rwZjEJLKHEKS6q3qn3J6qtqp6endPwUAMnubgQb3Y82ayazRIPAoqYdZLCCi2IC6YveQvECHoTXqysHryg_5-vNeH977--so43yM-crp75k21KdKULnbaTuvZFSGZKkzr1PmW67SdY60VIbvBsdZ6nfTwJdcP2s5zrdd5vKYWPcd1HNdxW8tC80StL85ZiOxG6LZDpx14bbcTYF3_dzZ5E4Y2wYZ75DEIVj1yL7kAEc8gBzePc7NmVfbCa4M8pVZpDNn223JNqkJicNAmuoFEbu-_DWUqQj5uQsntfQdQw2ntAJGoSPOJu4jk9r5MRMNrD5RGKbhExB5GMZyBpzMIOkOsLkOwnwkQM5w6DTnYOqV0QTcesLRmK7Jw_0-IoiILdx-HHHy1lIr11jmV5lYoabCelBDrM4jVGbJ8BrvZgCh2ENv3IdiPZPH-ScjB9LRJFQQr5-5FMgM1DeT1IxrIkwbyrIEB220FTi-IXep3k5DFR52ABgHjkRP2PMehYXwUeVzLGsFmI8TpCLG-ciN_J0u9TtcPOl4wdnefkimPWdLr8ChikR_4vW6Xuz3WYdyLugnzAi8Ir1_ohIHru-7FrYz17dpwanXOp7mMzdj9_AEUhHNwqwaDcOwi05ewJkbQ-S2YfgnDmjC2Io23LmHIShScoDAEBSUoBEFhCYpheY2lxjPlFktNHrn71duvfjlRdnVMrym7yiUB1SNoVk5F9p65jNgemmwmhk1UnWhkywmNWDnO9sij9edpfPDM71jju63_8wsjSgjTnG9-U1Rk-Ze_kImKPH3zNiK6A5PuIBaHQHMXtChB-yU25e6Tfd7n_Tx6kcYmdz2_nW3YvpJUbhR9rnk7VgMwVSKzC7AbjXG6R45Mzp5fujU_nou_7YDHd8h-INYlMl3iXfEDwWp6dXJWFWR6VhWGfH06s2IgNml9WOcstfyhL97gG4XS7MRxM7r-SlwTdXvjPDf2JJVMyFVDvlwSjHG9rHTMyXcnzAqPzuSmv5RrmWcnz7y6fGKQaW6MUHIGKipy-I8PEYuKHPn-s_lP03n-HuLsEkx2oNMogihrIhUEKT_AaVTC_GuODvqxuYpVvQBqL0MOSgx1iWFagqYjmPzwxGb6zsu3P6njU0TpwiRK9cI0SnX6Ub2nb-fLqtM3Fbn4608wYrfV8SK_2-t1edJlic98z2dhx-FhQMNuEAYdWFOJ5b9X_gkAAP__JW4a-OYEAAA= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 429c27d967ca25dcba2be678e5c844c2\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":303,"timings":{"blocked":207,"dns":0,"connect":0,"send":0,"wait":95,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRitmSwe4kE04nkQFRWd7Z7umcyYg7jGlWBMYhLZQwhSXVW9U25PVVtVPb27p2AgBk9z8KBe7Hkz2TUaJB4FlTDrJQQUWxAXzF7yF4gQ9CY9WVg9-UF_P97rw3tff31lnO2RABndPfOm3pRJQhfbTa_x7IpUXOe2cep8w_ea3rHGilSd8FhjvUpm-JIfhE3vucbrgq3pxZbne57v-Y1laUSs1xfnLGR6o-c3e14zbDX9doh189_ZZnVYWgcf7pHHIHn5yL34AiSbQQ1uHhd2zen0hdcGWUKdNhjy7bfVmtK5wuCgjU0NsdrefxvaloR8XIdW2_sOoIfTygEiWZL6E3cRqe19mYiG1x4ojRIIhYg_jHw4g0hmkHQGpi9D8p8JwDhOnYYabJ3SJqcbD1hasSVZuP8nZF6ShbuPQw2-WkrkeuOcTjIntbJYjwvI9Rnk6gxpNoPbrEHmO2DufUj-I1m8fxJqMD1tEw3Ji7l7Gc9AbQ1Z9cgasriGLK1hwHcbodcNmU-DTtzj7KgX0jDkIvJ63Zbn0R47ioxVskZw6QgsGYGZK1sp77u14dSZTEwzxezY__wBFPbm4FYFhr2xfyN7J01a7U4Qtlvh2N99SiWC8bjbFlHEoyAMup2O8Lu8zUUr6sS8FbbC3vUL7V7oB75_Eam5hDU5gsluwfYLWF6HdSWpvXUJQ14gFwS5JcgpQS4JckeQD4trPLEtW2zxxGaRv19b-zUoJtqtjuk17VaFIqBmBMOLqUzfs5fB3KHJZmz5RFeJRq6Y0IgX43SPPFp9ntoHz_yONbHb-D8XsLKAtPX55jdlSZZ_-QupLMnTN28jojuwyQ6YPASa-aB5AdovsKl2n-yLvuhn0YuU2cxvBc10w_W1omoj7wsjmkwPwHWB1C3AbdTGyR45Mjl7funW_Hgu_rYDwe6Q_QAzBVJT4F35A8FqcnVyVudkelbnlnx9OnVyIDdpdVjnHHXioS_eEBu5NvzEcTu6_gqriKq9cV5Yd5IqLtWqJV8uSc6FWdaGCfLdCbsiojOZ7S9lRmXpyTOvLp8YpEZYK7WagcqSHP7jQzBZkiPffzb_adrP3wNLL8GmBzqtJojSOhJJkIgDnEYF7L_m6KAf26tYNQug7jLUoMDQFBgmBWgygs0OT1xq7rx8-5MqPkWULEyixCxMo8QkH1V7-na-rCp9U5KLv_4EK3cbcSBazPO6Rzt-0I2FH4Scxe1u2OMd6gWBgLOlXP575Z8AAAD__1XB-CvmBAAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRitmSwe4kE04nkQFRWd7Z7umcyYg7jGlWBMYhLZQwhSXVW9U25PVVtVPb27p2AgBk9z8KBe7Hkz2TUaJB4FlTDrJQQUWxAXzF7yF4gQ9CY9WVg9-UF_P97rw3tff31lnO2RABndPfOm3pRJQhfbTa_x7IpUXOe2cep8w_ea3rHGilSd8FhjvUpm-JIfhE3vucbrgq3pxZbne57v-Y1laUSs1xfnLGR6o-c3e14zbDX9doh189_ZZnVYWgcf7pHHIHn5yL34AiSbQQ1uHhd2zen0hdcGWUKdNhjy7bfVmtK5wuCgjU0NsdrefxvaloR8XIdW2_sOoIfTygEiWZL6E3cRqe19mYiG1x4ojRIIhYg_jHw4g0hmkHQGpi9D8p8JwDhOnYYabJ3SJqcbD1hasSVZuP8nZF6ShbuPQw2-WkrkeuOcTjIntbJYjwvI9Rnk6gxpNoPbrEHmO2DufUj-I1m8fxJqMD1tEw3Ji7l7Gc9AbQ1Z9cgasriGLK1hwHcbodcNmU-DTtzj7KgX0jDkIvJ63Zbn0R47ioxVskZw6QgsGYGZK1sp77u14dSZTEwzxezY__wBFPbm4FYFhr2xfyN7J01a7U4Qtlvh2N99SiWC8bjbFlHEoyAMup2O8Lu8zUUr6sS8FbbC3vUL7V7oB75_Eam5hDU5gsluwfYLWF6HdSWpvXUJQ14gFwS5JcgpQS4JckeQD4trPLEtW2zxxGaRv19b-zUoJtqtjuk17VaFIqBmBMOLqUzfs5fB3KHJZmz5RFeJRq6Y0IgX43SPPFp9ntoHz_yONbHb-D8XsLKAtPX55jdlSZZ_-QupLMnTN28jojuwyQ6YPASa-aB5AdovsKl2n-yLvuhn0YuU2cxvBc10w_W1omoj7wsjmkwPwHWB1C3AbdTGyR45Mjl7funW_Hgu_rYDwe6Q_QAzBVJT4F35A8FqcnVyVudkelbnlnx9OnVyIDdpdVjnHHXioS_eEBu5NvzEcTu6_gqriKq9cV5Yd5IqLtWqJV8uSc6FWdaGCfLdCbsiojOZ7S9lRmXpyTOvLp8YpEZYK7WagcqSHP7jQzBZkiPffzb_adrP3wNLL8GmBzqtJojSOhJJkIgDnEYF7L_m6KAf26tYNQug7jLUoMDQFBgmBWgygs0OT1xq7rx8-5MqPkWULEyixCxMo8QkH1V7-na-rCp9U5KLv_4EK3cbcSBazPO6Rzt-0I2FH4Scxe1u2OMd6gWBgLOlXP575Z8AAAD__1XB-CvmBAAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 1f824ae0c1b21734544134af7eda6f06\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":316,"timings":{"blocked":216,"dns":0,"connect":0,"send":0,"wait":100,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSecyyKUCAIoj6hgADh8_4835ICYYJRREiiJMhFFKHZmVnf4L2ZZWb31nYFRAoR1RUUQMPedxc7gQiFml_RBYooEhJHw0nEFPwFCCmCDq1jyVDxiu-9931bfO_tm8vDYpf4KOjszOt6S6YpXQxbTvOZVam4Lm3z1Pmm67ScY81VqdrBseZGDab_gusHLefZ5quCretFz3Edx3Xc5oo0ItEbi3sqZHYjcluR0wq8lhsG2DD_7W0xB0vnwPu75DFIPn3k9-QCJJtA9W4eF3Y919nzr_SKlObaoM933lDrSpcKvYMyMQ0kamf_a2g7JeSjOWi1sz8BdH9cT4BYTsncE_cQq519m4j7Vx84jVMIhZg_jLI_gUgnkHQCpi9B8p8IwDhOnYbqbZ_SpqSbD1Raq1Myf_9PyHJK5u89DtX7YjmVG81zOi1yqZXFRlJBbkwg1ybIignyrQZkeRssfw-S_0gW75-E6o1P21RD8tlRmogoiTrhQhRGwULgJ3Qh6rhiwU9cGi95btsLo70VyWQCag-hsA0UsoEiaaDIGujxWTNwOgFzqd9OIs6WnIAGARexE3U8x6ERW0LBau8D5NkALB2AmcvbGe_m6_1xbgoxLhSzQ_faAyqI9sjtmgyioXujeDNLvbDtB6EXDN3ZUZUKxpNOKOKYx37gd9pt4XZ4yIUXtxPuBV4QXb8QRoHru-5FZObda9xfEn7MgmGMdTmAKW7BditY3oDNCfq8QikISktQUoJSEpQ5QdmvrvLUerba5qktYnc_e_vZr0Y6XxvSqzpfE4qAmgEMr8Yye9teAssPjbYSy0e6Bhrn1YjGvBpmu-TR-lc23n_6V6yLWfP_hoGVFaSdA7UNbMkpWfn5L2RySp66eQcxvQ2b3gaTh0ALF7SsQLsVttTsya7oim4RL1BmC9fzW9lm3tWKqs2yK4xoMd0D1xWyfB75ZmOY7pIjo7Pnl2_tHdrFX76DYHfJfoCZCpmp8Jb8nmAtvTI6q0syPqtLS748neWyJ7dofYTncpqLhz57TWyW2vATx-3g-kusFuryxnlh85NUcanWLPl8WXIuzIo2TJBvTthVEZ8pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PgCTU3Lk20_3Hlj43G9g2Tuw2YFPqwnibA6pJEjFAU_jCvZffXxQD-0VrJl50PwSVK9C31TopxVoOoAtDo_yzNx98c7HdXyCOJ0fxamZH8epST-s9_TV3rJq-KGGr2HlrJn4wmOO01lqu34nEa4fcJaEnSDiber4vkBup3Ll79V_AgAA___JkDLOEgUAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSecyyKUCAIoj6hgADh8_4835ICYYJRREiiJMhFFKHZmVnf4L2ZZWb31nYFRAoR1RUUQMPedxc7gQiFml_RBYooEhJHw0nEFPwFCCmCDq1jyVDxiu-9931bfO_tm8vDYpf4KOjszOt6S6YpXQxbTvOZVam4Lm3z1Pmm67ScY81VqdrBseZGDab_gusHLefZ5quCretFz3Edx3Xc5oo0ItEbi3sqZHYjcluR0wq8lhsG2DD_7W0xB0vnwPu75DFIPn3k9-QCJJtA9W4eF3Y919nzr_SKlObaoM933lDrSpcKvYMyMQ0kamf_a2g7JeSjOWi1sz8BdH9cT4BYTsncE_cQq519m4j7Vx84jVMIhZg_jLI_gUgnkHQCpi9B8p8IwDhOnYbqbZ_SpqSbD1Raq1Myf_9PyHJK5u89DtX7YjmVG81zOi1yqZXFRlJBbkwg1ybIignyrQZkeRssfw-S_0gW75-E6o1P21RD8tlRmogoiTrhQhRGwULgJ3Qh6rhiwU9cGi95btsLo70VyWQCag-hsA0UsoEiaaDIGujxWTNwOgFzqd9OIs6WnIAGARexE3U8x6ERW0LBau8D5NkALB2AmcvbGe_m6_1xbgoxLhSzQ_faAyqI9sjtmgyioXujeDNLvbDtB6EXDN3ZUZUKxpNOKOKYx37gd9pt4XZ4yIUXtxPuBV4QXb8QRoHru-5FZObda9xfEn7MgmGMdTmAKW7BditY3oDNCfq8QikISktQUoJSEpQ5QdmvrvLUerba5qktYnc_e_vZr0Y6XxvSqzpfE4qAmgEMr8Yye9teAssPjbYSy0e6Bhrn1YjGvBpmu-TR-lc23n_6V6yLWfP_hoGVFaSdA7UNbMkpWfn5L2RySp66eQcxvQ2b3gaTh0ALF7SsQLsVttTsya7oim4RL1BmC9fzW9lm3tWKqs2yK4xoMd0D1xWyfB75ZmOY7pIjo7Pnl2_tHdrFX76DYHfJfoCZCpmp8Jb8nmAtvTI6q0syPqtLS748neWyJ7dofYTncpqLhz57TWyW2vATx-3g-kusFuryxnlh85NUcanWLPl8WXIuzIo2TJBvTthVEZ8pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PgCTU3Lk20_3Hlj43G9g2Tuw2YFPqwnibA6pJEjFAU_jCvZffXxQD-0VrJl50PwSVK9C31TopxVoOoAtDo_yzNx98c7HdXyCOJ0fxamZH8epST-s9_TV3rJq-KGGr2HlrJn4wmOO01lqu34nEa4fcJaEnSDiber4vkBup3Ll79V_AgAA___JkDLOEgUAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: b1265a572d1ea6b279f4ee49a40e1769\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":374,"timings":{"blocked":278,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026uuid=afe9f985-9594-43fa-981e-3f1ab7216259%3A3%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026uuid=afe9f985-9594-43fa-981e-3f1ab7216259%3A3%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/json\r\nContent-Length: 12344\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; expires=Sat, 27 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Sun, 21 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\nuncs49=2; expires=Sun, 21 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 8\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 8fcd44b2f79925e2ece7df0cd762691b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17311,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7bf315ecd2fae0192179d53ea70cfdb7","sha1":"ea04055ecae0ff8a467ea37479fda0f26396101c","sha256":"d8ca52da291c4e7073019c72875a0840d2a61de9186a75fd44317b387a45e1dd","sha512":"73c69ffe1a45a0f6bc22090eb672a80aee1fa0dbba00eaa59a9782b85d357ebc65f48a2edf5f7ecaf2620ad0cf22b5b5e3ff7e2a1dc24386cdf5ca9578f6237e","ssdeep":"384:KZ6QpDlLekhKwtYXv6niyJfeeQbSzhH5O5l/HZGqMx2xyDWevHeHVoDPwCoJh3ZW:KZ6iQkASUCnigfejbUQlxGXxa2WoHeHw","tlshash":"ea72af23694c403d0eb4b9ae7a9a31b96d985253b884bfd3ecbbb19d00244d65fb3950","first_seen":"2025-12-20T19:31:04.700427Z","last_seen":"2025-12-20T19:31:04.700427Z","times_seen":1,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTQYscRRit2Swe4kE04nkQFRWd7Z7umcyYg7jGlWBMYhLZQwhSXVW9U25PVVtVPb27p2AgBk9z8KBe7Hkz2TUaJB4FlTDrJQQUWxAXkr34C0QIepOeDKyeLOhX3_deH977-usro2yfBMjo3pk39ZZMErrUanj1Z1el4jq39VPn677X8I7VV6Vqh8fqGxWYwUt-EDa85-qvC7aul5qe73m-59dXpBGx3liaqZDpja7f6HqNsNnwWyE2zH97my3A0gXwwT55DJKXj_weX4BkU6j-zePCrjudvvBaP0uo0wYDvvO2Wlc6V-gflLGpIVY787ehbUnIxwvQameeAHowqRIgkiVZeOIeIrUzt4locO2B0yiBUIj4w8gHU4hkCkmnYPoyJP-ZAIzj1Gmo_vYpbXK6-UCllVqSxft_QuYlWbz3OFT_q-VEbtTP6SRzUiuLjbiA3JhCrk2RZlO4rRpkvgvm3ofkP5Kl-yeh-pPTNtGQvJill_EU1NaQVY-sIYtryNIa-nyvHnqdkPk0aMddzo56IQ1DLiKv22l6Hu2yo8hYZWsIlw7BkiGYubL3lEoE43GnJaKIR0EYdNpt4Xd4i4tm1I55M2yG3esXWt3QD3z_4nbKe259MHEmE5NMMTvyP39Ahd0ZuV2RYXfk38jeSZNmqx2ErWY48pGaS1iXQ5jsFmyvgOULsK4ktbcuYcAL5IIgtwQ5JcglQe4I8kFxjSe2aYttntgs8ud3c34HxVi7tRG9pt2aUATUDGF4MZHpe_YymDs03ootH-sKaOSKMY14MUr3yaPV56l98MxdrIu9-v_Fh5UFpF2YTX5LlmTll7-QypI8ffM2IroLm-yCyUOgmQ-aF6C9Altq78me6IleFr1Imc38ZtBIN11PK6o2854wosF0H1wXSN0i3GZtlOyTI-Oz55dvzZbn4m_fQrA7ZH7ATIHUFHhX_kCwllwdn9U5mZzVuSVfn06d7MstWi3WOUedeOiLN8Rmrg0_cdwOr7_CKqEqb5wX1p2kiku1ZsmXy5JzYVa0YYJ8d8KuiuhMZnvLmVFZevLMqysn-qkR1kqtpqCyJIf_-BBMluTI95_NfprW83fB0kuw6YFPqwmitIZEEiTigKdRAfuvPjqoR_Yq1swiqLsM1S8wMAUGSQGaDGGzw2OXmjsv3_6kOp8iShbHUWIWJ1Fiko9mc6pgt4JvSnLx159g5V49DkSTeV7naNsPOrHwg5CzuNUJu7xNvSAQcLaUK3-v_hMAAP__RjlG2OYEAAA=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTQYscRRit2Swe4kE04nkQFRWd7Z7umcyYg7jGlWBMYhLZQwhSXVW9U25PVVtVPb27p2AgBk9z8KBe7Hkz2TUaJB4FlTDrJQQUWxAXkr34C0QIepOeDKyeLOhX3_deH977-usro2yfBMjo3pk39ZZMErrUanj1Z1el4jq39VPn677X8I7VV6Vqh8fqGxWYwUt-EDa85-qvC7aul5qe73m-59dXpBGx3liaqZDpja7f6HqNsNnwWyE2zH97my3A0gXwwT55DJKXj_weX4BkU6j-zePCrjudvvBaP0uo0wYDvvO2Wlc6V-gflLGpIVY787ehbUnIxwvQameeAHowqRIgkiVZeOIeIrUzt4locO2B0yiBUIj4w8gHU4hkCkmnYPoyJP-ZAIzj1Gmo_vYpbXK6-UCllVqSxft_QuYlWbz3OFT_q-VEbtTP6SRzUiuLjbiA3JhCrk2RZlO4rRpkvgvm3ofkP5Kl-yeh-pPTNtGQvJill_EU1NaQVY-sIYtryNIa-nyvHnqdkPk0aMddzo56IQ1DLiKv22l6Hu2yo8hYZWsIlw7BkiGYubL3lEoE43GnJaKIR0EYdNpt4Xd4i4tm1I55M2yG3esXWt3QD3z_4nbKe259MHEmE5NMMTvyP39Ahd0ZuV2RYXfk38jeSZNmqx2ErWY48pGaS1iXQ5jsFmyvgOULsK4ktbcuYcAL5IIgtwQ5JcglQe4I8kFxjSe2aYttntgs8ud3c34HxVi7tRG9pt2aUATUDGF4MZHpe_YymDs03ootH-sKaOSKMY14MUr3yaPV56l98MxdrIu9-v_Fh5UFpF2YTX5LlmTll7-QypI8ffM2IroLm-yCyUOgmQ-aF6C9Altq78me6IleFr1Imc38ZtBIN11PK6o2854wosF0H1wXSN0i3GZtlOyTI-Oz55dvzZbn4m_fQrA7ZH7ATIHUFHhX_kCwllwdn9U5mZzVuSVfn06d7MstWi3WOUedeOiLN8Rmrg0_cdwOr7_CKqEqb5wX1p2kiku1ZsmXy5JzYVa0YYJ8d8KuiuhMZnvLmVFZevLMqysn-qkR1kqtpqCyJIf_-BBMluTI95_NfprW83fB0kuw6YFPqwmitIZEEiTigKdRAfuvPjqoR_Yq1swiqLsM1S8wMAUGSQGaDGGzw2OXmjsv3_6kOp8iShbHUWIWJ1Fiko9mc6pgt4JvSnLx159g5V49DkSTeV7naNsPOrHwg5CzuNUJu7xNvSAQcLaUK3-v_hMAAP__RjlG2OYEAAA= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: d9ed30183c803f1b8825359d5464e010\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":313,"timings":{"blocked":211,"dns":0,"connect":0,"send":0,"wait":97,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKmuqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhok3v0RZ72EgOB4ccAsiH-BCEFv0puF1ZPv8L33vq8P33v96sqw2CU-Cjo787relGlKF8OW03zmglRcl7Z56nzTdVrOseYFqdrBseZ6Dab_gusHLefZ5quCrelFz3Edx3Xc5oo0ItHri3sqZHYzcluR0wq8lhsGWDf_7W0xB0vnwPu75DFIPn3k9-QiJJtA9W4dF3Yt19nzr_SKlObaoM-331BrSpcKvYMyMQ0kanv_a2g7JeTjOWi1vT8BdH9cT4BYTsncE_cQq-19m4j71x44jVMIhZg_jLI_gUgnkHQCpi9D8p8IwDhOnYbqbZ3SpqQbD1Raq1Myf_9PyHJK5u89DtX7cjmV681zOi1yqZXFelJBrk8gVyfIignyzQZkuQOWvw_JfySL909C9canbaoh-ewoTUSURJ1wIQqjYCHwE7oQdVyx4CcujZc8t-2F0d6KZDIBtYdQ2AYK2UCRNFBkDfT4rBk4nYC51G8nEWdLTkCDgIvYiTqe49CILaFgtfcB8mwAlg7AzJWtjHfztf44N4UYF4rZoXv9ARVEe-RWTQbR0L1ZvJWlXtj2g9ALhu7sqEoF40knFHHMYz_wO-22cDs85MKL2wn3Ai-IblwMo8D1XfcSMvPede4vCT9mwTDGmhzAFLdhuxUsb8DmBH1eoRQEpSUoKUEpCcqcoOxX13hqPVtt8dQWsbufvf3sVyOdrw7pNZ2vCkVAzQCGV2OZvWMvg-WHRpuJ5SNdA43zakRjXg2zXfJo_SsbHzz9K9bErPl_w8DKCtLOgdoGNuWUrPz8FzI5JU_duoOY7sCmO2DyEGjhgpYVaLfCppo92RVd0S3iBcps4Xp-K9vIu1pRtVF2hREtpnvgukKWzyPfaAzTXXJkdPb88u29Q7v0y_cQ7C7ZDzBTITMV3pY_EKymV0dndUnGZ3VpyVens1z25Catj_BcTnPx0OeviY1SG37iuB3ceInVQl3ePC9sfpIqLtWqJV8sS86FWdGGCfLNCXtBxGcK210ujCqyk2deXjnRy4ywVmo1AZVTcviPD8HklBz59rO9BxY-9xtY9i5sduDTaoI4m0MqCVJxwNO4gv1XHx_UQ3sVq2YeNL8M1avQNxX6aQWaDmCLw6M8M3dfvPNJHZ8iTudHcWrmx3Fq0o_qPX23t6wavq5hB1bOmokvPOY4naW263cS4foBZ0nYCSLepo7vC-R2Klf-fvOfAAAA__-IP0OpEgUAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.318Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKmuqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhok3v0RZ72EgOB4ccAsiH-BCEFv0puF1ZPv8L33vq8P33v96sqw2CU-Cjo787relGlKF8OW03zmglRcl7Z56nzTdVrOseYFqdrBseZ6Dab_gusHLefZ5quCrelFz3Edx3Xc5oo0ItHri3sqZHYzcluR0wq8lhsGWDf_7W0xB0vnwPu75DFIPn3k9-QiJJtA9W4dF3Yt19nzr_SKlObaoM-331BrSpcKvYMyMQ0kanv_a2g7JeTjOWi1vT8BdH9cT4BYTsncE_cQq-19m4j71x44jVMIhZg_jLI_gUgnkHQCpi9D8p8IwDhOnYbqbZ3SpqQbD1Raq1Myf_9PyHJK5u89DtX7cjmV681zOi1yqZXFelJBrk8gVyfIignyzQZkuQOWvw_JfySL909C9canbaoh-ewoTUSURJ1wIQqjYCHwE7oQdVyx4CcujZc8t-2F0d6KZDIBtYdQ2AYK2UCRNFBkDfT4rBk4nYC51G8nEWdLTkCDgIvYiTqe49CILaFgtfcB8mwAlg7AzJWtjHfztf44N4UYF4rZoXv9ARVEe-RWTQbR0L1ZvJWlXtj2g9ALhu7sqEoF40knFHHMYz_wO-22cDs85MKL2wn3Ai-IblwMo8D1XfcSMvPede4vCT9mwTDGmhzAFLdhuxUsb8DmBH1eoRQEpSUoKUEpCcqcoOxX13hqPVtt8dQWsbufvf3sVyOdrw7pNZ2vCkVAzQCGV2OZvWMvg-WHRpuJ5SNdA43zakRjXg2zXfJo_SsbHzz9K9bErPl_w8DKCtLOgdoGNuWUrPz8FzI5JU_duoOY7sCmO2DyEGjhgpYVaLfCppo92RVd0S3iBcps4Xp-K9vIu1pRtVF2hREtpnvgukKWzyPfaAzTXXJkdPb88u29Q7v0y_cQ7C7ZDzBTITMV3pY_EKymV0dndUnGZ3VpyVens1z25Catj_BcTnPx0OeviY1SG37iuB3ceInVQl3ePC9sfpIqLtWqJV8sS86FWdGGCfLNCXtBxGcK210ujCqyk2deXjnRy4ywVmo1AZVTcviPD8HklBz59rO9BxY-9xtY9i5sduDTaoI4m0MqCVJxwNO4gv1XHx_UQ3sVq2YeNL8M1avQNxX6aQWaDmCLw6M8M3dfvPNJHZ8iTudHcWrmx3Fq0o_qPX23t6wavq5hB1bOmokvPOY4naW263cS4foBZ0nYCSLepo7vC-R2Klf-fvOfAAAA__-IP0OpEgUAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 4\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 15b48ec3f685038b6d543fdf52e5af62\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":455,"timings":{"blocked":342,"dns":0,"connect":0,"send":0,"wait":112,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSec04UoUAQRH1CAQHC5_1151tSIEwwighJlAQFKYrQ7Mysb_DezDKze2u7AiKFiOoKCqBh77uLnYCFQs-PcKaJIiFxNJxE3OQvQEgRdGhtS4aKV3zvve_b4ntv31wb5rvER05n597UGzJJ6EKr6TSeuyQV14VtnLnYcJ2mc6JxSap2cKKxVoHpv-T6QdN5vvG6YKt6wXNcx3Edt7EsjYj12sKeCpluh24zdJqB13RbAdbMf3ubz8HSOfD-LnkCkk8fexBfhmQTqN7tk8KuZjp98bVentBMG_T51ltqVelCoXdYxqaGWG0dfA1tp4R8Ogettg4mgO6PqwkQySmZe-o-IrV1YBNR_8a-0yiBUIj4oyj6E4hkAkknYPoqJP-FAIzjzFmo3uYZbQq6vq_SSp2S-sM_IYspqd9_Eqr39VIi1xoXdJJnUiuLtbiEXJtArkyQ5hNkGzXIYgcs-xCS_0wWHp6G6o3P2kRD8tlxGoswDjut-bAVBvOBH9P5sOOKeT92abTouW2vFe6tSMYTUHsEua0hlzXkcQ15WkOPzxqB0wmYS_12HHK26AQ0CLiInLDjOQ4N2SJyVnkfIEsHYMkAzFzbTHk3W-2PM5OLca6YHbo396kg3CM3KzIIh-52_k6aeK22H7S8YOjOjqtEMB53WiKKeOQHfqfdFm6Ht7jwonbMvcALwluXW2Hg-q57Ban54Cb3F4UfsWAYYVUOYPI7sN0SltdgM4I-L1EIgsISFJSgkARFRlD0yxs8sZ4tN3li88g9yN5B9suRzlaG9IbOVoQioGYAw8uxTN-zV8GyI6ON2PKRroBGWTmiES-H6S55vPqVtY-e_R2rYtb4v2FgZQlp50BtDRtySpZ__QupnJJnbt9FRHdgkx0weQQ0d0GLErRbYkPNnu6Krujm0TxlNnc9v5muZ12tqFovusKIJtM9cF0izerI1mvDZJccG52_uHRn79Cu_LYDwe6RgwAzJVJT4l35E8FKcn10XhdkfF4XlnxzNs1kT27Q6ggvZDQTj3z5hlgvtOGnTtrBrVdYJVTl9kVhs9NUcalWLPlqSXIuzLI2TJDvTtlLIjqX2-5SblSenj736vKpXmqEtVKrCaickqN_fAwmp-TY91_sPbDWCw_A0vdh00OfVhNEaR2JJEjEIU-jEvZffXRYD-11rJg6aHYVqleib0r0kxI0GcDmR0dZau69fPezKj5HlNRHUWLq4ygxySfVnn6o4McKvt1fm5WzRuwLjzlOZ7Ht-p1YuH7AWdzqBCFvU8f3BTI7lct_v_1PAAAA__8zzznhEgUAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.321Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTv28cRRSec04UoUAQRH1CAQHC5_1151tSIEwwighJlAQFKYrQ7Mysb_DezDKze2u7AiKFiOoKCqBh77uLnYCFQs-PcKaJIiFxNJxE3OQvQEgRdGhtS4aKV3zvve_b4ntv31wb5rvER05n597UGzJJ6EKr6TSeuyQV14VtnLnYcJ2mc6JxSap2cKKxVoHpv-T6QdN5vvG6YKt6wXNcx3Edt7EsjYj12sKeCpluh24zdJqB13RbAdbMf3ubz8HSOfD-LnkCkk8fexBfhmQTqN7tk8KuZjp98bVentBMG_T51ltqVelCoXdYxqaGWG0dfA1tp4R8Ogettg4mgO6PqwkQySmZe-o-IrV1YBNR_8a-0yiBUIj4oyj6E4hkAkknYPoqJP-FAIzjzFmo3uYZbQq6vq_SSp2S-sM_IYspqd9_Eqr39VIi1xoXdJJnUiuLtbiEXJtArkyQ5hNkGzXIYgcs-xCS_0wWHp6G6o3P2kRD8tlxGoswDjut-bAVBvOBH9P5sOOKeT92abTouW2vFe6tSMYTUHsEua0hlzXkcQ15WkOPzxqB0wmYS_12HHK26AQ0CLiInLDjOQ4N2SJyVnkfIEsHYMkAzFzbTHk3W-2PM5OLca6YHbo396kg3CM3KzIIh-52_k6aeK22H7S8YOjOjqtEMB53WiKKeOQHfqfdFm6Ht7jwonbMvcALwluXW2Hg-q57Ban54Cb3F4UfsWAYYVUOYPI7sN0SltdgM4I-L1EIgsISFJSgkARFRlD0yxs8sZ4tN3li88g9yN5B9suRzlaG9IbOVoQioGYAw8uxTN-zV8GyI6ON2PKRroBGWTmiES-H6S55vPqVtY-e_R2rYtb4v2FgZQlp50BtDRtySpZ__QupnJJnbt9FRHdgkx0weQQ0d0GLErRbYkPNnu6Krujm0TxlNnc9v5muZ12tqFovusKIJtM9cF0izerI1mvDZJccG52_uHRn79Cu_LYDwe6RgwAzJVJT4l35E8FKcn10XhdkfF4XlnxzNs1kT27Q6ggvZDQTj3z5hlgvtOGnTtrBrVdYJVTl9kVhs9NUcalWLPlqSXIuzLI2TJDvTtlLIjqX2-5SblSenj736vKpXmqEtVKrCaickqN_fAwmp-TY91_sPbDWCw_A0vdh00OfVhNEaR2JJEjEIU-jEvZffXRYD-11rJg6aHYVqleib0r0kxI0GcDmR0dZau69fPezKj5HlNRHUWLq4ygxySfVnn6o4McKvt1fm5WzRuwLjzlOZ7Ht-p1YuH7AWdzqBCFvU8f3BTI7lct_v_1PAAAA__8zzznhEgUAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 6\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: c332b63707a3f73a5a5a0d2337913de9\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":478,"timings":{"blocked":379,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKmuqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhokHkXUMOslBATHiwNmL_kLRAh6k94srJ58h--99319-N7rV1eGxS7xUdDZmTf1pkxTuhi2nOZzF6TiurTNU-ebrtNyjjUvSNUOjjXXazD9l1w_aDnPN18XbE0veo7rOK7jNlekEYleX9xTIbObkduKnFbgtdwwwLr5b2-LOVg6B97fJU9A8ulj95OLkGwC1bt1XNi1XGcvvtYrUpprgz7ffkutKV0q9A7KxDSQqO39r6HtlJBP56DV9v4E0P1xPQFiOSVzT91DrLb3bSLuX3voNE4hFGL-KMr-BCKdQNIJmL4MyX8hAOM4dRqqt3VKm5JuPFRprU7J_IM_Icspmb_3JFTv6-VUrjfP6bTIpVYW60kFuT6BXJ0gKybINxuQ5Q5Y_iEk_5ksPjgJ1RuftqmG5LOjNBFREnXChSiMgoXAT-hC1HHFgp-4NF7y3LYXRnsrkskE1B5CYRsoZANF0kCRNdDjs2bgdALmUr-dRJwtOQENAi5iJ-p4jkMjtoSC1d4HyLMBWDoAM1e2Mt7N1_rj3BRiXChmh-71h1QQ7ZFbNRlEQ_dm8U6WemHbD0IvGLqzoyoVjCedUMQxj_3A77Tbwu3wkAsvbifcC7wgunExjALXd91LyMwH17m_JPyYBcMYa3IAU9yG7VawvAGbE_R5hVIQlJagpASlJChzgrJfXeOp9Wy1xVNbxO5-9vazX410vjqk13S-KhQBNQMYXo1l9p69DJYfGm0mlo90DTTOqxGNeTXMdsnj9a9sfPTs71gTs-b_DQMrK0g7B2ob2JRTsvLrX8jklDxz6w5iugOb7oDJQ6CFC1pWoN0Km2r2dFd0RbeIFyizhev5rWwj72pF1UbZFUa0mO6B6wpZPo98ozFMd8mR0dnzy7f3Du3SbzsQ7C7ZDzBTITMV3pU_EaymV0dndUnGZ3VpyTens1z25Catj_BcTnPxyJdviI1SG37iuB3ceIXVQl3ePC9sfpIqLtWqJV8tS86FWdGGCfL9CXtBxGcK210ujCqyk2deXTnRy4ywVmo1AZVTcviPj8HklBz54Yu9Bxa-cB8sex82O_BpNUGczSGVBKk44Glcwf6rjw_qob2KVTMPml-G6lXomwr9tAJNB7DF4VGembsv3_msjs8Rp_OjODXz4zg16Sf1nr7bW1YNP9bwLaycNRNfeMxxOktt1-8kwvUDzpKwE0S8TR3fF8jtVK78_fY_AQAA___UMhPuEgUAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKmuqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhokHkXUMOslBATHiwNmL_kLRAh6k94srJ58h--99319-N7rV1eGxS7xUdDZmTf1pkxTuhi2nOZzF6TiurTNU-ebrtNyjjUvSNUOjjXXazD9l1w_aDnPN18XbE0veo7rOK7jNlekEYleX9xTIbObkduKnFbgtdwwwLr5b2-LOVg6B97fJU9A8ulj95OLkGwC1bt1XNi1XGcvvtYrUpprgz7ffkutKV0q9A7KxDSQqO39r6HtlJBP56DV9v4E0P1xPQFiOSVzT91DrLb3bSLuX3voNE4hFGL-KMr-BCKdQNIJmL4MyX8hAOM4dRqqt3VKm5JuPFRprU7J_IM_Icspmb_3JFTv6-VUrjfP6bTIpVYW60kFuT6BXJ0gKybINxuQ5Q5Y_iEk_5ksPjgJ1RuftqmG5LOjNBFREnXChSiMgoXAT-hC1HHFgp-4NF7y3LYXRnsrkskE1B5CYRsoZANF0kCRNdDjs2bgdALmUr-dRJwtOQENAi5iJ-p4jkMjtoSC1d4HyLMBWDoAM1e2Mt7N1_rj3BRiXChmh-71h1QQ7ZFbNRlEQ_dm8U6WemHbD0IvGLqzoyoVjCedUMQxj_3A77Tbwu3wkAsvbifcC7wgunExjALXd91LyMwH17m_JPyYBcMYa3IAU9yG7VawvAGbE_R5hVIQlJagpASlJChzgrJfXeOp9Wy1xVNbxO5-9vazX410vjqk13S-KhQBNQMYXo1l9p69DJYfGm0mlo90DTTOqxGNeTXMdsnj9a9sfPTs71gTs-b_DQMrK0g7B2ob2JRTsvLrX8jklDxz6w5iugOb7oDJQ6CFC1pWoN0Km2r2dFd0RbeIFyizhev5rWwj72pF1UbZFUa0mO6B6wpZPo98ozFMd8mR0dnzy7f3Du3SbzsQ7C7ZDzBTITMV3pU_EaymV0dndUnGZ3VpyTens1z25Catj_BcTnPxyJdviI1SG37iuB3ceIXVQl3ePC9sfpIqLtWqJV8tS86FWdGGCfL9CXtBxGcK210ujCqyk2deXTnRy4ywVmo1AZVTcviPj8HklBz54Yu9Bxa-cB8sex82O_BpNUGczSGVBKk44Glcwf6rjw_qob2KVTMPml-G6lXomwr9tAJNB7DF4VGembsv3_msjs8Rp_OjODXz4zg16Sf1nr7bW1YNP9bwLaycNRNfeMxxOktt1-8kwvUDzpKwE0S8TR3fF8jtVK78_fY_AQAA___UMhPuEgUAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 4d502c74bde57f4295981ee15f1ab499\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":572,"timings":{"blocked":471,"dns":0,"connect":0,"send":0,"wait":100,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/css/magic.css","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/css/magic.css HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:33 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:09 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: W/\"67f54bc9-affe\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\ncontent-encoding: gzip\r\ncf-cache-status: MISS\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fP10Vz3C0aBralTQ5COwe6rUpHzMOArFl%2BwjA0vOUSwwOSrTyH5cX9flmpG4Or%2BfN2EHFen8jHw%2BkiNCe4P58it9bT1vb9VLH76pw0jH\"}]}\r\ncf-ray: 9b118e0b0c5cb4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":45054,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"bcd1967f8c2604f55f57197de0ae895e","sha1":"c31a10c3ecde74b50450a0a1ad21aa474ff05e7d","sha256":"787eac5d9417257a04de7b18ef21f5ec887de3aee642ceba9a7d56a8209eea2a","sha512":"b37f1a61bbe740bc29308e664227701366ac978d4fbed081f13c47200edd74a792ab980559a236cff39ae27d3fda3ffffef3f1ac2dc420612b616496b44e9df8","ssdeep":"384:lQLl1pRp0itimTKDbObwHuHXFlF7FPFSWRyYyRZZZaZjZPfbfUO3OipypE:GpRp0itiFbObwHuHXFlF7FPFSWX","tlshash":"b913276b2dd2114086564365a3fe6b2c261c85c31c6becfab3a218ce8f1567c53db61f","first_seen":"2025-06-11T18:18:27.729381Z","last_seen":"2026-06-16T16:26:17.282391Z","times_seen":5710,"resource_available":false,"data":null}},"time_used":595,"timings":{"blocked":-1,"dns":6,"connect":1,"send":0,"wait":563,"receive":0,"ssl":21},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:33.765Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"5A:E3:E3:B6:18:F9:10:0B:5B:11:FA:CB:BF:0C:9B:5C:0E:34:70:78","sha256":"FC:46:B0:C1:1E:B2:21:60:D9:7E:6A:ED:42:56:B2:CF:2A:E4:D2:F1:1C:63:63:98:2B:A3:0F:6C:4A:98:74:D6"}}},"request":{"raw":"GET /s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 40128\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 16 Dec 2025 19:22:36 GMT\r\nexpires: Wed, 16 Dec 2026 19:22:36 GMT\r\ncache-control: public, max-age=31536000\r\nage: 346077\r\nlast-modified: Tue, 18 Nov 2025 19:00:07 GMT\r\ncontent-type: font/woff2\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":40128,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 40128, version 1.0","md5":"9a01b69183a9604ab3a439e388b30501","sha1":"8ed1d59003d0dbe6360481017b44665153665fbe","sha256":"20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2","sha512":"0e6795255b6eea00b5403fd7e3b904d52776d49ac63a31c2778361262883697943aedcb29feee85694ba6f19eaa34dddb9a5bfe7118f4a25b4757e92c331feca","ssdeep":"768:Vce3jkow68wmT4IBX0tXdlSirS61gSjcz0GPwHbP+w2jec56O:VcI/iEEEtXdFJj+0GPwHbP+w5rO","tlshash":"3703023a5e3ccf1a84157a703950f6d9a8481e548e9d143b4f1ac7bf085dde2209b6d4","first_seen":"2025-01-08T22:59:02.845106Z","last_seen":"2026-06-16T17:50:35.49609Z","times_seen":884618,"resource_available":false,"data":null}},"time_used":270,"timings":{"blocked":107,"dns":1,"connect":21,"send":0,"wait":21,"receive":29,"ssl":87},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/11/ca/f4/11caf4e942c5d5d5d04515433ce3d147/1756566718.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.047Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/11/ca/f4/11caf4e942c5d5d5d04515433ce3d147/1756566718.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 59745\r\nserver: nginx/1.21.6\r\nlast-modified: Sat, 30 Aug 2025 15:11:58 GMT\r\netag: \"68b314be-e961\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":59745,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 14:52:07], progressive, precision 8, 320x240, components 3","md5":"553444adab3dfcd61adc177371e70b19","sha1":"9cc9b386d317956511049e01988a6d95c10d02bf","sha256":"ae84ed1c8b29159b1746f9c305c3ab04f45ba50652ac4a645477e44fcd616882","sha512":"1c05db90f15c1a34847938159eec2284d7c280b14b3017a7c44f716fff49a61684cf7673543334bd9f97f6e5b17e28f275c1af76b28f570ced515d758d05970f","ssdeep":"1536:9H+iH+gX5OhYC0V1fluUkOk3TqDx18otcaUA:p+u+QkYC0V10UkOk3TqDx1btcaUA","tlshash":"8c43e169bf51eda3f4da8b388468d3d1ba0a7d65a387765230cc995c3fe06949c4d013","first_seen":"2025-09-02T18:27:26.543026Z","last_seen":"2026-05-23T14:11:03.798393Z","times_seen":1395,"resource_available":false,"data":null}},"time_used":464,"timings":{"blocked":-1,"dns":47,"connect":28,"send":0,"wait":35,"receive":17,"ssl":337},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_1RSz4scRRSuTgYP8SAa8TwISgSd7Z7umcyYQ3CNK8GYxM3KgpJDdVX1TLk9VW1V9_TsnBYXNHiagwf1Yu83u1l_BIl_gBpm9RACii2IC2Yv_gEiQtCb9O7A6oN673v11eF736t3t7ID4iOj-1df1WMZx3Sh1XDrZ1al4jq39csrdc9tuOfqq1K1g3P1UZXM8HnPDxruM_WXBVvTC03Xc13P9epL0ohIjxYOWcjkVtdrdN1G0Gx4rQAj8__eZg4sdcCHB-QxSF4-8nv0JiSbQQ1uXxB2LdXJsy8Nspim2mDId19Xa0rnCoNjGBkHkdqdv4a2JSEfnoBWu_MJoIfb1QQIZUlOPHEfodqdy0Q43DlSGsYQCiF_GPlwBhHPIOkMTG9C8p8IwDguX4Ea3LysTU7Xj1hasSWpPfgLMi9J7f7jUIMvF2M5ql_TcZZKrSxGUQE5mkH2ZkiyPaRjBzLfA0vfgeQ_kIUHl6AG21dsrCF5cTi9jGag1kFWHekgixxkiYMB368HbidgHvXbUZezs25Ag4CL0O12mq5Lu-wsMlbJmiBNJmDxBMxsIDEbWJMTmOwObL-A5Q5sWhLntQ0MeYFcEOSWIKcEuSTIU4J8WOzw2DZtcZPHNgu9eW3Oq19Mddrbojs67QlFQM0EhhfbMnnbboKlJ6fjyPKprhIN02JKQ15sJQfk0co1572nf8Oa2K_zqNMSYchDP_A77bbwOrzFRTNsR7wZNIMurCwg7YlDQ8ayJEs__41EluSp23cR0j3YeA9MngTNPNC8AO0XGKv9J_uiL_pZ-BxlNvOafiNZT_taUbWe94URDaYH4LpAktaQrjtb8QE5PV1eWbxzuNPrv_wIwe6ReYCZAokp8Jb8jqAX35gu65xsL-vckq-uJKkcyDGt9n0tpal46PNXxHquDb94wU4-e4FVRAVvrQibXqKKS9Wz5ItFybkwS9owQb6-aFdFeDWz_cXMqCy5dPXFpYuDxAhrpVYzUFmSU3--DyZLcvqbTw7_cuvMH2DJBmxyrNNqgjCpIZYEsTi-p2EB-58-PMZb9gZ6pgaabkINCgxNgWFcgMYT2OzUNE3MvfN3P6riY4RxbRrGprYdxib-oCTXf_22JG98er5C3x_ZZuV-PfJFk7lu52zb8zuR8PyAs6jVCbq8TV3fF0htKZf-Wf03AAD__xIUKM59BAAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSz4scRRSuTgYP8SAa8TwISgSd7Z7umcyYQ3CNK8GYxM3KgpJDdVX1TLk9VW1V9_TsnBYXNHiagwf1Yu83u1l_BIl_gBpm9RACii2IC2Yv_gEiQtCb9O7A6oN673v11eF736t3t7ID4iOj-1df1WMZx3Sh1XDrZ1al4jq39csrdc9tuOfqq1K1g3P1UZXM8HnPDxruM_WXBVvTC03Xc13P9epL0ohIjxYOWcjkVtdrdN1G0Gx4rQAj8__eZg4sdcCHB-QxSF4-8nv0JiSbQQ1uXxB2LdXJsy8Nspim2mDId19Xa0rnCoNjGBkHkdqdv4a2JSEfnoBWu_MJoIfb1QQIZUlOPHEfodqdy0Q43DlSGsYQCiF_GPlwBhHPIOkMTG9C8p8IwDguX4Ea3LysTU7Xj1hasSWpPfgLMi9J7f7jUIMvF2M5ql_TcZZKrSxGUQE5mkH2ZkiyPaRjBzLfA0vfgeQ_kIUHl6AG21dsrCF5cTi9jGag1kFWHekgixxkiYMB368HbidgHvXbUZezs25Ag4CL0O12mq5Lu-wsMlbJmiBNJmDxBMxsIDEbWJMTmOwObL-A5Q5sWhLntQ0MeYFcEOSWIKcEuSTIU4J8WOzw2DZtcZPHNgu9eW3Oq19Mddrbojs67QlFQM0EhhfbMnnbboKlJ6fjyPKprhIN02JKQ15sJQfk0co1572nf8Oa2K_zqNMSYchDP_A77bbwOrzFRTNsR7wZNIMurCwg7YlDQ8ayJEs__41EluSp23cR0j3YeA9MngTNPNC8AO0XGKv9J_uiL_pZ-BxlNvOafiNZT_taUbWe94URDaYH4LpAktaQrjtb8QE5PV1eWbxzuNPrv_wIwe6ReYCZAokp8Jb8jqAX35gu65xsL-vckq-uJKkcyDGt9n0tpal46PNXxHquDb94wU4-e4FVRAVvrQibXqKKS9Wz5ItFybkwS9owQb6-aFdFeDWz_cXMqCy5dPXFpYuDxAhrpVYzUFmSU3--DyZLcvqbTw7_cuvMH2DJBmxyrNNqgjCpIZYEsTi-p2EB-58-PMZb9gZ6pgaabkINCgxNgWFcgMYT2OzUNE3MvfN3P6riY4RxbRrGprYdxib-oCTXf_22JG98er5C3x_ZZuV-PfJFk7lu52zb8zuR8PyAs6jVCbq8TV3fF0htKZf-Wf03AAD__xIUKM59BAAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 6badfda32fc4be44f26cb6d7fa7680ee\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":278,"timings":{"blocked":177,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTv28cVRd9a1tfka_49BFEvUIBAcLr-bneIQXCBKOIkERJkIsoQu_Ne-N9ePa94b2ZHdsVEClEVFtQAA2zZzd2AhEKNb-iDRRRJCSWhpWIG8QfgJAi6NA4lgwVtzj33nOmOPfOfVeGxR7xUdDZ2Vf1tkxTuhS2nOZTa1JxXdrm6QtN12k5x5trUrWD483NGkz_OdcPWs7TzZdFvKGXPMd1HNdxm6vSiERvLu2rkNnNyG1FTivwWm4YYNP8s7fFHCydA-_vkUcg-fR_vyQXIeMJVO_WCWE3cp09-1KvSGmuDfp89zW1oXSp0DssE9NAonYPvoa2U0I-mINWuwcTQPfH9QRgckrmHrsPpnYPbIL1rz10ylIIBcb_i7I_gUgnkHSCWF-G5D8QIOY4fQaqt3Nam5JuPVRprU7JwoPfIcspWbj_KFTvs5VUbjbP67TIpVYWm0kFuTmBXJ8gKybItxuQ5R3E-TuQ_Huy9OAUVG98xqYaks-O0URESdQJF6MwChYDP6GLUccVi37iUrbsuW0vjPZXJJMJqJ1HYRsoZANF0kCRNdDjs2bgdILYpX47iXi87AQ0CLhgTtTxHIdG8TKKuPY-QJ4NEKcDxObKzeL1LPXCth-EXjB0Z8dUKmKedELBGGd-4HfabeF2eMiFx9oJ9wIviG5cDKPA9V330k7Gu_lGf5ybQowLFduhe_0hFUT75E5NBtHQRWbevs79ZeGzOBgybMgBTHEbtlvB8gZsTtDnFUpBUFqCkhKUkqDMCcp-dY2n1rPVDk9twdyD7B1kvxrpfH1Ir-l8XSgCagYwvBrL7E17GXE-P9pOLB_pGijLqxFlvBpme-T_9a9svPvkz9gQs-a_jQ0rK0g7B2ob2JZTsvrjH8jklDxx6y4YvQOb3kEs50ELF7SsQLsVttXs8a7oim7BFmlsC9fzW9lW3tWKqq2yK4xoxboHritk-QLyrcYw3SNHR-curNzeP7RLP30HEd8jB4HYVMhMhTfktwTr6dXROV2S8TldWvL5mSyXPblN6yM8n9Nc_OeTV8RWqQ0_ecIObrwQ10Jd3rwgbH6KKi7VuiWfrkjOhVnVJhbkq5N2TbCzhe2uFEYV2amzL66e7GVGWCu1moDKKTny23uI5ZQc_frj_QcWPvMr4uwt2OzQp9UELJtHKglScchTVsH-rWeH9dBexbpZAM0vQ_Uq9E2FflqBpgPY4sgoz8y95-9-WMdHYOnCiKVmYcxSk75f7-mLGr7Z31gNX8LKWTP0mN_udNoiafPE577n8yh0RBTQqB1EQYjcTuXqn2t_BQAA__8kjgBfEgUAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTv28cVRd9a1tfka_49BFEvUIBAcLr-bneIQXCBKOIkERJkIsoQu_Ne-N9ePa94b2ZHdsVEClEVFtQAA2zZzd2AhEKNb-iDRRRJCSWhpWIG8QfgJAi6NA4lgwVtzj33nOmOPfOfVeGxR7xUdDZ2Vf1tkxTuhS2nOZTa1JxXdrm6QtN12k5x5trUrWD483NGkz_OdcPWs7TzZdFvKGXPMd1HNdxm6vSiERvLu2rkNnNyG1FTivwWm4YYNP8s7fFHCydA-_vkUcg-fR_vyQXIeMJVO_WCWE3cp09-1KvSGmuDfp89zW1oXSp0DssE9NAonYPvoa2U0I-mINWuwcTQPfH9QRgckrmHrsPpnYPbIL1rz10ylIIBcb_i7I_gUgnkHSCWF-G5D8QIOY4fQaqt3Nam5JuPVRprU7JwoPfIcspWbj_KFTvs5VUbjbP67TIpVYWm0kFuTmBXJ8gKybItxuQ5R3E-TuQ_Huy9OAUVG98xqYaks-O0URESdQJF6MwChYDP6GLUccVi37iUrbsuW0vjPZXJJMJqJ1HYRsoZANF0kCRNdDjs2bgdILYpX47iXi87AQ0CLhgTtTxHIdG8TKKuPY-QJ4NEKcDxObKzeL1LPXCth-EXjB0Z8dUKmKedELBGGd-4HfabeF2eMiFx9oJ9wIviG5cDKPA9V330k7Gu_lGf5ybQowLFduhe_0hFUT75E5NBtHQRWbevs79ZeGzOBgybMgBTHEbtlvB8gZsTtDnFUpBUFqCkhKUkqDMCcp-dY2n1rPVDk9twdyD7B1kvxrpfH1Ir-l8XSgCagYwvBrL7E17GXE-P9pOLB_pGijLqxFlvBpme-T_9a9svPvkz9gQs-a_jQ0rK0g7B2ob2JZTsvrjH8jklDxx6y4YvQOb3kEs50ELF7SsQLsVttXs8a7oim7BFmlsC9fzW9lW3tWKqq2yK4xoxboHritk-QLyrcYw3SNHR-curNzeP7RLP30HEd8jB4HYVMhMhTfktwTr6dXROV2S8TldWvL5mSyXPblN6yM8n9Nc_OeTV8RWqQ0_ecIObrwQ10Jd3rwgbH6KKi7VuiWfrkjOhVnVJhbkq5N2TbCzhe2uFEYV2amzL66e7GVGWCu1moDKKTny23uI5ZQc_frj_QcWPvMr4uwt2OzQp9UELJtHKglScchTVsH-rWeH9dBexbpZAM0vQ_Uq9E2FflqBpgPY4sgoz8y95-9-WMdHYOnCiKVmYcxSk75f7-mLGr7Z31gNX8LKWTP0mN_udNoiafPE577n8yh0RBTQqB1EQYjcTuXqn2t_BQAA__8kjgBfEgUAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 7fd5b5ceb2426b591ca6f7562e6b141d\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":377,"timings":{"blocked":279,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRit2Qwe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6erreqe3p2TGojB0xw8qBd73kx2E10k3v0RZ72EgOB4ccDsJX-BCEFv0rsDqyfr8Or73uvD-15_dW2Y7xEXOZ2de1P1ZRzTJb9pNZ67JBOuCtM4c7FhW03rROOSTFreicZGBbr3ku16Tev5xusiXFdLjmVblm3ZjVWpRaQ2lvZVyHQnsJuB1fScpu172ND_7U2-AEMXwHt75AlIPn3sQXQZMpwg6d4-Kcx6ptIXX-vmMc2URo9vv5WsJ6pI0D0sI11DlGzPv4YyU0I-XYBKtucTQPXG1QRgckoWnroPlmzPbYL1bhw4ZTFEAsYfRdGbQMQTSDpBqK5C8l8IEHKcOYuku3VG6YJuHqi0Uqek_vBPyGJK6vefRNL9eiWWG40LKs4zqRKDjaiE3JhArk2Q5hNk_RpksYsw-xCS_0yWHp5G0h2fNbGC5LPjNBJBFLT9xcAPvEXPjehi0LbFohvZlC07dsvxg_2IZDQBNUeQmxpyWUMe1ZCnNXT5rOFZbS-0qduKAh4uWx71PC6YFbQdy6JBuIw8rLwPkKUDhPEAob42O57EIuRR2xeMceZ6brvVEnab-1w4rBVxx3O84NZlP_Bs17avbKW8k633xpnOxThPQjO0bx5QXrBPblWkFwztnfydNHb8luv5jje0keoPbnJ3Wbgs9IYM63IAnd-B6ZQwvAaTEfR4iUIQFIagoASFJCgygqJX3uCxcUy5xWOTM3t-O_PbLUcqWxvSGypbEwkB1QNoXo5l-p65ijA7MupHho9UBZRl5YgyXg7TPfJ49StrHz37O9bFrPF_KcDIEtIsgJoa-nJKVn_9C6mckmdu3wWjuzDxLkJ5BDS3QYsStFOin8ye7oiO6ORskYYmtx23mW5mHZXQZLPoCC2aoeqCqxJpVke2WRvGe-TY6PzFlTv7i3blt12I8B6ZH4S6RKpLvCt_IliLr4_Oq4KMz6vCkG_Oppnsyj6tlvBCRjPxyJdviM1CaX7qpBnceiWshKrcuShMdpomXCZrhny1IjkXelXpUJDvTplLgp3LTWcl10menj736uqpbqqFMVIlE1A5JUf_-BihnJJj33-x_8D8Fx4gTN-HSQ99GkXA0jpiSRCLQ56yEuZfPTush-Y61nQdNLuKpFuip0v04hI0HsDkR0dZqu-9fPez6nwOFtdHLNb1MYt1_EmV0w8V_FjBtwexGTlr-A5zW-12S0QtHrncdVwe-JYIPBq0vMDzkZmpXP377X8CAAD__wv8GA8SBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.315Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRit2Qwe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6erreqe3p2TGojB0xw8qBd73kx2E10k3v0RZ72EgOB4ccDsJX-BCEFv0rsDqyfr8Or73uvD-15_dW2Y7xEXOZ2de1P1ZRzTJb9pNZ67JBOuCtM4c7FhW03rROOSTFreicZGBbr3ku16Tev5xusiXFdLjmVblm3ZjVWpRaQ2lvZVyHQnsJuB1fScpu172ND_7U2-AEMXwHt75AlIPn3sQXQZMpwg6d4-Kcx6ptIXX-vmMc2URo9vv5WsJ6pI0D0sI11DlGzPv4YyU0I-XYBKtucTQPXG1QRgckoWnroPlmzPbYL1bhw4ZTFEAsYfRdGbQMQTSDpBqK5C8l8IEHKcOYuku3VG6YJuHqi0Uqek_vBPyGJK6vefRNL9eiWWG40LKs4zqRKDjaiE3JhArk2Q5hNk_RpksYsw-xCS_0yWHp5G0h2fNbGC5LPjNBJBFLT9xcAPvEXPjehi0LbFohvZlC07dsvxg_2IZDQBNUeQmxpyWUMe1ZCnNXT5rOFZbS-0qduKAh4uWx71PC6YFbQdy6JBuIw8rLwPkKUDhPEAob42O57EIuRR2xeMceZ6brvVEnab-1w4rBVxx3O84NZlP_Bs17avbKW8k633xpnOxThPQjO0bx5QXrBPblWkFwztnfydNHb8luv5jje0keoPbnJ3Wbgs9IYM63IAnd-B6ZQwvAaTEfR4iUIQFIagoASFJCgygqJX3uCxcUy5xWOTM3t-O_PbLUcqWxvSGypbEwkB1QNoXo5l-p65ijA7MupHho9UBZRl5YgyXg7TPfJ49StrHz37O9bFrPF_KcDIEtIsgJoa-nJKVn_9C6mckmdu3wWjuzDxLkJ5BDS3QYsStFOin8ye7oiO6ORskYYmtx23mW5mHZXQZLPoCC2aoeqCqxJpVke2WRvGe-TY6PzFlTv7i3blt12I8B6ZH4S6RKpLvCt_IliLr4_Oq4KMz6vCkG_Oppnsyj6tlvBCRjPxyJdviM1CaX7qpBnceiWshKrcuShMdpomXCZrhny1IjkXelXpUJDvTplLgp3LTWcl10menj736uqpbqqFMVIlE1A5JUf_-BihnJJj33-x_8D8Fx4gTN-HSQ99GkXA0jpiSRCLQ56yEuZfPTush-Y61nQdNLuKpFuip0v04hI0HsDkR0dZqu-9fPez6nwOFtdHLNb1MYt1_EmV0w8V_FjBtwexGTlr-A5zW-12S0QtHrncdVwe-JYIPBq0vMDzkZmpXP377X8CAAD__wv8GA8SBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 95d29d0191e410e8a55b55470b75f4d1\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":411,"timings":{"blocked":309,"dns":0,"connect":0,"send":0,"wait":101,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhokHkXUMOslBATHiwNmL_kLRAh6k94srJ58h--99319-N7rV1eGxS7xUdDZmTf1pkxTuhi2nOZzF6TiurTNU-ebrtNyjjUvSNUOjjXXazD9l1w_aDnPN18X8Zpe9BzXcVzHba5IIxK9vrinQmY3I7cVOa3Aa7lhgHXz394Wc7B0Dry_S56A5NPH7icXIeMJVO_WcWHXcp29-FqvSGmuDfp8-y21pnSp0DsoE9NAorb3v4a2U0I-nYNW2_sTQPfH9QRgckrmnroHprb3bYL1rz10ylIIBcYfRdmfQKQTSDpBrC9D8l8IEHOcOg3V2zqlTUk3Hqq0Vqdk_sGfkOWUzN97Eqr39XIq15vndFrkUiuL9aSCXJ9Ark6QFRPkmw3Icgdx_iEk_5ksPjgJ1RuftqmG5LOjNBFREnXChSiMgoXAT-hC1HHFgp-4lC15btsLo70VyWQCag-hsA0UsoEiaaDIGujxWTNwOkHsUr-dRDxecgIaBFwwJ-p4jkOjeAlFXHsfIM8GiNMBYnPlZvFOlnph2w9CLxi6s6MqFTFPOqFgjDM_8DvttnA7POTCY-2Ee4EXRDcuhlHg-q57aSvj3XytP85NIcaFiu3Qvf6QCqI9cqsmg2joIjMfXOf-kvBZHAwZ1uQAprgN261geQM2J-jzCqUgKC1BSQlKSVDmBGW_usZT69lqi6e2YO5-9vazX410vjqk13S-KhQBNQMYXo1l9p69jDg_NNpMLB_pGijLqxFlvBpmu-Tx-lc2Pnr2d6yJWfP_xoaVFaSdA7UNbMopWfn1L2RySp65dQeM7sCmO4jlIdDCBS0r0G6FTTV7uiu6oluwBRrbwvX8VraRd7WiaqPsCiNase6B6wpZPo98ozFMd8mR0dnzy7f3Du3SbzsQ8V2yH4hNhcxUeFf-RLCaXh2d1SUZn9WlJd-cznLZk5u0PsJzOc3FI1--ITZKbfiJ43Zw45W4Fury5nlh85NUcalWLflqWXIuzIo2sSDfn7AXBDtT2O5yYVSRnTzz6sqJXmaEtVKrCaicksN_fIxYTsmRH77Ye2DhC_cRZ-_DZgc-rSZg2RxSSZCKA56yCvZfPTuoh_YqVs08aH4Zqlehbyr00wo0HcAWh0d5Zu6-fOezOj4HS-dHLDXzY5aa9JN6T9_tLauGH2v4FlbOmqHH_Han0xZJmyc-9z2fR6EjooBG7SAKQuR2Klf-fvufAAAA___Qn6ACEgUAAA==","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.324Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhokHkXUMOslBATHiwNmL_kLRAh6k94srJ58h--99319-N7rV1eGxS7xUdDZmTf1pkxTuhi2nOZzF6TiurTNU-ebrtNyjjUvSNUOjjXXazD9l1w_aDnPN18X8Zpe9BzXcVzHba5IIxK9vrinQmY3I7cVOa3Aa7lhgHXz394Wc7B0Dry_S56A5NPH7icXIeMJVO_WcWHXcp29-FqvSGmuDfp8-y21pnSp0DsoE9NAorb3v4a2U0I-nYNW2_sTQPfH9QRgckrmnroHprb3bYL1rz10ylIIBcYfRdmfQKQTSDpBrC9D8l8IEHOcOg3V2zqlTUk3Hqq0Vqdk_sGfkOWUzN97Eqr39XIq15vndFrkUiuL9aSCXJ9Ark6QFRPkmw3Icgdx_iEk_5ksPjgJ1RuftqmG5LOjNBFREnXChSiMgoXAT-hC1HHFgp-4lC15btsLo70VyWQCag-hsA0UsoEiaaDIGujxWTNwOkHsUr-dRDxecgIaBFwwJ-p4jkOjeAlFXHsfIM8GiNMBYnPlZvFOlnph2w9CLxi6s6MqFTFPOqFgjDM_8DvttnA7POTCY-2Ee4EXRDcuhlHg-q57aSvj3XytP85NIcaFiu3Qvf6QCqI9cqsmg2joIjMfXOf-kvBZHAwZ1uQAprgN261geQM2J-jzCqUgKC1BSQlKSVDmBGW_usZT69lqi6e2YO5-9vazX410vjqk13S-KhQBNQMYXo1l9p69jDg_NNpMLB_pGijLqxFlvBpmu-Tx-lc2Pnr2d6yJWfP_xoaVFaSdA7UNbMopWfn1L2RySp65dQeM7sCmO4jlIdDCBS0r0G6FTTV7uiu6oluwBRrbwvX8VraRd7WiaqPsCiNase6B6wpZPo98ozFMd8mR0dnzy7f3Du3SbzsQ8V2yH4hNhcxUeFf-RLCaXh2d1SUZn9WlJd-cznLZk5u0PsJzOc3FI1--ITZKbfiJ43Zw45W4Fury5nlh85NUcalWLflqWXIuzIo2sSDfn7AXBDtT2O5yYVSRnTzz6sqJXmaEtVKrCaicksN_fIxYTsmRH77Ye2DhC_cRZ-_DZgc-rSZg2RxSSZCKA56yCvZfPTuoh_YqVs08aH4Zqlehbyr00wo0HcAWh0d5Zu6-fOezOj4HS-dHLDXzY5aa9JN6T9_tLauGH2v4FlbOmqHH_Han0xZJmyc-9z2fR6EjooBG7SAKQuR2Klf-fvufAAAA___Qn6ACEgUAAA== HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 0b6675a3ad2573a47406fe8e4ea6dfa0\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":501,"timings":{"blocked":402,"dns":0,"connect":0,"send":0,"wait":99,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKmuqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhokHkXUMOslBATHi4NmL_4FIgS9SW8WVk--w_fe-74-fO_1qyvDYpf4KOjszOt6U6YpXQxbTvOZC1JxXdrmqfNN12k5x5oXpGoHx5rrNZj-C64ftJxnm68KtqYXPcd1HNdxmyvSiESvL-6pkNnNyG1FTivwWm4YYN38t7fFHCydA-_vkscg-fSR35OLkGwC1bt1XNi1XGfPv9IrUpprgz7ffkOtKV0q9A7KxDSQqO39r6HtlJCP56DV9v4E0P1xPQFiOSVzT9xDrLb3bSLuX3vgNE4hFGL-MMr-BCKdQNIJmL4MyX8iAOM4dRqqt3VKm5JuPFBprU7J_P0_Icspmb_3OFTvy-VUrjfP6bTIpVYW60kFuT6BXJ0gKybINxuQ5Q5Y_j4k_5Es3j8J1RuftqmG5LOjNBFREnXChSiMgoXAT-hC1HHFgp-4NF7y3LYXRnsrkskE1B5CYRsoZANF0kCRNdDjs2bgdALmUr-dRJwtOQENAi5iJ-p4jkMjtoSC1d4HyLMBWDoAM1e2Mt7N1_rj3BRiXChmh-71B1QQ7ZFbNRlEQ_dm8VaWemHbD0IvGLqzoyoVjCedUMQxj_3A77Tbwu3wkAsvbifcC7wgunExjALXd91LyMx717m_JPyYBcMYa3IAU9yG7VawvAGbE_R5hVIQlJagpASlJChzgrJfXeOp9Wy1xVNbxO5-9vazX410vjqk13S-KhQBNQMYXo1l9o69DJYfGm0mlo90DTTOqxGNeTXMdsmj9a9sfPD0b1gTs-b_DQMrK0g7B2ob2JRTsvLzX8jklDx16w5iugOb7oDJQ6CFC1pWoN0Km2r2ZFd0RbeIFyizhev5rWwj72pF1UbZFUa0mO6B6wpZPo98ozFMd8mR0dnzy7f3Du3SL99AsLtkP8BMhcxUeFv-QLCaXh2d1SUZn9WlJV-dznLZk5u0PsJzOc3FQ5-_JjZKbfiJ43Zw4yVWC3V587yw-UmquFSrlnyxLDkXZkUbJsi3J-wFEZ8pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PgSTU3Lku8_2Hlj43K9g2buw2YFPqwnirIFUEqTigKdxBfuvPj6oh_YqVs08aH4Zqlehbyr00wo0HcAWh0d5Zu6-eOeTOj5FnM6P4tTMj-PUpB_t7amGnRq-r-FrWDlrJr7wmON0ltqu30mE6wecJWEniHibOr4vkNupXPn7zX8CAAD__2XSFiESBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.328Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKmuqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhokHkXUMOslBATHi4NmL_4FIgS9SW8WVk--w_fe-74-fO_1qyvDYpf4KOjszOt6U6YpXQxbTvOZC1JxXdrmqfNN12k5x5oXpGoHx5rrNZj-C64ftJxnm68KtqYXPcd1HNdxmyvSiESvL-6pkNnNyG1FTivwWm4YYN38t7fFHCydA-_vkscg-fSR35OLkGwC1bt1XNi1XGfPv9IrUpprgz7ffkOtKV0q9A7KxDSQqO39r6HtlJCP56DV9v4E0P1xPQFiOSVzT9xDrLb3bSLuX3vgNE4hFGL-MMr-BCKdQNIJmL4MyX8iAOM4dRqqt3VKm5JuPFBprU7J_P0_Icspmb_3OFTvy-VUrjfP6bTIpVYW60kFuT6BXJ0gKybINxuQ5Q5Y_j4k_5Es3j8J1RuftqmG5LOjNBFREnXChSiMgoXAT-hC1HHFgp-4NF7y3LYXRnsrkskE1B5CYRsoZANF0kCRNdDjs2bgdALmUr-dRJwtOQENAi5iJ-p4jkMjtoSC1d4HyLMBWDoAM1e2Mt7N1_rj3BRiXChmh-71B1QQ7ZFbNRlEQ_dm8VaWemHbD0IvGLqzoyoVjCedUMQxj_3A77Tbwu3wkAsvbifcC7wgunExjALXd91LyMx717m_JPyYBcMYa3IAU9yG7VawvAGbE_R5hVIQlJagpASlJChzgrJfXeOp9Wy1xVNbxO5-9vazX410vjqk13S-KhQBNQMYXo1l9o69DJYfGm0mlo90DTTOqxGNeTXMdsmj9a9sfPD0b1gTs-b_DQMrK0g7B2ob2JRTsvLzX8jklDx16w5iugOb7oDJQ6CFC1pWoN0Km2r2ZFd0RbeIFyizhev5rWwj72pF1UbZFUa0mO6B6wpZPo98ozFMd8mR0dnzy7f3Du3SL99AsLtkP8BMhcxUeFv-QLCaXh2d1SUZn9WlJV-dznLZk5u0PsJzOc3FQ5-_JjZKbfiJ43Zw4yVWC3V587yw-UmquFSrlnyxLDkXZkUbJsi3J-wFEZ8pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PgSTU3Lku8_2Hlj43K9g2buw2YFPqwnirIFUEqTigKdxBfuvPj6oh_YqVs08aH4Zqlehbyr00wo0HcAWh0d5Zu6-eOeTOj5FnM6P4tTMj-PUpB_t7amGnRq-r-FrWDlrJr7wmON0ltqu30mE6wecJWEniHibOr4vkNupXPn7zX8CAAD__2XSFiESBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 600f7e45f32c082144d902f34178317a\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":565,"timings":{"blocked":468,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fstyle.css\u0026l=5648\u0026fd=726","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:33.340Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcreative-sb1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Fcss%2Fstyle.css\u0026l=5648\u0026fd=726 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: uid_id2=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25634495=1; slece02ee106ac9f7f9a067c81c19bdc3c60=[6308900]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:33 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":96,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"politicalpiano.com/e0/2e/e1/e02ee106ac9f7f9a067c81c19bdc3c60.js","fqdn":"politicalpiano.com","domain":"politicalpiano.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:30.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"politicalpiano.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 02 Nov 2025 22:28:26 GMT","end":"Sat, 31 Jan 2026 22:28:25 GMT"},"fingerprint":{"sha1":"9A:6A:05:19:EF:9A:E4:3D:C0:FC:99:B5:56:DA:88:06:B3:92:38:29","sha256":"F3:43:68:96:9B:48:D9:78:B2:55:E7:27:64:2C:D9:DF:20:13:0E:A1:CF:B2:00:9C:D3:2E:4A:8B:E0:F9:C1:AF"}}},"request":{"raw":"GET /e0/2e/e1/e02ee106ac9f7f9a067c81c19bdc3c60.js HTTP/1.1\r\nHost: politicalpiano.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:30 GMT\r\nContent-Type: application/javascript\r\nContent-Length: 30186\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccess-control-allow-origin: *\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: politicalpiano.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: a8b60f548271f7bd3a72d9541963f42b\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":78823,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"cbf93877556f76d07c09103f2496ed94","sha1":"ca202fe341ba6600060b8df9008860483620e47c","sha256":"55192a7112914e56a8e698498f81484cf86556088c914fd8c8c57a26b25ea6aa","sha512":"4956264eecd00380df0cfa0ef5efae5d761b51b3e60ca120cb688246232735cfee3a0383aaa075f2fa7e3f078f740121d69babb52b462f6f5b78cebcce386804","ssdeep":"1536:l9yUBg8XFOUGXAVTesz3WArOwlNyBv77NzxpQ2jFFwbhjI1:l3B91cipUhxpJw1I1","tlshash":"cb7309487f42b16b5352a073627fd047f0256f1261ecd498d123e6a86f6c339f636b98","first_seen":"2025-12-20T19:31:04.7123Z","last_seen":"2025-12-20T19:31:04.7123Z","times_seen":1,"resource_available":true,"data":null}},"time_used":846,"timings":{"blocked":323,"dns":49,"connect":91,"send":0,"wait":100,"receive":93,"ssl":186},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"politicalpiano.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"creative-sb1.com/sb/notifications/utility/default/robot/2/img/close.png","fqdn":"creative-sb1.com","domain":"creative-sb1.com","tld":"com"},"ip":{"addr":"172.67.210.112","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"creative-sb1.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Mon, 27 Oct 2025 20:46:36 GMT","end":"Sun, 25 Jan 2026 21:44:54 GMT"},"fingerprint":{"sha1":"17:8B:5E:32:3A:E5:9A:3D:E5:18:EF:F0:DA:DE:C3:03:E7:2E:E2:17","sha256":"65:D5:7F:0D:8E:51:6B:E8:BB:44:A1:54:79:43:73:C4:82:1D:77:6C:11:F4:C3:70:8E:0E:AC:00:AC:1D:DB:2B"}}},"request":{"raw":"GET /sb/notifications/utility/default/robot/2/img/close.png HTTP/1.1\r\nHost: creative-sb1.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/png\r\ncontent-length: 7005\r\nserver: cloudflare\r\nlast-modified: Tue, 08 Apr 2025 16:16:11 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\netag: \"67f54bcb-1b5d\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: public, max-age=315360000\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: Date\r\naccept-ranges: bytes\r\nage: 130850\r\ncf-cache-status: HIT\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wIw5ToeJCehAHBJoFuIP6EP4Bdxx2wpLbHYcaPlgM0VK5lerI1Ysymm44z3J6hzCCNYU5EkVFrucyMwgH8JUb13fnFV2tCI30iS4F2fk\"}]}\r\ncf-ray: 9b118e0b5cb2b4ed-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7005,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced","md5":"5127599f81c439cb0cf21166da26e991","sha1":"a750620e45c25855fb32ede5f1adb69ad28c1eeb","sha256":"9402058e0a31e79cd70001ebb397de51144d6e638a482f33bcee9a94dc20a6ff","sha512":"4e01869e43212009dc3811b4fc2303c39ab9aa123ce034ff4df220539a1e65784835b6cb0873cea4f6de027a7dcf1dd440ac0631e6b9c9db9085804473e3a0a8","ssdeep":"192:FkknNHG5WNN4kVyitdix/Inm2I6BRvBevoIPkucZ:9nNmoN4kVyiswm2I6BFBpuI","tlshash":"dee17d19dda17e1005d57f8a2fef815243638390c2856282dced8c5237e40f1ec6e4cb","first_seen":"2025-07-04T18:28:09.283921Z","last_seen":"2026-06-16T16:26:17.252816Z","times_seen":3236,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"creative-sb1.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026uuid=afe9f985-9594-43fa-981e-3f1ab7216259%3A3%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.992Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026uuid=afe9f985-9594-43fa-981e-3f1ab7216259%3A3%3A1\u0026custom=%7B%22d37e3bc4%22%3A%22b%22%7D\u0026rb= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: application/json\r\nContent-Length: 12370\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; expires=Sat, 27 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nuncs=2; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\nuncs49=2; expires=Sun, 21 Dec 2025 19:30:32 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 10\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 99a7fe919d17a1bd183fb113854148da\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17292,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"b0d5216fb360c15a9fe7d167227847bb","sha1":"5b8ede497cd1f4e540c19664dcaed961f655fa78","sha256":"2c128ae8de0583a3ed22e72b58e131aa693a805dc472d95fec0ad3a8febe18ed","sha512":"d2c27e092a253f77fb88857cfe9326e02b67b0985b9ae1fd938ac9ee049f441566f1ddc71b333ce66abfcd1187cad57f852e6fe95fe854b5618fe458046794c8","ssdeep":"384:Nvbd8H88GHeTZcIQpCL1eTHo/cXUDA6QQPh60n4OzqNcvMFVWN82P5bP:NhvQlc3pe1euA6QOh6ZOOWvMFV+N5j","tlshash":"3d72bf7a820ce16e2bedef49aa6f1f77ac4b414e81cd9dd7c57e60fc3c528094621854","first_seen":"2025-12-20T19:31:04.719754Z","last_seen":"2025-12-20T19:31:04.719754Z","times_seen":1,"resource_available":false,"data":null}},"time_used":138,"timings":{"blocked":20,"dns":0,"connect":0,"send":0,"wait":117,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzg4e1oPoiudBUFR00j3dM5lxD4txjQRjErORgLKH6q7qmTI9VW1V9_RkTsGALp7m4EG92Pkm2fhjkfUPUJeJHpYFxRbEgBsP_gUiLHqTnh2IPqj3vldfHb73vXp3Pz0lLlJ6sv6qGoooovONml19aktIpjJTXd2sOnbNvljdErLpXawOyqT7zzuuV7Ofrr7Mg201X7cd23Zsp7okNA_VYH7KQsQ32k6tbde8es1peBjo__cmtWCoBdY_JY9AsOKhP8I3IYIJZO_mZW62ExU_-1IvjWiiNPrs6HW5LVUm0TuDobYQyqPZayhTEPLhHJQ8mk0A1T8oJ4AvCjL32F348mgmE37_8L5SPwKX8NmDyPoT8GgCQScI1B4E-4kAAcPqGmTv-qrSGd25z9KSLUjl3l8QWUEqdx-F7H25GIlB9YqK0kQoaTAIc4jBBKIzQZweIxlaENkxguQdCPYDmb-3Atk7WDORgmD5dHoRTkCNhbQ8wkIaWkhjCz12UvXslhc41G2GbRYs2B71PMZ9u92q2zZtBwtIg1LWCEk8QhCNEOhdxHoX22IEnd6C6eYwzIJJCmK9tos-y5FxgswQZJQgEwRZQpD180MWmbrJr7PIpL4zq_VZdfOxSjr79FAlHS4JqB5Bs_xAxG-bPQTJufEwNGysykT9JB9Tn-X78Sl5uHTNeu_J37DNT6osbDW47zPf9dxWs8mdFmswXvebIat7da8NI3IIMzc1ZCgKsvTz34hFQZ64eRs-PYaJjhGIc6CpA5rloN0cQ3nyeJd3eTf1n6OBSZ26W4t3kq6SVO5kXa55LVA9MJUjTipIdqz96JRcGG9sLt6a7vTqr9-CB3fILBDoHLHO8Zb4jqATXRtvqIwcbKjMkK_W4kT0xJCW-76S0IQ_8PkrfCdTmi1fNqPPXghKooQ3NrlJVqhkQnYM-WJRMMb1ktIBJ18vmy3ur6emu5hqmcYr6y8uLfdizY0RSk5ARUHO__k-AlGQC998Mv3LjWd-RxDvwsRnOo0i8GMLkSCI-Nk99XOY__T-Gd4319DRFdBkD7KXo69z9KMcNBrBpOfHSazvXLr9URkfw48qYz_SlQM_0tEHU58K8sanl0r0fUGu_vIjjDiphi6vB7bdWmg6bivkjuuxIGy0vDZrUtt1ORJTiKV_tv4NAAD__xy-I559BAAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzg4e1oPoiudBUFR00j3dM5lxD4txjQRjErORgLKH6q7qmTI9VW1V9_RkTsGALp7m4EG92Pkm2fhjkfUPUJeJHpYFxRbEgBsP_gUiLHqTnh2IPqj3vldfHb73vXp3Pz0lLlJ6sv6qGoooovONml19aktIpjJTXd2sOnbNvljdErLpXawOyqT7zzuuV7Ofrr7Mg201X7cd23Zsp7okNA_VYH7KQsQ32k6tbde8es1peBjo__cmtWCoBdY_JY9AsOKhP8I3IYIJZO_mZW62ExU_-1IvjWiiNPrs6HW5LVUm0TuDobYQyqPZayhTEPLhHJQ8mk0A1T8oJ4AvCjL32F348mgmE37_8L5SPwKX8NmDyPoT8GgCQScI1B4E-4kAAcPqGmTv-qrSGd25z9KSLUjl3l8QWUEqdx-F7H25GIlB9YqK0kQoaTAIc4jBBKIzQZweIxlaENkxguQdCPYDmb-3Atk7WDORgmD5dHoRTkCNhbQ8wkIaWkhjCz12UvXslhc41G2GbRYs2B71PMZ9u92q2zZtBwtIg1LWCEk8QhCNEOhdxHoX22IEnd6C6eYwzIJJCmK9tos-y5FxgswQZJQgEwRZQpD180MWmbrJr7PIpL4zq_VZdfOxSjr79FAlHS4JqB5Bs_xAxG-bPQTJufEwNGysykT9JB9Tn-X78Sl5uHTNeu_J37DNT6osbDW47zPf9dxWs8mdFmswXvebIat7da8NI3IIMzc1ZCgKsvTz34hFQZ64eRs-PYaJjhGIc6CpA5rloN0cQ3nyeJd3eTf1n6OBSZ26W4t3kq6SVO5kXa55LVA9MJUjTipIdqz96JRcGG9sLt6a7vTqr9-CB3fILBDoHLHO8Zb4jqATXRtvqIwcbKjMkK_W4kT0xJCW-76S0IQ_8PkrfCdTmi1fNqPPXghKooQ3NrlJVqhkQnYM-WJRMMb1ktIBJ18vmy3ur6emu5hqmcYr6y8uLfdizY0RSk5ARUHO__k-AlGQC998Mv3LjWd-RxDvwsRnOo0i8GMLkSCI-Nk99XOY__T-Gd4319DRFdBkD7KXo69z9KMcNBrBpOfHSazvXLr9URkfw48qYz_SlQM_0tEHU58K8sanl0r0fUGu_vIjjDiphi6vB7bdWmg6bivkjuuxIGy0vDZrUtt1ORJTiKV_tv4NAAD__xy-I559BAAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: e3b618e5e9d0fc36bdaeaf4255f061dd\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":82,"dns":0,"connect":0,"send":0,"wait":97,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTv28cRRSecyyKUCAIoj6hgADh8_4835ICYYJRREiiJMhFFKGZnVnf4L2ZZWb31nYFRAoR1RUUQMPedxc7gQiFml_RBYooEhJHwwnihr8AIUXQoXUsGSpe8b33vm-L7719c3lY7BIfBZ2deV1vyTSli2HLaT6zKhXXpW2eOt90nZZzrLkqVTs41tyowfRfcP2g5TzbfFXE63rRc1zHcR23uSKNSPTG4p4Kmd2I3FbktAKv5YYBNsx_e1vMwdI58P4ueQySTx_5PbkAGU-gejePC7ue6-z5V3pFSnNt0Oc7b6h1pUuF3kGZmAYStbP_NbSdEvLRHLTa2Z8Auj-uJwCTUzL3xD0wtbNvE6x_9YFTlkIoMP4wyv4EIp1A0glifQmS_0SAmOPUaaje9iltSrr5QKW1OiXz9_-ELKdk_t7jUL0vllO50Tyn0yKXWllsJBXkxgRybYKsmCDfakCWtxHn70HyH8ni_ZNQvfFpm2pIPjtKExElUSdciMIoWAj8hC5EHVcs-IlL2ZLntr0w2luRTCag9hAK20AhGyiSBoqsgR6fNQOnE8Qu9dtJxOMlJ6BBwAVzoo7nODSKl1DEtfcB8myAOB0gNpe3M97N1_vj3BRiXKjYDt1rD6gg2iO3azKIhu6N4s0s9cK2H4ReMHRnR1UqYp50QsEYZ37gd9pt4XZ4yIXH2gn3Ai-Irl8Io8D1XfciMvPuNe4vCZ_FwZBhXQ5giluw3QqWN2Bzgj6vUAqC0hKUlKCUBGVOUParqzy1nq22eWoL5u5nbz_71Ujna0N6VedrQhFQM4Dh1Vhmb9tLiPNDo63E8pGugbK8GlHGq2G2Sx6tf2Xj_ad_w7qYNf9vGFhZQdo5UNvAlpySlZ__Qian5Kmbd8Dobdj0NmJ5CLRwQcsKtFthS82e7Iqu6BZsgca2cD2_lW3mXa2o2iy7wohWrHvgukKWzyPfbAzTXXJkdPb88q29Q7v4y1cQ8V2yH4hNhcxUeEt-T7CWXhmd1SUZn9WlJV-eznLZk1u0PsJzOc3FQ5-9JjZLbfiJ43Zw_aW4Furyxnlh85NUcanWLPl8WXIuzIo2sSDfnLCrgp0pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PkAsp-TIt5_uPbDwuV8RZ-_AZgc-rSZgWQOpJEjFAU9ZBfuvnh3UQ3sFa2YeNL8E1avQNxX6aQWaDmCLw6M8M3dfvPNxHZ-ApfMjlpr5MUtN-uHenmr4roYfavgaVs6aocf8dqfTFkmbJz73PZ9HoSOigEbtIApC5HYqV_5e_ScAAP__vkM5YRIFAAA=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTv28cRRSecyyKUCAIoj6hgADh8_4835ICYYJRREiiJMhFFKGZnVnf4L2ZZWb31nYFRAoR1RUUQMPedxc7gQiFml_RBYooEhJHwwnihr8AIUXQoXUsGSpe8b33vm-L7719c3lY7BIfBZ2deV1vyTSli2HLaT6zKhXXpW2eOt90nZZzrLkqVTs41tyowfRfcP2g5TzbfFXE63rRc1zHcR23uSKNSPTG4p4Kmd2I3FbktAKv5YYBNsx_e1vMwdI58P4ueQySTx_5PbkAGU-gejePC7ue6-z5V3pFSnNt0Oc7b6h1pUuF3kGZmAYStbP_NbSdEvLRHLTa2Z8Auj-uJwCTUzL3xD0wtbNvE6x_9YFTlkIoMP4wyv4EIp1A0glifQmS_0SAmOPUaaje9iltSrr5QKW1OiXz9_-ELKdk_t7jUL0vllO50Tyn0yKXWllsJBXkxgRybYKsmCDfakCWtxHn70HyH8ni_ZNQvfFpm2pIPjtKExElUSdciMIoWAj8hC5EHVcs-IlL2ZLntr0w2luRTCag9hAK20AhGyiSBoqsgR6fNQOnE8Qu9dtJxOMlJ6BBwAVzoo7nODSKl1DEtfcB8myAOB0gNpe3M97N1_vj3BRiXKjYDt1rD6gg2iO3azKIhu6N4s0s9cK2H4ReMHRnR1UqYp50QsEYZ37gd9pt4XZ4yIXH2gn3Ai-Irl8Io8D1XfciMvPuNe4vCZ_FwZBhXQ5giluw3QqWN2Bzgj6vUAqC0hKUlKCUBGVOUParqzy1nq22eWoL5u5nbz_71Ujna0N6VedrQhFQM4Dh1Vhmb9tLiPNDo63E8pGugbK8GlHGq2G2Sx6tf2Xj_ad_w7qYNf9vGFhZQdo5UNvAlpySlZ__Qian5Kmbd8Dobdj0NmJ5CLRwQcsKtFthS82e7Iqu6BZsgca2cD2_lW3mXa2o2iy7wohWrHvgukKWzyPfbAzTXXJkdPb88q29Q7v4y1cQ8V2yH4hNhcxUeEt-T7CWXhmd1SUZn9WlJV-eznLZk1u0PsJzOc3FQ5-9JjZLbfiJ43Zw_aW4Furyxnlh85NUcanWLPl8WXIuzIo2sSDfnLCrgp0pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PkAsp-TIt5_uPbDwuV8RZ-_AZgc-rSZgWQOpJEjFAU9ZBfuvnh3UQ3sFa2YeNL8E1avQNxX6aQWaDmCLw6M8M3dfvPNxHZ-ApfMjlpr5MUtN-uHenmr4roYfavgaVs6aocf8dqfTFkmbJz73PZ9HoSOigEbtIApC5HYqV_5e_ScAAP__vkM5YRIFAAA= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 2\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: bb250b6e5afbebaecbd7f433c0e04d69\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":324,"timings":{"blocked":223,"dns":0,"connect":0,"send":0,"wait":101,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhok3v0RZ72EgOB4ccCsB_8CEYLepDcLqyff4Xs_vqL43qtXV4bFLvFR0NmZ1_WmTFO6GLac5jMXpOK6tM1T55uu03KONS9I1Q6ONddrMP0XXD9oOc82XxXxml70HNdxXMdtrkgjEr2-uMdCZjcjtxU5rcBruWGAdfPf3BZzsHQOvL9LHoPk00d-Ty5CxhOo3q3jwq7lOnv-lV6R0lwb9Pn2G2pN6VKhdxAmpoFEbe-fhrZTQj6eg1bb-x1A98d1B2BySuaeuAemtvdlgvWvPVDKUggFxh9G2Z9ApBNIOkGsL0PynwgQc5w6DdXbOqVNSTcesLRmp2T-_p-Q5ZTM33scqvflcirXm-d0WuRSK4v1pIJcn0CuTpAVE-SbDchyB3H-PiT_kSzePwnVG5-2qYbks6M0EVESdcKFKIyChcBP6ELUccWCn7iULXlu2wujvRHJZAJqD6GwDRSygSJpoMga6PFZM3A6QexSv51EPF5yAhoEXDAn6niOQ6N4CUVcax8gzwaI0wFic2WrULENoqF7s3grS72w7QehFwzd2VGVipgnnVAwxpkf-J12W7gdHnLhsXbCvcALohsXwyhwfde9tJXxbr7WH-emEOP6zqF7_UEpiPaKyMx717m_JHwWB0OGNTmAKW7DditY3oDNCfq8QikISktQUoJSEpQ5QdmvrvHUerba4qktmLvvvX3vVyOdrw7pNZ2vCkVAzQCGV2OZvWMvI84PjTYTy0e6BsryakQZr4bZLnm0fsrGB0__ijUxa_5ft7CygrRzoLaBTTklKz__hUxOyVO37oDRHdh0B7E8BFq4oGUF2q2wqWZPdkVXdAu2QGNbuJ7fyjbyrlZUbZRdYUQr1j1wXSHL55FvNIbpLjkyOnt--fbeol365TuI-C7ZN8SmQmYqvC1_IFhNr47O6pKMz-rSkq9OZ7nsyU1aL-G5nObioc9fExulNvzEcTu48VJcE3V487yw-UmquFSrlnyxLDkXZkWbWJBvTtgLgp0pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PkQsp-TIt5_tfbDwud8QZ-_CZgc6rSZgWQOpJEjFQZ2yCvZfOTuIh_YqVs08aH4Zqlehbyr00wo0HcAWh0d5Zu6-eOeT2j4FS-dHLDXzY5aa9KO9OdXwfQ1f17ADK2fN0GN-u9Npi6TNE5_7ns-j0BFRQKN2EAUhcjuVK3-_-U8AAAD__41EAmgSBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.310Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKnqqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhok3v0RZ72EgOB4ccCsB_8CEYLepDcLqyff4Xs_vqL43qtXV4bFLvFR0NmZ1_WmTFO6GLac5jMXpOK6tM1T55uu03KONS9I1Q6ONddrMP0XXD9oOc82XxXxml70HNdxXMdtrkgjEr2-uMdCZjcjtxU5rcBruWGAdfPf3BZzsHQOvL9LHoPk00d-Ty5CxhOo3q3jwq7lOnv-lV6R0lwb9Pn2G2pN6VKhdxAmpoFEbe-fhrZTQj6eg1bb-x1A98d1B2BySuaeuAemtvdlgvWvPVDKUggFxh9G2Z9ApBNIOkGsL0PynwgQc5w6DdXbOqVNSTcesLRmp2T-_p-Q5ZTM33scqvflcirXm-d0WuRSK4v1pIJcn0CuTpAVE-SbDchyB3H-PiT_kSzePwnVG5-2qYbks6M0EVESdcKFKIyChcBP6ELUccWCn7iULXlu2wujvRHJZAJqD6GwDRSygSJpoMga6PFZM3A6QexSv51EPF5yAhoEXDAn6niOQ6N4CUVcax8gzwaI0wFic2WrULENoqF7s3grS72w7QehFwzd2VGVipgnnVAwxpkf-J12W7gdHnLhsXbCvcALohsXwyhwfde9tJXxbr7WH-emEOP6zqF7_UEpiPaKyMx717m_JHwWB0OGNTmAKW7DditY3oDNCfq8QikISktQUoJSEpQ5QdmvrvHUerba4qktmLvvvX3vVyOdrw7pNZ2vCkVAzQCGV2OZvWMvI84PjTYTy0e6BsryakQZr4bZLnm0fsrGB0__ijUxa_5ft7CygrRzoLaBTTklKz__hUxOyVO37oDRHdh0B7E8BFq4oGUF2q2wqWZPdkVXdAu2QGNbuJ7fyjbyrlZUbZRdYUQr1j1wXSHL55FvNIbpLjkyOnt--fbeol365TuI-C7ZN8SmQmYqvC1_IFhNr47O6pKMz-rSkq9OZ7nsyU1aL-G5nObioc9fExulNvzEcTu48VJcE3V487yw-UmquFSrlnyxLDkXZkWbWJBvTtgLgp0pbHe5MKrITp55eeVELzPCWqnVBFROyeE_PkQsp-TIt5_tfbDwud8QZ-_CZgc6rSZgWQOpJEjFQZ2yCvZfOTuIh_YqVs08aH4Zqlehbyr00wo0HcAWh0d5Zu6-eOeT2j4FS-dHLDXzY5aa9KO9OdXwfQ1f17ADK2fN0GN-u9Npi6TNE5_7ns-j0BFRQKN2EAUhcjuVK3-_-U8AAAD__41EAmgSBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 61c604843e667b3cfbeb6cce67e35a10\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":387,"timings":{"blocked":288,"dns":0,"connect":0,"send":0,"wait":98,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"skinnycrawlinglax.com/pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Findex.html\u0026l=1331\u0026fd=279","fqdn":"skinnycrawlinglax.com","domain":"skinnycrawlinglax.com","tld":"com"},"ip":{"addr":"172.240.127.243","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"skinnycrawlinglax.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Sun, 26 Oct 2025 22:33:26 GMT","end":"Sat, 24 Jan 2026 22:33:25 GMT"},"fingerprint":{"sha1":"74:B9:DE:52:5E:A4:22:C1:3F:4E:90:E5:53:C1:13:27:E5:47:BB:D2","sha256":"0D:C6:A2:6A:15:63:9B:67:CF:55:A8:E1:E3:EC:AF:D3:57:2E:38:F3:44:79:B9:FC:61:8A:CD:64:82:05:64:6F"}}},"request":{"raw":"GET /pixel/sbls?bv=\u0026tmpl=482\u0026u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Frobot%2F2%2Findex.html\u0026l=1331\u0026fd=279 HTTP/1.1\r\nHost: skinnycrawlinglax.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: uid_id2=14734fa6-1b18-4a44-af0e-b6ef8fe7e9b4:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; u_pl25634495=1; slece02ee106ac9f7f9a067c81c19bdc3c60=[6308900]\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nHost: skinnycrawlinglax.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nCache-Control: no-cache\r\nAccess-Control-Allow-Origin: *\r\nAccess-Control-Allow-Methods: GET, POST, OPTIONS\r\nAccess-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests,C-High-Entropy-Values\r\nAccess-Control-Expose-Headers: Content-Length,Content-Range\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"cloudflare_dns","sensor_type":"DNS","title":"Cloudflare DNS","description":"Cloudflare DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.cloudflare.com/application-services/products/dns/","meta":null},{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"skinnycrawlinglax.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026rb=","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:31.952Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ntv.json?key=df85ebbdb343866e18d5de2b6fd24249\u0026vstc=4\u0026rb= HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://hehehub-acsu123.pythonanywhere.com\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:31 GMT\r\nContent-Type: application/json\r\nContent-Length: 12818\r\nConnection: keep-alive\r\ncontent-encoding: gzip\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\naccess-control-allow-origin: https://hehehub-acsu123.pythonanywhere.com\r\naccess-control-allow-credentials: true\r\nvary: Accept-Encoding\r\nset-cookie: uncs=2; expires=Sun, 21 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\nuncs49=2; expires=Sun, 21 Dec 2025 19:30:31 GMT; path=/; secure; SameSite=None\r\nx-envoy-upstream-service-time: 9\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: f108e74d38d3eb5e99bc8a84dfade826\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":16774,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"dc543b28f12ac22d341c6a80d6291093","sha1":"83685168013128b0208ff53867a795d0d3cbe735","sha256":"70872cef916cad35bc4b65c6d6504683fe82a8ab9ce0387850381a0fa9a62aef","sha512":"0b3a32d7209bb8b047369576c26bb47395dc52143e1eb5f93582bc12d2c5dcdac5f2d2bd70c1f367908038b0ce1f3f7e19137ece066c336f221f910da2d1f427","ssdeep":"384:71EtboDNrudFlIN9RzlbAenQqdhOXbVKskFH7:7+t0xikXzcenQ7Ob","tlshash":"7b72c0be089c742f1f90c8dc552f2779a81f256b68c1de47e9e9b3c9282adc96730d04","first_seen":"2025-12-20T19:31:04.732971Z","last_seen":"2025-12-20T19:31:04.732971Z","times_seen":1,"resource_available":false,"data":null}},"time_used":106,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.storageimagedisplay.com/cti/b6/5b/1c/b65b1cf51705640151362d9bac4923cd/1756662083.jpg","fqdn":"cdn.storageimagedisplay.com","domain":"storageimagedisplay.com","tld":"com"},"ip":{"addr":"45.133.44.1","port":443,"asn":39572,"as":"DataWeb Global Group B.V.","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.150Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"cdn.storageimagedisplay.com","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 07 Nov 2025 02:33:02 GMT","end":"Thu, 05 Feb 2026 02:33:01 GMT"},"fingerprint":{"sha1":"FF:BB:C7:F6:31:A3:EE:08:8E:72:C4:2F:A2:C8:78:1B:3C:22:C4:57","sha256":"93:BE:65:88:B5:AC:E6:69:91:EE:F6:7E:27:3F:D6:9F:59:B1:AB:46:F7:49:0D:E8:F2:1C:9E:A9:BE:F9:B6:95"}}},"request":{"raw":"GET /cti/b6/5b/1c/b65b1cf51705640151362d9bac4923cd/1756662083.jpg HTTP/1.1\r\nHost: cdn.storageimagedisplay.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sat, 20 Dec 2025 19:30:32 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 60318\r\nserver: nginx/1.21.6\r\nlast-modified: Sun, 31 Aug 2025 17:41:23 GMT\r\netag: \"68b48943-eb9e\"\r\nexpires: Mon, 22 Dec 2025 19:30:32 GMT\r\ncache-control: max-age=172800\r\nx-cdn-host-id: AH0543\r\nx-proxy-cache: HIT\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":60318,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 26.3 (Macintosh), datetime=2025:08:30 15:33:45], progressive, precision 8, 320x240, components 3","md5":"966e6f8ade8598adc3b34c3b44b5a336","sha1":"408489c1dac8b455a5d76d83f79843c029f62344","sha256":"9f492d84c3eee3a470cdd18490f011829b896ddc531efe104df0143dc52db04e","sha512":"364731deca5e406f8d555e952287418dace9acef8d583bdc84ced07fb92da26db076a3946a566d5d82ad797357d7ea0f0aa8e3b009c647ea4d589aa76da3c043","ssdeep":"1536:LDy3bDOsDy3bDOUopIMYiW8UzK8dMhg7gmaZSDw2Y:HhwhUgIBWgEyw2Y","tlshash":"9c43d0a1e392de69f4c0d63e94c2e6d2f3521991a3d3da047c9c3f8277e52a70d5d282","first_seen":"2025-09-02T17:23:30.704726Z","last_seen":"2026-05-24T21:18:31.068638Z","times_seen":1366,"resource_available":false,"data":null}},"time_used":561,"timings":{"blocked":214,"dns":3,"connect":20,"send":0,"wait":72,"receive":33,"ssl":214},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/ren.gif?sid=H4sIAAAAAAAC_4RTv28cRRSec04UoUAQRH1CAQHC5_15viUFwgSjiJBESZCLKEIzO7O-wXs7y8zurX0VEClEVFdQAA17313sBCIUan5FZyiiSEgcDSclbvgLEFIEHVr7JEPFK7733vdt8b23b64O8z3iIqezc2-qvoxjuuQ3rcZzazLhqjCNMxcbttW0TjTWZNLyTjQ2K9C9l2zXa1rPN14X4YZacizbsmzLbqxKLSK1ubSvQqa3ArsZWE3Padq-h039397kCzB0Aby3R56A5NPHfo8uQYYTJN3bJ4XZyFT64mvdPKaZ0ujxnbeSjUQVCbqHZaRriJKd-ddQZkrIJwtQyc58AqjeuJoATE7JwlMPwJKduU2w3vUDpyyGSMD4oyh6E4h4AkknCNUVSP4LAUKOM2eRdLfPKF3QrQOVVuqU1B_-CVlMSf3Bk0i6X63EcrNxQcV5JlVisBmVkJsTyPUJ0nyCrF-DLHYRZh9A8p_J0sPTSLrjsyZWkHx2nEYiiIK2vxj4gbfouRFdDNq2WHQjm7Jlx245frC_IhlNQM0R5KaGXNaQRzXkaQ1dPmt4VtsLbeq2ooCHy5ZHPY8LZgVtx7JoEC4jDyvvA2TpAGE8QKivbqe8k230xpnOxThPQjO0bxxQXrBPblekFwztW_nbaez4LdfzHW9oz44nsQh51PYFY5y5nttutYTd5j4XDmtF3PEcL7h5yQ8827Xty0j1-ze4uyxcFnpDhg05gM7vwHRKGF6DyQh6vEQhCApDUFCCQhIUGUHRK6_z2Dim3OaxyZk9z848u-VIZetDel1l6yIhoHoAzcuxTN81VxBmR0b9yPCRqoCyrBxRxsthukcer35l7cNn72NDzBr_NwyMLCHNAqipoS-nZPXXv5DKKXnm9l0wugsT7yKUR0BzG7QoQTsl-sns6Y7oiE7OFmlocttxm-lW1lEJTbaKjtCiGaouuCqRZnVkW7VhvEeOjc5fXLmzf2iXf_sWIrxH5oFQl0h1iXfkjwTr8bXReVWQ8XlVGPL12TSTXdmn1RFeyGgmHvniDbFVKM1PnTSDm6-ElVCVty4Kk52mCZfJuiFfrkjOhV5VOhTku1NmTbBzuems5DrJ09PnXl091U21MEaqZAIqp-ToHx8hlFNy7PvP9x-Y_8J9hOl7MOmhT6MIWFpHLAlicchTVsL8q2eH9dBcw7qug2ZXkHRL9HSJXlyCxgOY_OgoS_W9l-9-WsVnYHF9xGJdH7NYxx9Xe_qmgh8q-OlgbUbOGr7D3Fa73RJRi0cudx2XB74lAo8GLS_wfGRmKlf_XvsnAAD__2pLQaQSBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.127.234","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /ren.gif?sid=H4sIAAAAAAAC_4RTv28cRRSec04UoUAQRH1CAQHC5_15viUFwgSjiJBESZCLKEIzO7O-wXs7y8zurX0VEClEVFdQAA17313sBCIUan5FZyiiSEgcDSclbvgLEFIEHVr7JEPFK7733vdt8b23b64O8z3iIqezc2-qvoxjuuQ3rcZzazLhqjCNMxcbttW0TjTWZNLyTjQ2K9C9l2zXa1rPN14X4YZacizbsmzLbqxKLSK1ubSvQqa3ArsZWE3Padq-h039397kCzB0Aby3R56A5NPHfo8uQYYTJN3bJ4XZyFT64mvdPKaZ0ujxnbeSjUQVCbqHZaRriJKd-ddQZkrIJwtQyc58AqjeuJoATE7JwlMPwJKduU2w3vUDpyyGSMD4oyh6E4h4AkknCNUVSP4LAUKOM2eRdLfPKF3QrQOVVuqU1B_-CVlMSf3Bk0i6X63EcrNxQcV5JlVisBmVkJsTyPUJ0nyCrF-DLHYRZh9A8p_J0sPTSLrjsyZWkHx2nEYiiIK2vxj4gbfouRFdDNq2WHQjm7Jlx245frC_IhlNQM0R5KaGXNaQRzXkaQ1dPmt4VtsLbeq2ooCHy5ZHPY8LZgVtx7JoEC4jDyvvA2TpAGE8QKivbqe8k230xpnOxThPQjO0bxxQXrBPblekFwztW_nbaez4LdfzHW9oz44nsQh51PYFY5y5nttutYTd5j4XDmtF3PEcL7h5yQ8827Xty0j1-ze4uyxcFnpDhg05gM7vwHRKGF6DyQh6vEQhCApDUFCCQhIUGUHRK6_z2Dim3OaxyZk9z848u-VIZetDel1l6yIhoHoAzcuxTN81VxBmR0b9yPCRqoCyrBxRxsthukcer35l7cNn72NDzBr_NwyMLCHNAqipoS-nZPXXv5DKKXnm9l0wugsT7yKUR0BzG7QoQTsl-sns6Y7oiE7OFmlocttxm-lW1lEJTbaKjtCiGaouuCqRZnVkW7VhvEeOjc5fXLmzf2iXf_sWIrxH5oFQl0h1iXfkjwTr8bXReVWQ8XlVGPL12TSTXdmn1RFeyGgmHvniDbFVKM1PnTSDm6-ElVCVty4Kk52mCZfJuiFfrkjOhV5VOhTku1NmTbBzuems5DrJ09PnXl091U21MEaqZAIqp-ToHx8hlFNy7PvP9x-Y_8J9hOl7MOmhT6MIWFpHLAlicchTVsL8q2eH9dBcw7qug2ZXkHRL9HSJXlyCxgOY_OgoS_W9l-9-WsVnYHF9xGJdH7NYxx9Xe_qmgh8q-OlgbUbOGr7D3Fa73RJRi0cudx2XB74lAo8GLS_wfGRmKlf_XvsnAAD__2pLQaQSBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\nvary: Origin\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 1\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 5a25119485369b1cbd8471812b40c8e5\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":378,"timings":{"blocked":280,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"rockyspoons.com/impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKmuqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhok3v0RZ72EgOB4ccCsB_8CEYLepDcLqyff4XvvfV8fvvf61ZVhsUt8FHR25nW9KdOULoYtp_nMBam4Lm3z1Pmm67ScY80LUrWDY831Gkz_BdcPWs6zzVcFW9OLnuM6juu4zRVpRKLXF_dUyOxm5LYipxV4LTcMsG7-29tiDpbOgfd3yWOQfPrI78lFSDaB6t06LuxarrPnX-kVKc21QZ9vv6HWlC4VegdlYhpI1Pb-19B2SsjHc9Bqe38C6P64ngCxnJK5J-4hVtv7NhH3rz1wGqcQCjF_GGV_ApFOIOkETF-G5D8RgHGcOg3V2zqlTUk3Hqi0Vqdk_v6fkOWUzN97HKr35XIq15vndFrkUiuL9aSCXJ9Ark6QFRPkmw3Icgcsfx-S_0gW75-E6o1P21RD8tlRmogoiTrhQhRGwULgJ3Qh6rhiwU9cGi95btsLo70VyWQCag-hsA0UsoEiaaDIGujxWTNwOgFzqd9OIs6WnIAGARexE3U8x6ERW0LBau8D5NkALB2AmStbGe_ma_1xbgoxLhSzQ_f6AyqI9sitmgyioXuzeCtLvbDtB6EXDN3ZUZUKxpNOKOKYx37gd9pt4XZ4yIUXtxPuBV4Q3bgYRoHru-4lZOa969xfEn7MgmGMNTmAKW7DditY3oDNCfq8QikISktQUoJSEpQ5QdmvrvHUerba4qktYnc_e_vZr0Y6Xx3SazpfFYqAmgEMr8Yye8deBssPjTYTy0e6Bhrn1YjGvBpmu-TR-lc2Pnj6V6yJWfP_hoGVFaSdA7UNbMopWfn5L2RySp66dQcx3YFNd8DkIdDCBS0r0G6FTTV7siu6olvEC5TZwvX8VraRd7WiaqPsCiNaTPfAdYUsn0e-0Rimu-TI6Oz55dt7h3bpl-8g2F2yH2CmQmYqvC1_IFhNr47O6pKMz-rSkq9OZ7nsyU1aH-G5nObioc9fExulNvzEcTu48RKrhbq8eV7Y_CRVXKpVS75YlpwLs6INE-SbE_aCiM8UtrtcGFVkJ8-8vHKilxlhrdRqAiqn5PAfH4LJKTny7Wd7Dyx87jew7F3Y7MCn1QRx1kAqCVJxwNO4gv1XHx_UQ3sVq2YeNL8M1avQNxX6aQWaDmCLw6M8M3dfvPNJHZ8iTudHcWrmx3Fq0o_29lTD9zV8XcMOrJw1E194zHE6S23X7yTC9QPOkrATRLxNHd8XyO1Urvz95j8BAAD__6JdggASBQAA","fqdn":"rockyspoons.com","domain":"rockyspoons.com","tld":"com"},"ip":{"addr":"172.240.108.68","port":443,"asn":7979,"as":"SERVERS-COM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.317Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"rockyspoons.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 09 Dec 2025 07:49:46 GMT","end":"Mon, 09 Mar 2026 07:49:45 GMT"},"fingerprint":{"sha1":"F2:FF:3A:87:D1:8C:8B:00:96:3B:FA:64:57:5D:DE:6C:35:10:BA:37","sha256":"8C:4D:77:5D:77:8F:5B:C9:C2:14:21:D4:4A:AB:3F:3E:D9:A5:0D:BD:CB:EB:E3:C6:D8:4F:5B:33:25:A2:D0:E3"}}},"request":{"raw":"GET /impr.gif?sid=H4sIAAAAAAAC_4RTz4scRRSu2Swe4kE04nmQKCrubP-cnTYHcY0rwZiEJBIhBKmuqt4pt6eqreqe3t2TGojB0xw8qBd7vpnsJhok3v0RZ72EgOB4ccCsB_8CEYLepDcLqyff4XvvfV8fvvf61ZVhsUt8FHR25nW9KdOULoYtp_nMBam4Lm3z1Pmm67ScY80LUrWDY831Gkz_BdcPWs6zzVcFW9OLnuM6juu4zRVpRKLXF_dUyOxm5LYipxV4LTcMsG7-29tiDpbOgfd3yWOQfPrI78lFSDaB6t06LuxarrPnX-kVKc21QZ9vv6HWlC4VegdlYhpI1Pb-19B2SsjHc9Bqe38C6P64ngCxnJK5J-4hVtv7NhH3rz1wGqcQCjF_GGV_ApFOIOkETF-G5D8RgHGcOg3V2zqlTUk3Hqi0Vqdk_v6fkOWUzN97HKr35XIq15vndFrkUiuL9aSCXJ9Ark6QFRPkmw3Icgcsfx-S_0gW75-E6o1P21RD8tlRmogoiTrhQhRGwULgJ3Qh6rhiwU9cGi95btsLo70VyWQCag-hsA0UsoEiaaDIGujxWTNwOgFzqd9OIs6WnIAGARexE3U8x6ERW0LBau8D5NkALB2AmStbGe_ma_1xbgoxLhSzQ_f6AyqI9sitmgyioXuzeCtLvbDtB6EXDN3ZUZUKxpNOKOKYx37gd9pt4XZ4yIUXtxPuBV4Q3bgYRoHru-4lZOa969xfEn7MgmGMNTmAKW7DditY3oDNCfq8QikISktQUoJSEpQ5QdmvrvHUerba4qktYnc_e_vZr0Y6Xx3SazpfFYqAmgEMr8Yye8deBssPjTYTy0e6Bhrn1YjGvBpmu-TR-lc2Pnj6V6yJWfP_hoGVFaSdA7UNbMopWfn5L2RySp66dQcx3YFNd8DkIdDCBS0r0G6FTTV7siu6olvEC5TZwvX8VraRd7WiaqPsCiNaTPfAdYUsn0e-0Rimu-TI6Oz55dt7h3bpl-8g2F2yH2CmQmYqvC1_IFhNr47O6pKMz-rSkq9OZ7nsyU1aH-G5nObioc9fExulNvzEcTu48RKrhbq8eV7Y_CRVXKpVS75YlpwLs6INE-SbE_aCiM8UtrtcGFVkJ8-8vHKilxlhrdRqAiqn5PAfH4LJKTny7Wd7Dyx87jew7F3Y7MCn1QRx1kAqCVJxwNO4gv1XHx_UQ3sVq2YeNL8M1avQNxX6aQWaDmCLw6M8M3dfvPNJHZ8iTudHcWrmx3Fq0o_29lTD9zV8XcMOrJw1E194zHE6S23X7yTC9QPOkrATRLxNHd8XyO1Urvz95j8BAAD__6JdggASBQAA HTTP/1.1\r\nHost: rockyspoons.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://hehehub-acsu123.pythonanywhere.com/\r\nCookie: pdhtkv=true; uncs=2; pdhtkv49=true; uncs49=2; u_pl25634524=1; nlecdf85ebbdb343866e18d5de2b6fd24249=[5941311]; uid_id2=afe9f985-9594-43fa-981e-3f1ab7216259:3:1; iprc_l+78b49f59e2af85769b819aa98201013f=5941311; iprc_l:5941311=1\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.21.6\r\nDate: Sat, 20 Dec 2025 19:30:32 GMT\r\nContent-Type: image/gif\r\nContent-Length: 7\r\nConnection: keep-alive\r\naccess-control-allow-origin: *\r\nvary: Origin\r\naccess-control-allow-credentials: true\r\np3p: CP=\"IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"\r\naccept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA\r\nx-envoy-upstream-service-time: 3\r\nHost: rockyspoons.com\r\nExpires: Thu, 01 Jan 1970 00:00:01 GMT\r\nX-Request-ID: 9cf4bf0101c0111854d7b1c3e0a76961\r\nCache-Control: no-cache, max-age=0, private, no-cache\r\nPragma: no-cache\r\nStrict-Transport-Security: max-age=0; includeSubdomains\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.21.6","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-16T17:50:43.021957Z","times_seen":16476669,"resource_available":true,"data":null}},"time_used":417,"timings":{"blocked":319,"dns":0,"connect":0,"send":0,"wait":98,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2025-12-20","alert":"Sinkholed","trigger":"rockyspoons.com","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Roboto:300,400,700\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.251.38.106","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://hehehub-acsu123.pythonanywhere.com/api/getkey?hwid=1766287809.8803766","date":"2025-12-20T19:30:32.881Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Wed, 03 Dec 2025 15:53:13 GMT","end":"Wed, 25 Feb 2026 15:53:12 GMT"},"fingerprint":{"sha1":"A8:BA:6B:80:7C:EC:B1:6F:C1:C2:03:D7:C9:27:6E:75:DE:4B:AA:47","sha256":"4E:2C:B9:C5:81:56:5E:97:93:07:22:12:66:E2:52:C6:0A:2E:17:72:FF:9B:5F:2A:B9:E1:21:80:05:6D:8B:3D"}}},"request":{"raw":"GET /css?family=Roboto:300,400,700\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sat, 20 Dec 2025 19:30:33 GMT\r\ndate: Sat, 20 Dec 2025 19:30:33 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":16755,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"1f04e9e49d52374a409de4887e47180d","sha1":"8fee2f920567a574448d1aa6565c95951b68f9b5","sha256":"10cf0680b9dc5b310d265479bcebc5b380474bf2e8da9361cf8be458d183994e","sha512":"5fde8f721343e9c6254229e791ed64d6b47f28fad7690f7c83fa8c29e3112d0974f65ae0c63f09acd3e026dcb56c4de3fe0ffe37c464eb326b0495aa6c03b31c","ssdeep":"384:pKf5KgKPKrKyUK/qY4+K4KYKpKfMK1KWK6KyhK/qY4XKNKtK4KfdKkKDK3KyQK/9:pCJmwBUiRDfMTcfFBhiEymdmtC0BQiVb","tlshash":"df7210a1041750009b834ce223cebf35fe1f52117152d0b5abfdab6b9dcbc66526939d","first_seen":"2025-11-19T00:20:32.486705Z","last_seen":"2026-05-28T13:25:58.724835Z","times_seen":6027,"resource_available":false,"data":null}},"time_used":332,"timings":{"blocked":143,"dns":0,"connect":8,"send":0,"wait":19,"receive":0,"ssl":159},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}