{"report_id":"8aef0d6d-a452-4482-8103-6a8ed80afc48","version":6,"status":"done","tags":[],"date":"2026-04-20T23:44:16Z","url":{"schema":"http","addr":"wa-fi-store.site","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"final":{"url":{"schema":"https","addr":"wa-fi-store.site/ar/","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"title":"عالم وافي Wafi SA","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"wa-fi-store.site","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":0,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-25T23:44:16Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"wa-fi-store.site","ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"domain_registered":"2026-03-19","domain_rank":0,"first_seen":"2026-04-20T23:44:24.892274Z","last_seen":"2026-04-20T23:44:24.892274Z","alert_count":215,"request_count":215,"received_data":28500019,"sent_data":107356,"comment":"","tags":null,"fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"cdn.salla.network","ip":{"addr":"104.18.34.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2022-01-08","domain_rank":1680682,"first_seen":"2022-09-13T06:28:40Z","last_seen":"2026-04-20T17:51:20.121276Z","alert_count":0,"request_count":1,"received_data":144345,"sent_data":421,"comment":"","tags":null,"fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"prem-box.com","ip":{"addr":"172.67.194.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":1,"received_data":221775,"sent_data":436,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-9776f50d.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"3aeaaa33d24d8f26692ac09b9f9a5565","sha1":"e263554d3704dedb53463215a2c5b6c29f5bb627","sha256":"f2a5ba53fbdbd5648927708f6da6002525148d4f6c10e1a0a7c52211e1542abf","sha512":"8d799889e34763c2cc4d6ed43e7ffe2ccf8316d4f382e3e9e2f7d78961ff82a5abbd22f19a675f2dbc98df4ad0c83c20677b379d3a9b48116e7b5bf4f7eae69c","ssdeep":"192:Mdwp8tlV1dKG6fJYepWM150s7KFXR6rce3V5Au:VaPC5mFdel5Au","tlshash":"8a12a6ddf9bd6071038778b4d87f160eb23a39985058c110e892d9b6786a88ac737f3c","size":9033,"data":"","first_seen":"2026-04-20T23:45:00.28889Z","last_seen":"2026-04-20T23:55:40.740449Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-1a7e80e0.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"22c261c48f5a41a4316ea0003aaab22e","sha1":"9623072f6e657208f37b156c1e9d9e24e07bae12","sha256":"c6e3c77af06678546eee8da8743f62e56308a374310f2ec87b735e0e1a6de8f2","sha512":"c76013d79a867e5bce59464753a6ee81fd519db182c9961b63b0df504c6b6af74cea46a42fc58c5369a755352402c8475a78258d3b5d2de32b3f90bb2a11b701","ssdeep":"","tlshash":"9e31d4ffa360d1e02fcb1afbfe271082365508bf169c548561a86984e8939ce5231f99","size":1596,"data":"","first_seen":"2024-08-31T08:34:01.670998Z","last_seen":"2026-04-20T23:55:40.625613Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-8f7b9e36.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"3f62a5290a3cdd0d581ea8a37e19981a","sha1":"7f33d760fa9ba8eda85a308f1bb461e23b7416ff","sha256":"01ccfaccdf169edd590181725b13e6c436b806c9abb16f3b0074e8c209d8456b","sha512":"ca3629309f669b34f68d72108be2fc9d982cf60b3f89ea51a11f5ec35db5f0eb1401c6310a407fc18ee80b92ef664acd32b2668735057361e34e42dc696525fb","ssdeep":"384:jL9AXp9eL7ydWqiNJzH09uU9q4UFthlnO7gBwrI:39AXp947qCcevhld","tlshash":"498275cc37c6b1a697d32a35846f2407b33dae81540dd491e62ae0807c74d6e8a37eed","size":19264,"data":"","first_seen":"2024-08-04T21:57:29Z","last_seen":"2026-04-20T23:55:40.609277Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-61858adc.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"17650354695ac13d5061437c4d89f5b3","sha1":"edea3f21350f081337e85837c32057763352c7aa","sha256":"4a9ea07a79bd182ba7f2baaac59920589074e2a31e7da9986e6840dd6eeef6dd","sha512":"a3233fb1e12fc7d4f2f7e7ea6cfcbb98d38427f394ab99bd0434b352e1864f0aa3824ed3f3099d0cc99a0989304aebb39470a06a0933ef4f5ea9240a5437974e","ssdeep":"","tlshash":"27f0dde8d330e03c099a66dd8b0268e17196a065c2408808b5f898e68063cc8a036ccb","size":636,"data":"","first_seen":"2024-08-04T21:57:29Z","last_seen":"2026-04-20T23:55:40.684674Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/ar/","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"aa442a5ed5aa5893473eb728c1aa06f5","sha1":"c832be3e609065d181eff7fe80836f8f6a92cd91","sha256":"bf2a6721bd846e69033e40228fcd4b4209028459bcd9c0c9a16fbdd571736192","sha512":"a46c7975f5fa62a7093201c99dfdf9528517355f32ef5ff7a18947efd284b17be84b65655c732253cdb400108d441193804b9414aa5fb0aaa3ff1909012367a9","ssdeep":"","tlshash":"b701362ea4580c8664bd9c23bf577609304a2127c39914217f6ec328bf76903e6e1bfd","size":755,"data":"","first_seen":"2026-04-20T23:45:00.431434Z","last_seen":"2026-04-20T23:55:40.762578Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-70434381.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"6536b11ec9e474a613fe1dcb2f844b30","sha1":"5bdd14a1dc9b5ab8933d64e8f93c898c3fb2a987","sha256":"7046cc41ce71ad1a3ce1a59613f385407dc549041228fc166e82b06adaee5b7e","sha512":"d3eb119ba373b56b91c8bc99ed9c497606c033cd122e099cfe517ac3e95a629423d77c2d784a9af992f0974db2cbd62391f0a84b1913254123260e7744a80be2","ssdeep":"","tlshash":"7121eb98d332e1f5295b8ac28b1d788e1489696e2fc10d3c633e83e749418ec7310c8a","size":1215,"data":"","first_seen":"2024-08-04T21:57:29Z","last_seen":"2026-04-20T23:55:40.701554Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/card.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"331107684dec8d25b7059a8924d57bf6","sha1":"66c02247832864e65e69b2fa343e60dc28289b87","sha256":"ad88fa6f53ab128b0fe6a1ddd08cc744ab07b1fa56eb8b49f158e8e504e53a59","sha512":"67d9bc28d7a1c04956ecc0023d5ed7005f9f1397eb1165185e4834f3fd8fde1fc00d171ef53fa7e910f9867d4c4f93dd4b3efb9a2120ae2978d2f0ead4184500","ssdeep":"192:PHrMxWT72qSGBIbSxRsStx0qrzncxPKzp8MFT4YeI:zMQnJIOxRlx0qrrYPWdFX/","tlshash":"eb8274d8e0f1603191bb8871841727cbbb68790ed2c6492c767ed4d53b9dd499226b3c","size":17652,"data":"","first_seen":"2026-04-20T23:45:00.216363Z","last_seen":"2026-04-20T23:55:40.723187Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-f0bfbb14.system.entry.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"f38a0349207c3ccc84174e499caab419","sha1":"87cbcbb13bd64b89e1c21fba64e955d5f3f989bf","sha256":"82a0033209ce03d500695e849b4c1434c855149a77e77899d9c8e0941dc332a2","sha512":"0f8812094b3c7782288637edfdf852f2808c8d6bfb4a61bae0ce04e9137cdc0a53824534624fea604cc3a7b852b634f477f59c939534c82aa16d6b43a2af6a24","ssdeep":"6144:GydJsjmGj0qwdEPSnxY/vjAXcXDbo9dPEOF+o9yqhuRXO7VUMFB:PdjGj0qwdcvEaOFFuRAUMFB","tlshash":"17f45c88f3b53131c293a0b8d07f2506323a7d56a542811cf63dede95a68d4a62b7f7c","size":760582,"data":"","first_seen":"2026-04-20T23:45:00.343293Z","last_seen":"2026-04-20T23:55:40.735078Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.salla.network/js/swiper@8.js","fqdn":"cdn.salla.network","domain":"salla.network","tld":"network"},"ip":{"addr":"104.18.34.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"24fd8f796609d79fcb7b6e5ae754433b","sha1":"f4dc8d46086739c58121185b2d0f4e190710f11b","sha256":"f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade","sha512":"87956ffa7fb3d1e467949a14956319e0f2d0bf825f68256d814f53b518cd62e365b52e500aa8b80f87999f8524cd966e1b6a78541cf760896c07b036355adbc3","ssdeep":"3072:RJLCyDdkEUYnafpoy9v8cIWyUaV4y+oGeJM91EfrNK/YvF:RJLC4dkEUYnafpl9v8cIWybV4y+oGMMC","tlshash":"c3e3f8896360b1a552e3268b93a9c651e3b51400b409c4e871bd0c9b6d7ed9813ffffe","size":143706,"data":"","first_seen":"2023-03-13T12:29:47Z","last_seen":"2026-05-02T06:33:37.91701Z","times_seen":12052,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/home.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"1d0c775a40601e53a72be8e9c41ddfdc","sha1":"d5e88b793730599d2a2be681fde7620b24fd8113","sha256":"3a1aed50761f5e9a62b33bf15cb2f1a3ff238b2ce9ba41672f07e754c6d10bfb","sha512":"480338fd9c7fc013f6593b99dfa9929ea8c1406909f9bcf63064a65e0f1ba28d8076b581295af6b760791b565f59776b8bc82c75e19723c14b34d28ac158a846","ssdeep":"1536:UfVO9O5RF5HN6rEm6LB5r1UbcS8JgbpXjtzeKKmCe6s6wpVPwCEwCamzfadHjG3K:savDGg960V4YFpPopc","tlshash":"3db3088bb62524340be73bdbcafb4a587379334554658060bc6ec5861bb4c258373bfa","size":109895,"data":"","first_seen":"2026-04-20T23:45:00.232048Z","last_seen":"2026-04-20T23:55:40.675542Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","size":1239,"data":"","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-02T07:31:00.93093Z","times_seen":321167,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-e44f4650.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b04da523961f63a7461d632ad73f741","sha1":"d0536a6ba214394876ab1741f2f95ae5f35b9b18","sha256":"d2e1181c008922d223b81bfa4181770be048a04a6499622a94ebbe6b214df890","sha512":"a3a391bf416ed1bb64dab3570140e4ab81cd238eda912e7aba7cec555318b3f42d1c0b59f7dd3933aff8bb8d656f24a9075f5dbe4f526b7ebb401ae818882919","ssdeep":"","tlshash":"b701f1ece370e5e4188e49c82b1934cc70a9252973e00d0cf3b552ab40434cd70a0d8f","size":798,"data":"","first_seen":"2024-08-31T08:34:01.665499Z","last_seen":"2026-04-20T23:55:40.61524Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"webpack","addr":"webpack://Zuck/./src/modal.ts?","fqdn":"webpack","domain":"webpack","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"c043ca44394f0de2a5dfeaa28909859e","sha1":"bd6f9684574517a3a04d565d43a687ace1d7127a","sha256":"a590d0c7f746ea59e65c22923a32efce0fd04d8752bb973dc68cec9db4a13dad","sha512":"4460f6506af7f28b5192e0e62166ebc35e3e8db1610506f15a4c52605d40b5818cc77f0f8305e7d03eb29a0122e1a395509d0404d6c405e3cc59c7dd4ba8c095","ssdeep":"384:evlybjDi6foXWsuWPORMP68uPfpaKjOaby8yDfEb5tHq1FGTHrIum4Zi:Bbvig5DnNby8ofq4XGTq4M","tlshash":"b7d243889afb18355feb605feb6b8864a3f5420b118cdd5138aec6085fb093507727e7","size":30183,"data":"","first_seen":"2023-08-30T15:05:18Z","last_seen":"2026-05-02T01:53:00.463464Z","times_seen":101,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"prem-box.com/ar/languages/assets/17317736394.js","fqdn":"prem-box.com","domain":"prem-box.com","tld":"com"},"ip":{"addr":"172.67.194.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"9c7329fa2a2895890882622adcf2d884","sha1":"aca1df66964b635cc0094071f9c67531abfaf99c","sha256":"9c80bd21d0fc96f0a29101dfe97688661fc2659c2266b75045ea85582d59cfc6","sha512":"56ce5ee2024329b08a5b50a88b8c29fc7a162c9fbc60750fa8f6872a9fd36cbeb6fdb065ccc82406a22d8d88d827940c81be53120a7a63280f7a26cad6a93a8b","ssdeep":"3072:OonLFusWmJ4xjDttQxbk9o+gQDvbp0reIvWVY:bTWm2Y+DDFDu3","tlshash":"fd24f9965a38883617968b9bf0c73959d9f40ca393deec318cca861c43e6615e35f83d","size":220265,"data":"","first_seen":"2026-04-20T23:45:00.435564Z","last_seen":"2026-04-20T23:55:40.765673Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/twilight.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"2045c64f166ee2780d966cabaa5d31af","sha1":"bba7444381f0ddf4fae04a097e5f39c7f23669c3","sha256":"d24f2128611bc32e62e8d56f35815e499957f7cf6a75360d871ce6dd35427e51","sha512":"2c6fb48703c6828a0c2a4a603a1b158dac555946cacf4d4f3caecd480d3812f0b65c9f97cbbb579e0a7d2f07e0c7371f69153110cebfe2be48727284153c6b84","ssdeep":"1536:K2Rn+UWh7iqRd8TW52apduqcn/e8iaKU98:pAU67dks2ap/","tlshash":"f0c3a3ccfa91b06646e33174012f140bb2bb5a59f44b8590f26ad5d07cbe94f60abf2d","size":119607,"data":"","first_seen":"2026-04-20T23:45:00.185545Z","last_seen":"2026-04-20T23:55:40.640869Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-35e033d4.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"d9c83448b9418f3de6b52ee56ad74eb6","sha1":"1d6f5176840405ac6f91958f5017ff4be28503db","sha256":"02918f85392f5a1520592452248aae3909e5c5e562a6dfde311ede74c8fab921","sha512":"90cb71e562cb5e502f18ed8ee9917a7edaebc06649bc62fa3a7d36e0b1bea4ca4a658648f6be1fbef88a7fdfeb4b4171d47d5e3498480df764289146bff9c66b","ssdeep":"","tlshash":"df21b49b4b68d9ad104baab2df3d2088325a09b873e0302cf9adf1694413407e402f1f","size":1221,"data":"","first_seen":"2024-08-04T21:57:28Z","last_seen":"2026-04-20T23:55:40.7422Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/ar/","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"bb28648bd4bdd042bb5021b702e81a81","sha1":"20395184385b6d6b73cd9b0bb01b6739bc10d8a4","sha256":"8c5fe37e94b7431aea5e0878f16f17cf0e66ccd0e73a3c5b0990ee60fa189b0a","sha512":"78392938bf43997847d84cbf237597d538f9d9e87c1b7fbaaf5ee2d30e0b52bf1343781f93972497416bb46b8d4b23d0b8f2f9197a63cf232630aa655a05fd7a","ssdeep":"","tlshash":"61118e19f2ba521e4433a2f509ae9248f93450172188ee087f8c33a19fdd8664ef5f4a","size":988,"data":"","first_seen":"2026-04-20T23:45:00.437058Z","last_seen":"2026-04-20T23:55:40.763245Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/ar/","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"de9c3776509fd68e47e14ef8b31f4184","sha1":"0b4c4fec8a53128aef32637922058d68e433e82c","sha256":"c58b4e3972cb55f0c78523af46b3ba04867bef23cbd2f2be6e52b9fd7fa2ddee","sha512":"d58cf0685ef51f00b2d53ef587507282bdcc1a2ccf26f859f4d2758192d02406c4edcb48514bea5f1ca31a0d59ad938357d0821828449beff7b13ec416b43693","ssdeep":"","tlshash":"60a0128b9000001345ee4ce057073b287102203ec811d000a4038114b0502175592882","size":86,"data":"","first_seen":"2026-04-20T23:45:00.438561Z","last_seen":"2026-04-20T23:55:40.76631Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/app.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"94b79e00bd579857497c744e9d213c9d","sha1":"b823726286b2f99705a7e72ed07870a0144ba72b","sha256":"89338cc0b5713c8521d303761d1f7923a2b389b19fdf6bdb03a7181991e483e5","sha512":"77abf1d13a571f902e4c1913247b9bb2af4469f200f1f6e150098ab0de5f1040d6168e0be2fb30ca18e133c97c05f584d74b948c42866f0164c7f2d7053caf68","ssdeep":"3072:elZW09nHuBsbgZyF9G6rMo1YjSdI0fsmU:KVOBsbgkQy1YjQw","tlshash":"a5c309987685f033a3a7517a50afe109b37a6845fc5a8814f429c4c46dbad4e6333fbc","size":125169,"data":"","first_seen":"2026-04-20T23:45:00.258762Z","last_seen":"2026-04-20T23:55:40.676231Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/ar/","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"3197a313ac3990fe11e39529d01aa204","sha1":"f23d391ffb55999590f02ddbcb2abece8d7627b7","sha256":"b58857d0186b6f87156eb67c72b62f715f23a45fd13c2658c7d5cd8d5c6e15c7","sha512":"e3efef9fc5905ae80aa81fa3cc0f71faa0760054c21cc8c8af42dd20f1f66b9112dfc1084d056e2eaf1beb8d65b13178ff5e2cf61749761b451105f8cecb408c","ssdeep":"192:gEXeosESppktxWTEaYkrP9nHIuBVuYmY96by2u:gAej7pStxk99nH3uC9Gu","tlshash":"68f193ee37be28ad99604341993dffad1c2f18631459a9712fdc4b9816f918c23097a3","size":8117,"data":"","first_seen":"2026-04-20T23:45:00.440224Z","last_seen":"2026-04-20T23:55:40.761142Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/darkmode.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"876b11ea6011ee6406e7c5c2f2c2be58","sha1":"b45376c2716b208a65a13288e949bf5fe348c1c8","sha256":"5c7a2eecf2ee261063f1c3740818ab509ac1c72ccc08980b1b5ed9d84fef7a1d","sha512":"2d4729a579a1612f385070f5b68fed9d2c024dfb6932dd7c42e8a250e60c2cf4915afdbd8dc2d40a499b1d5ab64d2d501dc2f1f0e2404ea0f9e77c378eca3c17","ssdeep":"","tlshash":"e2316c763c0d557f409b11dfb2c6ebe93a2918dae9c85530e05cc44a1236dd74220afa","size":1649,"data":"","first_seen":"2025-06-03T05:34:24.833597Z","last_seen":"2026-04-20T23:55:40.652687Z","times_seen":6,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"webpack","addr":"webpack://Zuck/./src/utils.ts?","fqdn":"webpack","domain":"webpack","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"a5290736322006734f05f2a252a54f97","sha1":"c9bab124274bf628e968595c347301759580d866","sha256":"e22ccdcfdd1dcfc39818da488597ba7bae0a2b6c3bbae90113632f9c27c1cb1e","sha512":"5c5dfb3775a792538ddf2204a9518a975bb812d16fc0d238f2ab5f7dd8822777314914576078f993234b747685611f1270bdd3a4429d8ce7e8531ea741f032ff","ssdeep":"","tlshash":"f081dc8e99e700a52717f620d3ae7554bb7aa813215dee10390ec1509f92c3443bbbb7","size":3888,"data":"","first_seen":"2023-08-30T15:05:18Z","last_seen":"2026-05-02T01:53:00.490268Z","times_seen":105,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/ar/","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":true,"md5":"c28227a9bd3b1141e9d30d9c22d734bc","sha1":"7a98c2fdf51d25cf840e301e2c8faefe3ccc319e","sha256":"80352c68129e402a0b05090068b5bfce01427bcfba4ed677f53ac3c4c9c09711","sha512":"4c7dfd11ec893d79a1d732ef310d45efec5a1705c2b1341dcaf4f93301d0a8ca6c68e7f19997973b63797fad1bbbde8a1eb7ce0f1f7889656f3c009de645b977","ssdeep":"","tlshash":"5df0270a04b77e274473ffaee21fb735283a1f23145846417b9da7554f350bab304988","size":514,"data":"","first_seen":"2025-05-11T15:30:38.997967Z","last_seen":"2026-04-20T23:55:40.764475Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","size":19948,"data":"","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-05-02T07:27:30.160018Z","times_seen":334470,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-9beb6b7b.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"cd19cfdc1f335a608415b6c506e7a64c","sha1":"b2e6bef4a8357da6366a5e6885afae667bb25418","sha256":"8d8637d34ff102a20dfd79c001e18fd493f9b1f823a634230136a01f2faae17c","sha512":"d109aa497816949af207412f1cc5eb07a702f3d5937710e72131dbd7e65feff8da2b827ea38aefd14085c61613f3d6fb9bd1d94801754b3db98e1c50bf09f221","ssdeep":"","tlshash":"f0f023cc74f0b060162b24fd811b70067273d97f13bc6080e1d8947868f115d47e4e3a","size":646,"data":"","first_seen":"2023-04-15T09:31:52Z","last_seen":"2026-04-20T23:55:40.653565Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-f422bbf9.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9866a93a5d5bbf39d645c8011a79043","sha1":"f2451a698b88f1b132b5c35a8735e41e013e9508","sha256":"4ca32351b05aa213812a9b410b258692566dad6f09638417ebc46bd70834945d","sha512":"ac392e3f6da7e5ae5e31ab7bb53341ee3f150e69ef2e2ce8dfe8c431a6c8c3b9c607e1d593f04fb1e1b89b0be9d75039af9dab6d07653ae5c038fd614cc50d11","ssdeep":"768:it67gavUepkZghFoJ0ENd8jdoaS/xuke1Oty0d9:867tp+gB5S/xD3n","tlshash":"42b2d7bd76dc72316be234f5806fa007b3fb7662588cc924d616e8903d3a50a9067f6d","size":24861,"data":"","first_seen":"2024-08-04T21:57:28Z","last_seen":"2026-04-20T23:55:40.73978Z","times_seen":18,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-3e698672.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"b9502109edc5331a9097fe50752c11a3","sha1":"98c13333496d548e25f4d70bc9ddb15eed04e28c","sha256":"d88f7aacf1802530a6200d95f69c04e4bc32354cf33d94ee6ed8ea2f18adf873","sha512":"ae14b61c41768bd1c830a67fefcac139148eac6a3d1eb537ab066abcbcf22a5cf04432b851f4dd0321c556e6b403bcc2d8d506f7250025f5e7ad62197d05e7d5","ssdeep":"1536:AKBtVLZ5nW5EcKRhwZHycMuMkQPmnLnUeeMfMlNYlY6q+BlDLfLsW2jKYHd9ouf0:bBtQEcKRhwZHekQPmnLuGi0sd9Sxp2E","tlshash":"cf14b6ddb2e6b07343d6627ca02f2106b236b969749d8214f154ece93d3d90a9233f79","size":194095,"data":"","first_seen":"2026-04-20T23:45:00.414777Z","last_seen":"2026-04-20T23:55:40.734554Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","size":12332,"data":"","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-02T07:31:34.373109Z","times_seen":102055,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-910b705d.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"177eb245f3795176554996713c1d2bcf","sha1":"3c8aef6018690009260a1e2a9847421a2c39c9cc","sha256":"7fd825003bdde4cef63d45088b731bcd0c7fbdbf920b3cc4dc9d745af25baa52","sha512":"22d3be909ac1cd0c8b02cc6cce08d562f6304277779fddcd0c9b7179023fff1e989001bfdff2667e7b5caabcce44e3cb672871ec45034e220c414a4108c6cd48","ssdeep":"","tlshash":"b0119cfae7f4a0e0b85e75448f765c96211268f84ea0cc4cb37da845d057dde9330d59","size":956,"data":"","first_seen":"2024-08-04T21:57:28Z","last_seen":"2026-04-20T23:55:40.75635Z","times_seen":19,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"webpack","addr":"webpack://Zuck/./src/options.ts?","fqdn":"webpack","domain":"webpack","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"8ca53ded42e6de95a00488d9f30b8a1d","sha1":"d91064ada4efec35c294ca08ce085ac85a8009a4","sha256":"35d51f632afae1ea7b0c0ed556bf19b35bb9d5dae97f3cb1d8ebccb14ac0aa23","sha512":"7ba0cecc7245fc8f49a3a26f87d1d2f2f175a9fdfadaa2a5a193f88969cba9ee9c35c7785d962f03e7d0e070e8c879430ed685a5b3d6c35804ac073aa6a17cf7","ssdeep":"192:6glvDLZxrfrd00OSC160eoAm2w5262p/wb/9b/qjIEQnJunx3anJ8d:6glvDdxrfrxmDAWbVbcZ","tlshash":"df12ed6950eb1231266770e64a2f5f387abcb9179c188d607a8d83c45f68c18e3fbb54","size":9427,"data":"","first_seen":"2023-08-30T15:05:18Z","last_seen":"2026-05-02T01:53:00.451022Z","times_seen":105,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"webpack","addr":"webpack://Zuck/./src/index.ts?","fqdn":"webpack","domain":"webpack","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"eval","is_inline":false,"md5":"b383ca1a074b84fb50fadc4b52bc648f","sha1":"6337530977711e66e8dc508dda423b1d1df0a662","sha256":"e5ea5c27270e0af235f76af7e488ca20432b7839196b824602988b5daa77e448","sha512":"6a008435ee01d6a5f3b2aff6689a5e2ec99f81f9f536607eb4d29c170f762e11dcd72dcf29ad7e8382893b10a856ad4e4bd364408594e4c407aca92acc7f0919","ssdeep":"384:9HMECopwCywCKknhvgBq2ePvNzfL/5m775IWw8:2ECopwCywCKknhvYGvFfLkIS","tlshash":"6e920e4ea2b719391e6370a9cf7b5464737aa1072448cd507ccec2041fb8975abba3e7","size":19505,"data":"","first_seen":"2023-08-30T15:05:18Z","last_seen":"2026-05-02T01:53:00.443698Z","times_seen":104,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-d2b0dbcd.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"dfd12970760ec973fa88774c2b431c08","sha1":"b7aa96b5b73e703f140183ea0928b84880b884b4","sha256":"95c1499a196e36c39a066e6d287ada8738c750854437eaafdb2b5264ceefbdb2","sha512":"e02fc074870043942e01bc92398efde78b21f653a6067e188bf736442232b88709fbe4f2549e5a82f341c4d20a26d83ef8b905a695d21ddca07b73dc7d967935","ssdeep":"384:9ML9MMXlbYGnsToJ8aQKzwl2r6RFtya6s44xLaqcG3W/e3iX0GwcMtA8zcvJRt6o:9E9M0l7nsoCtB8EG4zW/8Adxj","tlshash":"b4b2613bd3b54473059273a73b44d4c2dcaa3287b3880b6916d8f429b3aab4d57319db","size":23920,"data":"","first_seen":"2026-04-20T23:45:00.255773Z","last_seen":"2026-04-20T23:55:40.698224Z","times_seen":2,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1836353646.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.926Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1836353646.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 32584\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32584,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5e59931bff2311da7e2413b61e08e84c","sha1":"e7f55b3ef809ed2970c0678b5ae60207d9a19869","sha256":"cc3d726f26b4370dc9963dc9278e10b28f202fbee31e87e592206155e38b8dc6","sha512":"9dd3b9d513f72496b469c1c2c72c6b4d46c01ed9db3d89a5bada63ab8643d900f6905a45bc197545f56daa79a88ebb0c8776e62c389d171e7d095e6c68481184","ssdeep":"768:VnyrDnxtAF98EGvS9TZ3+7bmCqaLaS1t2X:FgDxtAF98FK9pwq7caS1t6","tlshash":"01e2e1075720572cf106f9fbaa588eb7ba52d451cab0e3034ba78dc4126d8f5135ce8e","first_seen":"2026-04-20T23:45:00.01612Z","last_seen":"2026-04-20T23:55:40.617547Z","times_seen":2,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2289333978.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2289333978.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 29704\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":29704,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"836ceadafb57c8937fec948930aafda7","sha1":"2979872505b6ed485351d0e0cae68110fe452f1a","sha256":"fdb0931cfbef7cb1f8b16943a9ecf107889fcd8be07bd53b99773254aca6675f","sha512":"f86d7a64a5524cd830a5c199571e6a97b5bb3fbbd83cf007baff6cd7f539e134abbf982a53831a15c062abb8e72463569cf7af1fbf78732e10107a9c03445caf","ssdeep":"384:q+74zVwy30ArFxcyzRakvZt2V1qyMkXjVzm9kL92kZ9tBEJ3qHqbwhlXW0MejhSX:T0hVzRdkV1gIBEkZ9tBEJpglm0sld7","tlshash":"bed2e10092c602a0d294c7b68ed4263d90c1415eebd5fe6370f0ae1caf7d8e6aa97d5d","first_seen":"2026-04-20T23:45:00.018471Z","last_seen":"2026-04-20T23:55:40.635705Z","times_seen":2,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2516387666.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2516387666.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7878\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7878,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"cdf258d5fa046a8df646bd76d825b488","sha1":"02a36fa0bcd861e32f81c3435da19383e1882de6","sha256":"8d0cbcfc9b8328655c6fc9ce7a3c73ba2d2f0f774602ad857d4f9f9f0671bfff","sha512":"67a69dcd61f277368b4011bb4d9b6273f6f91dc8fe47b7c4f9f7c80bfafdd4f3d37bd4c922c42abe066acccc1307dc19f79cc611be6f789d5c6936f1fad8eaf1","ssdeep":"192:HIwsBiPFAMYFnPZjQDCM3QC8nk5GUXYg+y6Ovc:oSNYDlMv8ngGUXyOvc","tlshash":"fef1be17623cee82fe1b18bc5bd07b1c611311b2c21f5ee23b50a2c9a16ee1b380da00","first_seen":"2026-04-20T23:45:00.020613Z","last_seen":"2026-04-20T23:55:40.679202Z","times_seen":2,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2675654173.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.132Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2675654173.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 333014\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":333014,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced","md5":"571ffcbc1e1526cd43e39c7fda941339","sha1":"48190cdde74393115f2491dd21797439439bf00e","sha256":"8365ccedada3af6e18b5f01b70a2e16e2d6f2a74d4fbb35d56e7ae6b01b34774","sha512":"6e7f84ef3a71aca4365edfa2b577d9c145ac298b28f5abe776642699b46223505de2501e715f13d42b729ba6d7754e72c93229f9d51e2bf562106b2a580b7af4","ssdeep":"6144:ABDJAxFkhUmxVS0O5VfepTIwM7AmM4rm+7yCNoo4tmWhTEtJcr:8dAx637S0aVXwMPyknoyWincr","tlshash":"92642350887fd30a8d9e0a356e2518820e1669a2c174d174f14fcdfcfb4bf88756aabd","first_seen":"2026-04-20T23:45:00.022639Z","last_seen":"2026-04-20T23:55:40.710868Z","times_seen":2,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2290119971.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2290119971.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 172018\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":172018,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 910 x 910, 8-bit/color RGB, non-interlaced","md5":"a15b00a65846db8acd36393c15b1db3c","sha1":"b4e875a8d865dccfe3b5d0f4c1a74012daa432d6","sha256":"430b475f16f9994e5b7e1503d29f0b31c16101c0ccfcad58b28c47482f90883b","sha512":"6d78858ed3b375a51802e4713b6e3ccdb87fd110ed9087a6fa24043481a60072efdff5d1c24685eebf7c4ff5220198a8f4d0a9bf6223aee3a907776eff5aff2b","ssdeep":"3072:1RLjX5rCXgh/gnindnVpUYMdRsOaS0g8kNPqNJDdzB5QZpLh9HN6B7qmkz+uyOo:vX5rCQh/gnENMdRZx8IPqNNVBe7nHNav","tlshash":"bbf312124c78f6b45c7bd3e0cfe24fb6d3677e0d69d4c618216e081dca2ce8a96a2156","first_seen":"2026-04-20T23:45:00.02395Z","last_seen":"2026-04-20T23:55:40.651749Z","times_seen":2,"resource_available":false,"data":null}},"time_used":183,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2160416789.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2160416789.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13695\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13695,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"9305dac18e03fcabeb7d29b38d8ef45d","sha1":"913b1b662ee8ae79f56652bd43ed352516a3d30a","sha256":"d434efbf86626256b700f6a940e85e0655cb7fbe4e6445b69d6649b40402de96","sha512":"f4eac0eced4e35d496033c137adaff3d1006fcb3c3216573fbc4f8de08d5c746db1df11461f319f238aa2af7dbc5119060130f9e1d6b9defa1065ee1cd5a24db","ssdeep":"384:IKE+ZscI5tXwDoVfJR9W2vaatZRK5xXBcBaqZeg1uNYQSWmXWoo:IwZuzw8nR9W2ZtZwxRcBatg3QSWmXWoo","tlshash":"a852bf36b28ae212d595577e20a44862718364478c4f93dc2ed40d4b7fdf4d189bc0af","first_seen":"2026-04-20T23:45:00.025505Z","last_seen":"2026-04-20T23:55:40.686445Z","times_seen":2,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2360551702.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2360551702.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 58957\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58957,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"8078caab54a89e1b024b6989b52b0206","sha1":"6a392b5529f3fe2f070db962bc256b0917db7c20","sha256":"ae70abace371a4d9a24203321e3c2b0fb323833eae0e37ef98fda3b5df92b101","sha512":"132a728d89a0a7e796e245e3275a8c01dd2c05964c16920a6e0ccb92640fea6e178beded0be20abd34dece4cfb9da141df695b38e89d19c781fed4b1221e3a8e","ssdeep":"1536:kCgEkHTbnkMhg0OmMvKIiT9PnlcnnJwcXuTAgoP4+oe6e5:kCgEkHTbnkMhghvKII9PwL0Ag5zFi","tlshash":"2b43024d7265e922ce6278bb6e0320cf2d899c87e1f4d38f6765de71128dbb464d0c48","first_seen":"2026-04-20T23:45:00.027202Z","last_seen":"2026-04-20T23:55:40.674263Z","times_seen":2,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":214,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2541251398.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.192Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2541251398.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 75549\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":75549,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3","md5":"923dc7900ea04f5a5215b264cf73e8b0","sha1":"2c5f30663bd5c64cab62663babfc4cb1ee053a56","sha256":"1f2afdddb8b592470f183a8dea80673ab1697b0996f6f6247bf30dfd1375409c","sha512":"d5ca94fb69c0115f3e1dc51626a10246a51e051d6741b2b06359eda2af3f7644cc241b660cc43dc697428c2e523bfc48fb4d25732ea9f77b8ec3f0ce69c2bb8f","ssdeep":"1536:CfQ2TaSSh21jQeJJuJM5rPj1qTBHJujCKDUlWqie9amS+DAv37IbMwsMF:CfqSA6xJrpqTBJoCKDUl39r2MM8F","tlshash":"88730182da46891ad78b97f4619b5e28cdb70ed8d48ec14113c75e2fbc62521a0fec0d","first_seen":"2026-04-20T23:45:00.02986Z","last_seen":"2026-04-20T23:55:40.748905Z","times_seen":2,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-9beb6b7b.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.830Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-9beb6b7b.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":646,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (563)","md5":"cd19cfdc1f335a608415b6c506e7a64c","sha1":"b2e6bef4a8357da6366a5e6885afae667bb25418","sha256":"8d8637d34ff102a20dfd79c001e18fd493f9b1f823a634230136a01f2faae17c","sha512":"d109aa497816949af207412f1cc5eb07a702f3d5937710e72131dbd7e65feff8da2b827ea38aefd14085c61613f3d6fb9bd1d94801754b3db98e1c50bf09f221","ssdeep":"","tlshash":"f0f023cc74f0b060162b24fd811b70067273d97f13bc6080e1d8947868f115d47e4e3a","first_seen":"2023-04-15T09:31:52Z","last_seen":"2026-04-20T23:55:40.653565Z","times_seen":19,"resource_available":true,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-35e033d4.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-35e033d4.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1221,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1138)","md5":"d9c83448b9418f3de6b52ee56ad74eb6","sha1":"1d6f5176840405ac6f91958f5017ff4be28503db","sha256":"02918f85392f5a1520592452248aae3909e5c5e562a6dfde311ede74c8fab921","sha512":"90cb71e562cb5e502f18ed8ee9917a7edaebc06649bc62fa3a7d36e0b1bea4ca4a658648f6be1fbef88a7fdfeb4b4171d47d5e3498480df764289146bff9c66b","ssdeep":"","tlshash":"df21b49b4b68d9ad104baab2df3d2088325a09b873e0302cf9adf1694413407e402f1f","first_seen":"2024-08-04T21:57:28Z","last_seen":"2026-04-20T23:55:40.7422Z","times_seen":19,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1778363322.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.175Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1778363322.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 109537\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":109537,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 700 x 700, 8-bit/color RGB, non-interlaced","md5":"135ae3e5d7bda7912dff05ecc787115c","sha1":"70b4503879a009ddc3566c7f33e5a4e817963240","sha256":"a360702e477fe716fec887b8437e44ca87367eb50aa9a665b40724b4c6a22f8a","sha512":"45ac797c462ff9a41434acbb4e6ad4bed8d64068af95e27fbd6590743140a62bd7f74318833868fe61182a124cbb0f90a5940f6ef4475a6a2527cf455f6ea69b","ssdeep":"3072:W41L6Lgb+ipNKbfjyKYY5DVlOKCWwpqo4:WCKC5Nwfjy/YxCKCWn","tlshash":"8db31207b191018531d2c1fbe0362dedae6d6e43513ea66c16cef47284a7c36c76ad8b","first_seen":"2026-04-20T23:45:00.037228Z","last_seen":"2026-04-20T23:55:40.643472Z","times_seen":2,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":151,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2016929777.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2016929777.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 194017\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":194017,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"18bf615e67e2c7a9aebb7ea5df12ce3f","sha1":"40140bebe4021eceee7b8ab185a14e82cd34960a","sha256":"a4a6ebb3b630f0f72e30bd3d15e7f67ce7114286c8a23151c335b15533e9ae1b","sha512":"b6b0afa124179235ea6c5138fd55d7f6e6dd36429cabc1e509af96a19b86d191c62f4cd352d4ce8117a9fe5d51c860f4a9dc9554e3d81342c3131b44e35c0655","ssdeep":"3072:0yaFSE+Nym3FfMSHenHLrckt6zkSe6G44POkLIDAVgQN8qoQ5F+HJm2i9qoUIQCW:01rqJMxHvx6G5POcVHN8LdNi/UTS3wWE","tlshash":"f31402eeb88fb4207face2185a415cc85d92bedbe7badcb54b500ad0809f655524f31c","first_seen":"2026-04-20T23:45:00.040518Z","last_seen":"2026-04-20T23:55:40.682821Z","times_seen":2,"resource_available":false,"data":null}},"time_used":185,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2233968268.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2233968268.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 213738\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":213738,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"da52d6600174967e69b686b1cca99df7","sha1":"fb0e7ba0f8669ada2c0aa29f95f8128638ec5376","sha256":"336d0565ee7af85be14b75b58f2f01b3ff1581c210fbf0fde7a9da3ce3e0db87","sha512":"1455f7f254df0d120edf822dbb8ddeb6fc0564b0f945952e862f76d385fbd7b7a72bf2e42d90a853df1022ebdd0079a4568a3629b0a6e1eb588d19248a6761d3","ssdeep":"6144:2g3uKiJEbv2kbG6apFGInfKBnVIq433+qa5Rc:2JIT2kGpq433v","tlshash":"4624127b3ba36ae9da6d91390484ccb92d947981c4bd0974ce84c6dad27e1600a6ffc1","first_seen":"2026-04-20T23:45:00.042909Z","last_seen":"2026-04-20T23:55:40.692385Z","times_seen":2,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cdn.salla.network/js/swiper@8.js","fqdn":"cdn.salla.network","domain":"salla.network","tld":"network"},"ip":{"addr":"104.18.34.187","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.474Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"salla.network","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 22 Mar 2026 16:15:36 GMT","end":"Sat, 20 Jun 2026 16:15:35 GMT"},"fingerprint":{"sha1":"4F:52:91:12:B2:9E:52:95:C5:6D:D2:FE:B2:93:9F:C1:69:53:C3:35","sha256":"AD:1B:61:10:4B:64:BF:62:D5:57:AA:89:90:98:75:8F:FC:84:66:F4:61:90:AD:C6:B8:9C:46:C9:46:E9:CF:B4"}}},"request":{"raw":"GET /js/swiper@8.js HTTP/1.1\r\nHost: cdn.salla.network\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nserver: cloudflare\r\nx-oss-request-id: 69E6BA33751C3D393148FB8B\r\naccess-control-allow-origin: *\r\nlast-modified: Wed, 07 Jun 2023 07:36:34 GMT\r\nx-oss-object-type: Normal\r\nx-oss-hash-crc64ecma: 6345871509132549509\r\nx-oss-storage-class: Standard\r\ncontent-md5: JP2PeWYJ15/Le25a51RDOw==\r\nx-oss-server-time: 1\r\ncache-control: public, max-age=31536000\r\nexpires: Tue, 20 Apr 2027 23:43:47 GMT\r\ncf-cache-status: MISS\r\netag: W/\"24FD8F796609D79FCB7B6E5AE754433B\"\r\ncontent-encoding: br\r\ncf-ray: 9ef80361f81bb521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Alibaba Cloud Object Storage Service","description":"Alibaba Cloud Object Storage Service (OSS) is a cloud-based object storage service provided by Alibaba Cloud, which allows users to store and access large amounts of data in the cloud.","website":"https://www.alibabacloud.com/product/object-storage-service","common_platform_enumeration":"","icon":"Alibaba Cloud.svg","categories":["IaaS"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":143706,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65280)","md5":"24fd8f796609d79fcb7b6e5ae754433b","sha1":"f4dc8d46086739c58121185b2d0f4e190710f11b","sha256":"f645b12f27c4e9c1210d5725cfa894b86464372e7b1becbe47126a5fe82f9ade","sha512":"87956ffa7fb3d1e467949a14956319e0f2d0bf825f68256d814f53b518cd62e365b52e500aa8b80f87999f8524cd966e1b6a78541cf760896c07b036355adbc3","ssdeep":"3072:RJLCyDdkEUYnafpoy9v8cIWyUaV4y+oGeJM91EfrNK/YvF:RJLC4dkEUYnafpl9v8cIWybV4y+oGMMC","tlshash":"c3e3f8896360b1a552e3268b93a9c651e3b51400b409c4e871bd0c9b6d7ed9813ffffe","first_seen":"2023-03-13T12:29:47Z","last_seen":"2026-05-02T06:33:37.91701Z","times_seen":12052,"resource_available":true,"data":null}},"time_used":206,"timings":{"blocked":38,"dns":22,"connect":2,"send":0,"wait":129,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/cdn-cgi/rum?","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:49.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"POST /cdn-cgi/rum? HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\ncontent-type: application/json\r\nContent-Length: 1054\r\nOrigin: https://wa-fi-store.site\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1054,"data":"{\"memory\":{},\"resources\":[],\"referrer\":\"\",\"eventType\":1,\"firstPaint\":0,\"firstContentfulPaint\":1103,\"startTime\":1776728625109,\"versions\":{\"fl\":\"2024.10.5\",\"js\":\"2024.6.1\",\"timings\":2},\"pageloadId\":\"6dc460b2-d76d-41a8-bcb2-7f8aec90f69c\",\"location\":\"https://wa-fi-store.site/ar/\",\"nt\":\"navigate\",\"serverTimings\":[],\"timingsV2\":{\"unloadEventStart\":0,\"unloadEventEnd\":0,\"domInteractive\":1468,\"domContentLoadedEventStart\":1544,\"domContentLoadedEventEnd\":1550,\"domComplete\":2738,\"loadEventStart\":2738,\"loadEventEnd\":2750,\"type\":\"navigate\",\"redirectCount\":0,\"initiatorType\":\"navigation\",\"nextHopProtocol\":\"h2\",\"workerStart\":0,\"redirectStart\":0,\"redirectEnd\":0,\"fetchStart\":364,\"domainLookupStart\":364,\"domainLookupEnd\":364,\"connectStart\":364,\"connectEnd\":364,\"secureConnectionStart\":364,\"requestStart\":366,\"responseStart\":423,\"responseEnd\":520,\"transferSize\":60752,\"encodedBodySize\":60407,\"decodedBodySize\":946446,\"name\":\"https://wa-fi-store.site/ar/\",\"entryType\":\"navigation\",\"startTime\":0,\"duration\":2750},\"siteToken\":\"0ba4cd7067784c07aa8f5f733dd0f1a2\",\"st\":2}"}},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:49 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":422,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"2bd3dedf27d6559b45d7eed2b83cd7ac","sha1":"68249d93685aee8383a8feed275918215e8b824e","sha256":"f89c2877c9c35b2450b7808e00953a4bbcdbfa3449e4466b8b925685b3caba83","sha512":"e92ce6d3bcdc572d1d8de9db4a863d38b869b8c694fc0ba9a8b203737aba93e9a5fc1e0850f9257368db449a5b5d4118d46ff67dca261c4bddf441451b6c764f","ssdeep":"","tlshash":"a9e0ab4f005a73934911e2907dc01291b24523ff387192b936c4d46b604897dc9a96cd","first_seen":"2026-04-20T23:45:00.045639Z","last_seen":"2026-04-20T23:55:40.624913Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/ar/","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T23:43:45.477Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /ar/ HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nset-cookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7; path=/\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":946446,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1627), with CRLF line terminators","md5":"d6ef3c982e24c3867eec507c603ae0d6","sha1":"315c3a92fc8b3009b479df022fff110ec5921144","sha256":"1e4ff647c4effa7daa219ef2b912cf92d6edf291576750162485ad7df8152707","sha512":"87cad759436d4a7ed20e193b892eb998e7160177b219dc38fb43fb6ebd6206f6d2ec7bf6112a02117ed8d848c5e8928384fec5bf62923f3ecb073f328b142987","ssdeep":"3072:CB+MhSRhcXdOD1VP8jfA9tiMNUnzVsB0bh6wORjPnBDEvmlcjrhEYhooU:CB+iFXdgagNUNh6wORjPnH/oU","tlshash":"5415fee4d0f529b64073caa45160b7dbfe80ba13c6835504baecb367afb6d06871365c","first_seen":"2026-04-20T23:45:00.047197Z","last_seen":"2026-04-20T23:55:40.736759Z","times_seen":2,"resource_available":true,"data":null}},"time_used":58,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":58,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1892032414.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1892032414.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 70626\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":70626,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fb0a0798f7f85f2b9faab249efb106ec","sha1":"de3ff102844a3f53af074aaf8b7b009505c58fea","sha256":"25bad62fb6300ab37db731e604a020256ad2c58d36a4d2ee3b60365ed46eb89e","sha512":"08df58eafb1015395b47e1a6363b0ceb5b4dc3234475bffe3a6634fb446e63006a0657683e116ef5e1099aa5886105e3668e792ab3856cc91458144d32a41c2a","ssdeep":"1536:19TfQk7MZkK+lmu4GzIHJC5fs3wXr0a1U0eF82lo8jQb:19jQkQ8lmiUIZD70QU0exo8K","tlshash":"b463f1465fa2ad36fd1c7435894d7795ecc6c210fa03097b100ae2678e4ba9f2cba75c","first_seen":"2026-04-20T23:45:00.048902Z","last_seen":"2026-04-20T23:55:40.594052Z","times_seen":2,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2410698535.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.932Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2410698535.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 38854\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":38854,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"12a605112de1dc8fe4a3bad5aaddbb42","sha1":"352747e64193e616f3e1112a8927c31427760364","sha256":"5052e7fad1d21775487696d8bb682bdcc674e28a48c5455de3627d798d54f047","sha512":"7a3792327b1c22c08c5d97161cf706c524494d5561ffd6b086f8b33b40b724b5789133dd0e2bb4ae01911c0b1740ddb3ca6206e6b3a4ecf358494698a7bb4788","ssdeep":"768:d+tvqQVdEy4G/IGGTPCc5xDuZKX0iaCutyRueqDta+kMxjHOol1:QLERGGTvxDuZCOCWy8eLRauA1","tlshash":"5003e111ca634d8cfe7b7c7620850e74c395747227e7ede14435ec0ea68f9b69ba4288","first_seen":"2026-04-20T23:45:00.05116Z","last_seen":"2026-04-20T23:55:40.60168Z","times_seen":2,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1783492526.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.052Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1783492526.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7732\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7732,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d0f3cddd67317274e5d81ea14d6ca9a3","sha1":"48ffa0bc71d0449a647cde788d57f81847b450ed","sha256":"a356dd3cb52a4a6a6f2142bba397679adba42afe605010e45a09ff7456478622","sha512":"7906f0fe3da043186cdf92e5994519aa725bd5ebe8d3a3c8741beca91279547d21c67cd003126fa3923031481b4e278e17c1cbad9dc6d2ea939273fddd7fe54f","ssdeep":"192:52k2sYJGaRvq/8RMjaBf2xGy1PNKvl+T015g+c:ok2VJG8mj9xGy1PNul+Tmq+c","tlshash":"8cf1ae30e3affa62c4262a7a01434d4c529b68e0b144a528e75957c11633efb7bd4d3a","first_seen":"2026-04-20T23:45:00.053417Z","last_seen":"2026-04-20T23:55:40.636753Z","times_seen":2,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2244874447.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.107Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2244874447.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 54006\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":54006,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"a2f0007cf726e4426d4219fccad3a3f3","sha1":"6a4ba3c63981fbdfd91640d77001030d4dad3b76","sha256":"af079f42445efd52d139143752f19e8fce13f19e4a8c3eb6c4e5e89801d03b4c","sha512":"1d1b5dba7dd969235009cb31b90e5417c1110dba3d4d26d07c71a1a0285b2dc1a704483b8765c60215c8807faacb8b88e8bb26d4b96336e74523d99b619931f5","ssdeep":"768:GuhStH56/Q7XokCR5/iGjn8huGWeZKJH6NxxB2ddWf2SPAGZffVnpLvzod9EG:GuhKZiiQqwqbBCdWfft1E/","tlshash":"7533f100b185eec6d2d4be30045b2204b7948e36f742512b562d4fb2def2e799f098ec","first_seen":"2026-04-20T23:45:00.055212Z","last_seen":"2026-04-20T23:55:40.725302Z","times_seen":2,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/JPRGC9ywAeu27icx4318t2iO2WMQG1Mi4rC5lDzU.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/JPRGC9ywAeu27icx4318t2iO2WMQG1Mi4rC5lDzU.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 15567\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 115, 8-bit/color RGBA, non-interlaced","md5":"74b7cb6e3ac681b3802ade222715a8b9","sha1":"1c2316bb504181bff789d85b98b2d80591193138","sha256":"ba6e9fe0249af00c70dc1dce7da30be0d1b9acafdf5919ee059c041f69c51e1d","sha512":"8095a3bb7877e6b7e33dfbf99167c96c263b0ad40d6de2319300e800149d26eeeb9d2beb7591bd116e90a575500e5591212369a94f8fec30d3bdd1086fb8c1ec","ssdeep":"384:AutstG09/JjQbx9mY6nvi28GXYO5iub2n75+6/IYOpC:vWGI/JjsHmhzn59s75JOpC","tlshash":"e462c0d4f724386aba292b49b527f28ab56581fddc7854e4f0981357b8e53e2c0b421c","first_seen":"2026-04-20T23:45:00.067124Z","last_seen":"2026-04-20T23:55:40.676869Z","times_seen":2,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-910b705d.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-910b705d.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":956,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (873)","md5":"177eb245f3795176554996713c1d2bcf","sha1":"3c8aef6018690009260a1e2a9847421a2c39c9cc","sha256":"7fd825003bdde4cef63d45088b731bcd0c7fbdbf920b3cc4dc9d745af25baa52","sha512":"22d3be909ac1cd0c8b02cc6cce08d562f6304277779fddcd0c9b7179023fff1e989001bfdff2667e7b5caabcce44e3cb672871ec45034e220c414a4108c6cd48","ssdeep":"","tlshash":"b0119cfae7f4a0e0b85e75448f765c96211268f84ea0cc4cb37da845d057dde9330d59","first_seen":"2024-08-04T21:57:28Z","last_seen":"2026-04-20T23:55:40.75635Z","times_seen":19,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1879621832.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.910Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1879621832.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 37066\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":37066,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bec866f019daded7201cab396f93ff19","sha1":"c080144838fc9dfb3dfe2b55128ef971f427e96b","sha256":"7ad82c6cc8b1400412dd2ac793180e720ea6c2cb6cf49b47a45f36df99b67c84","sha512":"17628fed67077e24b249651c1cf34fbcc34ce5a126674a99004c2fb34df93398e1239eba982806aee45664001c3f32a98a4765fd00d39cb3a60e59a81400487b","ssdeep":"768:IQx+VaT/Ofeu5QI/OKoo4b1Be2XLVIpTdoPwoz9u9U0OrEQQ:IQ89eKQvKoo4JXXiuZIIrQ","tlshash":"b6f2e0ca9617ce77f2547f72c9ed4cbb970e8f3dde468c90229b0e621d62c22190a1c1","first_seen":"2026-04-20T23:45:00.073085Z","last_seen":"2026-04-20T23:55:40.754729Z","times_seen":2,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2110359791.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.956Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2110359791.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 32758\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":32758,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4c6192f0a14696748d814f5e68cd9750","sha1":"b0e01fbd15df5019f6512e510a8830819c9167be","sha256":"bb948a7154a522aa26cb40c8388aab104190b532c35027fdbd62887e36ad40ad","sha512":"a2a8650d2a30351c191fb0bde85eab5ef298b91de912fa15eb2185653c7edf2102563b3007e94a7891a36b5d5aab567b6168e34f86634e383e69cc488fde24bc","ssdeep":"768:Dnnn8aURD1MOTejwhCIhPGZgypRxN1peAwj:Dw5l4whCnppRfeAe","tlshash":"0fe201c995dd2091eae2fc3602413ffbdaf663ae6ba2c73f137151a0645f6e81845b40","first_seen":"2026-04-20T23:45:00.076259Z","last_seen":"2026-04-20T23:55:40.748291Z","times_seen":2,"resource_available":false,"data":null}},"time_used":120,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2642632425.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2642632425.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 57362\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":57362,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"68e357699ff9d752072dc222c1c41a44","sha1":"74bd5201dc5da8b44601b639933b2c0d815836b9","sha256":"c265eeeae292d5caf9f9b7562676b08e4f844dc9cd4b897eb083888eb9f9982f","sha512":"582bfda84f527983b85b25d2fe1b4b77c7724880556c89230b646ef99e7f4aa87bdf0fd019045c2d1cb6d751c269734066ad3bec5feac4a16c1d17c23f9a724f","ssdeep":"1536:Bal66SWbKY1fG0N+pyaO/azguwyofC7rt7WSbs:Bal6PWbTFG0IIaO/OgRS7rtCt","tlshash":"e443f152f1228005d4b1217347993765d945fa8c7b76cadba123ccf04b9eada737232a","first_seen":"2026-04-20T23:45:00.079327Z","last_seen":"2026-04-20T23:55:40.705434Z","times_seen":2,"resource_available":false,"data":null}},"time_used":116,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1747487391.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1747487391.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 26140\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26140,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b10826feb87ac0fae6b3d9f86b818685","sha1":"ef32a565bb294b601ec03ffab44c05e1e718e855","sha256":"a421e099498f4132ad64789181df88121a4e1f48c9776dffb6c59cc6ae4fa254","sha512":"7e8b1a5d5b3a2f06281440657e2b8f4158984c9d9074eda0c5aef29603449d3239368ac6bba1c1b8ecc4e9d46c23b75c230cdf8cdf482977240f96f5af6857f8","ssdeep":"768:M/uJIn8XktO62ivD8P/Axio+cb1JRh7WubFfT9fP:M/uJI8XksID85sPzZbNxfP","tlshash":"46c2ad5389ff2d61ea12eaf839a12a3bc153d45b19054fec75f4823ba92e549fcb1403","first_seen":"2026-04-20T23:45:00.083111Z","last_seen":"2026-04-20T23:55:40.680341Z","times_seen":2,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2209546785.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2209546785.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 45650\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":45650,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"dc6dfe8d7cde447d88432fad1b5a2880","sha1":"944f7d8d2c5a736af5d6aacefd139ca16f2da2df","sha256":"42efb3dd9ce7b01c48b1d945a2fdc4e061f1ce8181d34a58938844f5d053a0c1","sha512":"8c96e456579c237ed22f44ab642d6a3564421150ae41281fae3713b2fd25b8b1f29d68e673449c36ea869b45db6902589e9cd3152a095fb1e57951085b54235d","ssdeep":"768:3WdCuZBxdxS4M+0D6TI8CHjfwgY9b788T3MIxbwSy+HQb4dhv7Zkv03:GYuXxs+uZnHjfEzxkQHQ25Zg03","tlshash":"f523f179be13be5ffcd28bb252d31bc5549529181f3d688abba0032ab8764031c9cc64","first_seen":"2026-04-20T23:45:00.084874Z","last_seen":"2026-04-20T23:55:40.724337Z","times_seen":2,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2373693492.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.016Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2373693492.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 47490\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47490,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"82761db96597c4e8c61640ac420276f3","sha1":"cac7174e2a65eba9cf3211d770adf000d103a09e","sha256":"53eea7f68c660b6ca54a0fc2083d971518db573682c79f3fb2fd7f78db5d2bf7","sha512":"42a60e65e65d43f89fd1124a0f5aea960798dd30a784b89e144208b9fa8f942d9680083427582d2dfe0ad0e1a1d857688f0465b869f9932f09efcfd2b7b7fed0","ssdeep":"768:pJ1LFmLix71aK81hZxDQQTxx3t5eWywLE+RPjbVpb6Lo8PVEns+eyd0kHzAw3FzA:n1JAi51aL9xDQQTLHRPjhpbeo8NEs+eR","tlshash":"69230219eeec7584cab2f7771e0909d9d107b02841f58ea9a03c9876b7e47058fe0eb0","first_seen":"2026-04-20T23:45:00.091987Z","last_seen":"2026-04-20T23:55:40.631056Z","times_seen":2,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2066562383.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2066562383.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13948\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13948,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"ce0fcb68686c836ba9cbf4a786621229","sha1":"2d8419afbf1080a77dfdcbf73324148e82e75171","sha256":"0ae6fe1a69234e7b62a6e20eaf4c682f1e84810931f7337a6ce55208d8e8fdb8","sha512":"f7c51b7ff1c374616a5ff497e60a55f6728d6e4e7ab92a03dd37ca2cfeda71e188a5ce6b0587b3bd6a1bbc06785f8fee89aa1b8814d2adc9854fdb837b955a7b","ssdeep":"192:JfVHpqfD4rHeloWTUxTNEn1aGErNkM4nRH/yBEf0STy9MFYoZtmSLXVFpA0sKuU/:DpqqLlTNhGErXgqBE8SW+K2bVFp8uKc","tlshash":"cc52bf211f1446c2e502efb5a2c22376d7285d9a1ff5eaddf628d36f277494a938cc01","first_seen":"2026-04-20T23:45:00.101934Z","last_seen":"2026-04-20T23:55:40.666828Z","times_seen":2,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1757779401_3974.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.820Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1757779401_3974.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 31128\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31128,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality\", baseline, precision 8, 800x800, components 3","md5":"caea3184fbbde98c7136c16be995edbd","sha1":"4a3e1b6f84e478faad8bf32294dd364260e987d3","sha256":"952a252f27ebc354ef96f412c89a5d29deb849189c3b7aad90bad0b95ba2a8da","sha512":"994bc15525fefee5ba841df9eca4976679c3b426420edeecba563c6384c7e9b04e2406a0afd3494f8585efb7694bcbd28199ae691ef8a4b4b52ef7f3d150f699","ssdeep":"768:LEhpdBhkQtHvgkst1V9mGDBE0iwYuveDw5//DnTYM7UQOvvb:gh/BhRtHv6t1Vly0qpDw5/LnTYMQj","tlshash":"32e218178d198bc3652897e5be074eac3f152b0ce89139fe05634edb3e24a615cad06e","first_seen":"2026-04-09T15:47:19.260194Z","last_seen":"2026-04-25T09:03:47.098476Z","times_seen":5,"resource_available":false,"data":null}},"time_used":80,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2449995240.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.842Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2449995240.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10470\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10470,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 640x640, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"fa35d6c381d71d9cef402fff76a14e2c","sha1":"c2b47bbaf0f3396f0d20787a0ca13421f669711c","sha256":"1df37fc65550e9012c99cf9d0c559216f5f11aac200db037291b5e2ca21e5211","sha512":"200ed5f5da8beadec83ee740f31f7f4cb58c4dd0dd4367f676207f5cc4f4d5e62c01bb46ee2a322c0159ca792c3d05e85f4315ce252a44f3b7e11b8b93077f37","ssdeep":"192:zEP7WXsLTv48dMfPCgY2UCHxzYgDuvwvlpOgwxnVk8bfnqNvpDblnJOxJtE:zEDW8Lc8KPPH1YgDuv48gGGwfqNvpPlT","tlshash":"bd22ae65f67fa6b845d6d8e168f7e0ec4a0ce891d7f04af324dc078400ca7e52ae8529","first_seen":"2026-04-20T23:45:00.105157Z","last_seen":"2026-04-20T23:55:40.628991Z","times_seen":2,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":101,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2251944532.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.866Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2251944532.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 159799\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":159799,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 2048x2048, components 3","md5":"6661d2de842b48c85686798aadf9b5c5","sha1":"fea626fc1f866c2ea4c7bfd1e6d49f1b4356225c","sha256":"056d1c719e9debd6efa2cd244853a0f1b406d1f66203f7c28d5a482c8ac34480","sha512":"d38689947ecd7ed2f9c9b34db5a4f0944ad803dfa6400bbdb684de8b40876f46465988702aa98c4b816ec1c9ab21816b0fbf7a7ea797438d63b6a55676e2e94f","ssdeep":"3072:hMVVDTIJe0rENrDk97ERAe1/pQ0O59juXkkEtkecdHo:hGd0rEb91+009dkEieYI","tlshash":"58f3128ff7091809ce4477b289a73791373a3fb10bd9252deba096395df8b542d1c298","first_seen":"2026-04-20T23:45:00.107589Z","last_seen":"2026-04-20T23:55:40.694806Z","times_seen":2,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":94,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1940249729.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1940249729.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 133495\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":133495,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 2048x2048, components 3","md5":"8977def82cf5f697ada29f321f47e73a","sha1":"8204d5e3eb99ed00da5b5aa5c3cf429f09bba495","sha256":"05171b078edd6557d1fdeb5a5f580a99ace7f26b593e142fffa210aaa12c77b9","sha512":"1c5e703802d39381d2ddf7048bf6c9fb7182c725126cf8f15861e4b408cebcb256ee61d49a80c5158b121b8c5a90bf51f52e80b8a9c02a6a3b2fc4389ca919b0","ssdeep":"3072:dM0qVHABV8J9DkDDughXApXaieMCUOWmk6x3hdTgyuISUK5:dMhHABV8pkDDukwoitLFnO5z3W5","tlshash":"9dd3027ae16b40c7e0d755b24e0a82791bb11076033560baade4cd7449e0ab8ecee73c","first_seen":"2026-04-20T23:45:00.109224Z","last_seen":"2026-04-20T23:55:40.664351Z","times_seen":2,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":61,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2610580660.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2610580660.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 19760\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19760,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"5a5d45c5c41e6bd626b3c19012604dfd","sha1":"e91afa04ff8ff54b76554cb5a56c6eb0de1db7c7","sha256":"b3d4d4580551aa3c98ca863976f5b416172f4cdf6f516ab785fadf61003ca5bd","sha512":"45ab3f4ed4988e0521c754dce4f1d70a46db964c06794bbfb46ddbbdf6d837b625a7b163fa978ffc4d1b7c47b631a5bf2a4d7343e425b4ef65a283465df51200","ssdeep":"384:w06V8qttjjXn27BWlMIfyQyegLNGQ/f5X+RbHCugaXi8uO1k2vec:wyqTn3MIf/uwQ/BAFLi8umFr","tlshash":"b492c1a35f6e3c3fe254c4b72f950b5557493a6e1ad4765b32822b700f5748ca8b40cb","first_seen":"2026-04-20T23:45:00.111457Z","last_seen":"2026-04-20T23:55:40.618721Z","times_seen":2,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2724199477.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.168Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2724199477.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 439801\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":439801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"6668a0d8af55ca2415ccb57523180387","sha1":"2a577f1fa33fa3ee0b12f0b42bf674f58e8ab40e","sha256":"ad43afebdf37645982c2d1b0d3dc4f413788093748f8b9e357dca7349f1c8455","sha512":"75b33e759551df65729db656cdbaeed3132bde44eb8309edd2c816d5715d62e715dd0dd3109c60a927b9045de440f0c1c26a57ac1446b712d46be82f8bbeb79b","ssdeep":"12288:dJHMYgw40VvmKDvGVPI1EH4YP4obDi9Wk2:/qMOKDeVGEH4OT7","tlshash":"07942356b51f49b7fce9e83190c008a7e7f078a60a4caeaedc0a7c8591336d8d52735d","first_seen":"2026-04-20T23:45:00.113375Z","last_seen":"2026-04-20T23:55:40.755877Z","times_seen":2,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":146,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2241114208.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2241114208.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8776\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8776,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"c30635f90896672017689023bc8e9060","sha1":"4fdd179b9f9515298f3bd961075e9612676415e5","sha256":"8bf21df70281e20b0c9407c021b3fa520563864ea79fb59bab8e057a9e909c41","sha512":"1160b69c7c9faec378cd1e1510f1d34ca195fb8cfe2064e7f2f2afdd6bb9c7ed83d17d93957547364dab835a494fee3146390c1ca5356f5fdde49fdef5aaaade","ssdeep":"192:EJbwiWzOQ/2oYSWpC7g2ouyXNDRfvpRUnDsZBh4o:W+YoYSWpCx8dNvj","tlshash":"c2029e487544d320fd05fa30a1bc603a85108677ab425fafaa3f6c3665bc3b497e4926","first_seen":"2026-04-20T23:45:00.115053Z","last_seen":"2026-04-20T23:55:40.722732Z","times_seen":2,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1837079748.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.271Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1837079748.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 12503\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12503,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"e3f4af1fc1d362282fbbdcd8d88b8224","sha1":"3005a42c7ab7a43f608c8917daa2a96abd398e42","sha256":"fb5ea483d2b88cc1f4d5454a07fdd4590714cde98f1e0f73e684c783e563da0d","sha512":"c88f77e191180d2b58f1b40b2f42f7c87cb85af3c99b7a38de43c1507bc95cc665ec284a29540f01df1974134d654a194cd98417510e8c47d89767c9a485bc27","ssdeep":"384:0M+ljUcOY35bgzkQLmgXsUjDnDjne/zlgtCqMJiJNn:0MYJOY3sXsUjDO7/DJiT","tlshash":"6642be1af7409bcdf256d13c03418a5ba0b45eb4772dcfdf10ab2f9c287b2caa042468","first_seen":"2026-04-20T23:45:00.117318Z","last_seen":"2026-04-20T23:55:40.606059Z","times_seen":2,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":215,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2047820692.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2047820692.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 111120\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111120,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"e1698baa81abb5111b576e8c403c64ac","sha1":"12b9951becd47ed0e3784b63fb856c7fe7193f47","sha256":"074c0315ac7f3480bcc0c7eeb9440ad73eb98ff987a4de25e4cc836219901881","sha512":"e0d08977e46f83a4ae5e87cd4af8a91454147bbf712381d33eac57d4b24b4bd2c6f89fb343ffc6d8cff02456623f39339d9ac5bf105cbfed002c753ae1882d50","ssdeep":"3072:nU+7/9Cvr7EPA/B16epgDuacvaBMr8h63+/icEVk4L:nPYjN/P6+gK8Iqiqs","tlshash":"25b3e027283290431527df08ecd69fae2750f6cab51a5bb4e05ece547288f95dc1cbb2","first_seen":"2026-04-20T23:45:00.118593Z","last_seen":"2026-04-20T23:55:40.637335Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/zuck.js/dist/zuck.min.css","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.799Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /zuck.js/dist/zuck.min.css HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:44 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":12038,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (12038), with no line terminators","md5":"e729964e4ce2cb667827a624df3e0df3","sha1":"cd8dc13e34a341dd0c00f9ee7dcb4c1d76a1fcef","sha256":"9c314b299a999d2794a5c8e8216d537b497c0f04ab7165cd8d617ccba72057bd","sha512":"ed7024449b165cc414a5f2a8a36845722f960bff989cb104fd8e2d4fb97498131324cb8e1a05b5911fb2ae259e76a8750d18f803ab5b1babe8e87d6b30fa2e0f","ssdeep":"96:YeQ3aTG4tmqc2+joOxSNoB5tpuZfo9teEIAmU0qNWdVASUo9FSE+337SM:Y1Sttmk+0OxOoBzIhoqEOlqNxtonzSx","tlshash":"5842127648e9127c68fbc5736ac8af8db04f9401c1a69fdda1f2d08d11e568d2b90791","first_seen":"2023-08-30T15:05:19Z","last_seen":"2026-04-20T23:55:40.716192Z","times_seen":15,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1753684144.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.869Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1753684144.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 165407\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":165407,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 2048x2048, components 3","md5":"3a11610b07d24b0f6c79c19d518ec2f2","sha1":"ec348e12bb26c57a2531dc2c6557ee949727db36","sha256":"faa2a7c147c0c403efae4904064df2f01f5d84534d55c29a5abd9c193f94bec6","sha512":"d759e2f013c80bb5fca6cf51757973aea2943bfb967f094c5ecd8f0191bc7083177e93b66a427a28e5d984ed4b3c30ddd14d5bebcd51a357ac6e2db8c687493c","ssdeep":"3072:fKso3bkHhkgp9qUleLkZSCtkJTYZ5byW0QqhIMIkcA9B12WxWtu:fKsuard483ZM8vMlZZB2u","tlshash":"68f3120d86ddd969d3be83b08ec31b187b3541596523c187632ea43286897387ffda4e","first_seen":"2026-04-20T23:45:00.120706Z","last_seen":"2026-04-20T23:55:40.754184Z","times_seen":2,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":85,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2695357631.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.948Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2695357631.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 28412\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":28412,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c7f28db419d242e0a08bec01acbe6b3d","sha1":"7d13474d3eb5067e5df67669f9d44c72b62088b5","sha256":"ee729a065dc9aebef2df5539ecb00e1c361d55baee027009d4b063502742733d","sha512":"8b9c44d9b303cc02fc9ec69893b570798f902a8c7f43c8a773c74200caab6b7922ac256d93ce53768f87b747bb4599006ebb90c096e339285c12e7d2af558124","ssdeep":"768:GNWZCLSfVVBt8RXvcKWW3z8YV8uogl8pys:GNWf9mVvQuVVFoglls","tlshash":"37d2e0e367735c21dfe839b4780fafb1492f1a8c529a8aa0c0d057186e073115af5ecb","first_seen":"2026-04-20T23:45:00.123442Z","last_seen":"2026-04-20T23:55:40.672008Z","times_seen":2,"resource_available":false,"data":null}},"time_used":121,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":85,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2414179145.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.987Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2414179145.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 33306\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33306,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"95fb6e8864f4e831a6d22d95513f6d99","sha1":"71520d0b710fde39e7f666b1950a1edda288a8a5","sha256":"32d937c340d1bbe7b868e79fa0cd40e2780fe1185a246f18f0cd3dcc94a18fe1","sha512":"4fa95177422c08a97a61b88ccb6914510b049d369c477026cb7801698e1f01da71878928ea09426de5c5238102bfbafda4a81f03291f3e7fdb15d54d1242551d","ssdeep":"768:ySuUyscY/4CWv/Lo4jb7y4Zy5d9evPn4fX8I:bhyJeYk4jb7y4yd9evPkX8I","tlshash":"8fe2e126fd99cbbcf4c4727d3ec35d8d926bab494cb9b94a6824558ede033454388b01","first_seen":"2026-04-20T23:45:00.12611Z","last_seen":"2026-04-20T23:55:40.680932Z","times_seen":2,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2483995042.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.027Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2483995042.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8224\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8224,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"20e5908cd11221956f27543bfc93e126","sha1":"a1a97c1dd188a555d443e7db2a0df6e442c2178f","sha256":"0ef087c80263fcfc163687a65019162b552476611c2635d40eb724d11085eef9","sha512":"61b47d6ce0c13a987b7c1278b513049421f19d65420f015965d97217cc83d6038345a6edf7ab6e12e8534e1c82bd944792bed1278db156bb386ff83c9be09946","ssdeep":"192:rBcqF6fzG5W+mPf9wJ8BAMYB6BbpvGg2Z3HCtdMbQQ2i1jTPyc:lcqga5kf2J8BAM4Gbpx03HaMb52yTPyc","tlshash":"e1029ede3f4d9b2cce2599bce3c1677921168bfa5e248008a282dbde3b9d2e0044157d","first_seen":"2026-04-20T23:45:00.128741Z","last_seen":"2026-04-20T23:55:40.678529Z","times_seen":2,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":123,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1874821474.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1874821474.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 108513\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":108513,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality\", baseline, precision 8, 800x800, components 3","md5":"abe67a12d61709c56eacd44200d5062a","sha1":"d4af9b2a99b081c7ddf42606650e4673c2b9f7ed","sha256":"df5eb1409d3aba1b54cd70e9c070c1aafebfcacdb2f88085ff9738958d08fd69","sha512":"3419d7d441d2eb9eed9d32507bfd9421e17bb65e0a68ad1871d9fd01560e50dde5b932b53c7e6ec7c7873d2a9056f504f6f9b88db2f5b752d7455c3e86ccd93e","ssdeep":"3072:P8jCBUp9TcgEosQD7+VmAn/tKvaCkh8AH5rIHpK:P8jL3VEX87+w7hk3i8","tlshash":"47b3027b9c564d23900c47e4fd83ac992d98e78ce5497cf6206d1ddb7e606b32e8d01a","first_seen":"2026-04-20T23:45:00.130709Z","last_seen":"2026-04-20T23:55:40.6119Z","times_seen":2,"resource_available":false,"data":null}},"time_used":167,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":159,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2071032289.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2071032289.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66946\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":66946,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"461f42bbac037188573340439cb3d4b7","sha1":"9959a916ee42e42773106c941e7b68dc4fac9589","sha256":"0a2efea6a52dfdb1d870457889eec61da41f9767aecd5edf108a46099806ae30","sha512":"97626332062d0012ba8b2a551d84a276111a36b3b1823f70380be62c12a36ada63d180fe12c3ca214041d25213f610e2f77eade6f08eeb4728e1d14e8f30ee70","ssdeep":"1536:LRtavaUjqkr9rAHZ+B/s/tQdB+EjR810YUj1nGybUC:LRQqkplB/it0gWk01nGoUC","tlshash":"a36301a9a5d3ababfa04f872f3958877cb4b21465287347e20e34f54f1441c29adc85e","first_seen":"2026-04-20T23:45:00.133771Z","last_seen":"2026-04-20T23:55:40.737936Z","times_seen":2,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":191,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1763865247.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.104Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1763865247.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 117903\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117903,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"ed094a863ca9732e08b3fca72e921fd6","sha1":"29baa2bcc5268ba58015d824b92555e562d5426f","sha256":"fd36ab0e05925b0aec43f045345873bfc1a014adc08a5dc5abb835b575314526","sha512":"0d0539d45b27e0cb4d88466c830e610dda6a00ea0f803816a6c0acbe9510f7da0a1ecd3c3fa5d0556dbc9ecfbcb83c1fea684ff05e0ff05ba0ebb7bbb6ff7c6e","ssdeep":"1536:fTJ7usLY0GJuAnUFyfF2dbfYvFGNEse3YJp3H5CqHcEkiJnMHMFrAZTsey:V7jk0oyFwF2pfYLlYJppULiJnMgrASX","tlshash":"4ab3de534c439473b40f95319f90712d210a45412aab87397cb87effba7d85e9e8be48","first_seen":"2026-04-20T23:45:00.134914Z","last_seen":"2026-04-20T23:55:40.597505Z","times_seen":2,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/images/s-empty-wide.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.853Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /themes/1034648396/1.100.0/images/s-empty-wide.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 71\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":71,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 10, 8-bit gray+alpha, non-interlaced","md5":"786a3f5fb43dd1abe066797ddda6903c","sha1":"de7f4bb4cc3d0f60d97ff464f0e63b7a2b60f086","sha256":"88eab3ea71426a6c87cb0fa1fc708db2d502e92d3ae7a25288586d9ba8767917","sha512":"0b08ef9cc68962e7d9a2e7709091422118dbf3f1403b6efcb6fb8b56cf10f628a3c9413d6378c81f57dccf79123c5e6d66386b274c707339099042d6b4173882","ssdeep":"","tlshash":"7ca022ca03a03c3ceb22233330080020ec38880280280088020b8c202ec3000f0c03a2","first_seen":"2024-08-19T20:54:32.639659Z","last_seen":"2026-04-20T23:55:40.649699Z","times_seen":5,"resource_available":false,"data":null}},"time_used":112,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2255950343.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.861Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2255950343.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38018\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":38018,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x768, components 3","md5":"b7d941efbda3d940c51d32edd4e1ccc9","sha1":"da1feb18a969169c65745fe8e6d6efdd1da4bff6","sha256":"0dc11b91a17b6d94f0006a301adafa05130d79634f57b5dde15fd95de3245d60","sha512":"87cc899d57f76ff5207873e94d65d26e0e89cf1e8dded75e8b51fcb7762624181a83aac7654b914bbbed5c3377878f8ced66ed03192a47da8a5c13b1396bad54","ssdeep":"384:swIl/mQoYe/w3PQb/iWR97FXLjD0FK5oba/azsHK35mbrC/u8WcYupV4ztlMgwMb:0I/1vT7JLXSKfAV+uUPMgJcAzvtGjg","tlshash":"d903e1fc8a49c063da86a07775ced72d06fa819256cee3939f6188c146de2c252d3d26","first_seen":"2026-04-20T23:45:00.139441Z","last_seen":"2026-04-20T23:55:40.600986Z","times_seen":2,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2456012914.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.868Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2456012914.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 114186\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":114186,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 2048x2048, components 3","md5":"85cc2f8a5a142be20ccc4e61151dedac","sha1":"3b3b7eb5dcde47e7858ce376a807b1766b26ed9f","sha256":"6bb17f52bafcaacda923f6e40471a0b8abd04c3ed0e89da1dd7a39240c2a3a6c","sha512":"2b47735048f53e327e425dafc338ba483cb75ea14540657f99423d0afc1a21591c8f0dec25565255b33d974f581754debdb4027f3f99c7fec67bc476c8496faa","ssdeep":"3072:FpT+tl/sF8QSQMGK/2U4zyofbUEllU8QR0mGLm:F5M+8GbK/gfbruR0LC","tlshash":"85b30234b7f1722fcad25338116339a26f65a9e4831b1f6b702848087bded727596c93","first_seen":"2026-04-20T23:45:00.141607Z","last_seen":"2026-04-20T23:55:40.688639Z","times_seen":2,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2192607313.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2192607313.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 49930\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49930,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"96397ab40f267f4e7f99095f2c85390b","sha1":"c4472440a9983707253d03b1bdeb23eac4f0b4a0","sha256":"d1eabe7ed930e0cb4482cb4b2a05a3a3e2d0ce20c324dcb9eac7b3a3ace24012","sha512":"119908d648ec0b01ebb1034b08cc406d09852d9238f04be5e037bfa133de359734604f8b40dcae6a7c2a96a555c503dd5fe49b78cb4bf3ae2bd2fc22c809145a","ssdeep":"1536:vQkpgdXNjh+OWeuybPfbu1n16imB9vl+Dk9qh:4kQ3+Bepb3S116/d9G","tlshash":"ae23f1c386ae5f1ef065753c444844fe475ab41e33c92eaa83770ef0ea82f629495b4d","first_seen":"2026-04-20T23:45:00.14281Z","last_seen":"2026-04-20T23:55:40.728424Z","times_seen":2,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2597093554.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2597093554.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 25038\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":25038,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 700x700, components 3","md5":"4ace411584dc8d8cc321214440e306fd","sha1":"1239dec42d8ed96a4c04a59637e5e812cebc8f9e","sha256":"dbecd93936d9cdf35c38627dd1ff223cfd45a1ac5224f8714f3af114ec1d8d9e","sha512":"f678ab90b5f1115a55336ee3a440e28f55f5e311d4212fcf76e4b9777f5103a79902404ad359736f99856181517edc574634f43b0153239f801b7c32a54d0e2d","ssdeep":"384:4eEcLkoROh5DyQEJlkoXhReTcf/i4TWL510BRw1bStNJ0OsWmQW3Jz8HNdGrev9E:4eeQOh5oJrXnZK0Bq9S/JOWmHz8K9b","tlshash":"47b2d053af20016ffbd7287915630f6aa50af09f22aac9b22f1c4425c745f6dffa4149","first_seen":"2026-04-20T23:45:00.147798Z","last_seen":"2026-04-20T23:55:40.631763Z","times_seen":2,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2539515203.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2539515203.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 79724\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":79724,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"e85dd9d78f77a7602393d9c388b03c9f","sha1":"4ad591d66ab95e92ce49b8c6c4215814a3808091","sha256":"629591fdca58c2e5a812e61f7dc300de24a11cc1fd84bbfca4504091d46b3235","sha512":"f646710cb87385464bff29a81a616a873a5f1e2e1e16a61111aa879956671865944d7d443029d8ea05c2ea2a50eabbe02880f53f97f15e25f766f12cdc57d260","ssdeep":"1536:wrHvQ7E8KyMTsWUvw24YChTvyUd1ztMg3MNpU/raaO4g6kf9:wjvGKhRUvweChxG62pmrU45q9","tlshash":"d37302461604a38ddbe3f9fca54491b3e737ca5efeb460c24785211339045cf25eaa9e","first_seen":"2026-04-20T23:45:00.148962Z","last_seen":"2026-04-20T23:55:40.712456Z","times_seen":2,"resource_available":false,"data":null}},"time_used":192,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1768010753.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.217Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1768010753.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78044\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78044,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"98bac3a2be494629b6c48368be769fbf","sha1":"98bc914c33e3a95674f8c0107ff7dc6a22b3fc47","sha256":"63ef08a7bd7fbe0678414f5c65673e98f56a5ac646522692a874fba3dba53b2c","sha512":"9633c2673dfa1cab90e1123dc44eb7fc15b0ef282e4106ceaf977696d61f903a7c554b39286cbb01d9c5ff357beb5cc959daf5fbf172e80a8be38b6b1a864210","ssdeep":"1536:xBx6TF3fa6zCyuY0lEAFZyNUeFxxLjfvK63bQg9wsIpNl4:wTta6zl52yecxx3fyC+pQ","tlshash":"4973025fb4e9cf08dc1b863298438a046b7d187b2cc4d7362c11852db76399bbd79668","first_seen":"2026-04-20T23:45:00.149967Z","last_seen":"2026-04-20T23:55:40.644236Z","times_seen":2,"resource_available":false,"data":null}},"time_used":194,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":192,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2024238088.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.037Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2024238088.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8346\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8346,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a1686436381ec584fd7d67a0a1c4f41c","sha1":"945a1f2f2b61df0c652768b1460ac84a5d5f18ea","sha256":"9ddebca343c0d666286847d1820fc789ec4a26a1c9ffd21db80cba2df6696f47","sha512":"3098aadb543fbc58b3eb0a0955c871bcb7ee3ac958758743c75b3f370fee0ea593a6578cfb69a804c0c02f7ce610276b241caf6732b8d931dd838d6fde4953f0","ssdeep":"192:FDQlgsoUarBdru4oUkygVOrFfwzbDk5VN+Uigb02zc:mgjU8qJysOrFfF5r+Uigbjc","tlshash":"0c028fefc1159880e71f10b039678b2cb25ceaeb1116995965245db19f3de5b7c5e0c0","first_seen":"2026-04-20T23:45:00.153084Z","last_seen":"2026-04-20T23:55:40.685858Z","times_seen":2,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":125,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1854225276.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.077Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1854225276.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13368\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13368,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b8dd3ae2c25e0962f02b9f0be61d12c1","sha1":"6879ddc6e721b9b0ec1341f61c27b51798e647b1","sha256":"cd39434153b74e6a674f1aa22242df2bc069334a78df4982d182b26a2ac6c7a8","sha512":"267ab196bb6b58709b1cbd514de3ecaa14078342a5defd426dd49e81359a35c7e3e81b4e613768537bb23ae3ef545f8fd2a856662c3d68e21e604aabee54f2be","ssdeep":"384:vv1v8S/nECtsVXkLEv0hD2dRW69VSFMyk6BDqTnhac:vv1ESP898hD6p6MIAh3","tlshash":"2452aff949194ff2cca025b9a7f10fd1637a74fc9b84db971188049091a28e1d37e8b9","first_seen":"2026-04-20T23:45:00.155904Z","last_seen":"2026-04-20T23:55:40.61992Z","times_seen":2,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2344613906.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.093Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2344613906.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7732\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7732,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d0f3cddd67317274e5d81ea14d6ca9a3","sha1":"48ffa0bc71d0449a647cde788d57f81847b450ed","sha256":"a356dd3cb52a4a6a6f2142bba397679adba42afe605010e45a09ff7456478622","sha512":"7906f0fe3da043186cdf92e5994519aa725bd5ebe8d3a3c8741beca91279547d21c67cd003126fa3923031481b4e278e17c1cbad9dc6d2ea939273fddd7fe54f","ssdeep":"192:52k2sYJGaRvq/8RMjaBf2xGy1PNKvl+T015g+c:ok2VJG8mj9xGy1PNul+Tmq+c","tlshash":"8cf1ae30e3affa62c4262a7a01434d4c529b68e0b144a528e75957c11633efb7bd4d3a","first_seen":"2026-04-20T23:45:00.053417Z","last_seen":"2026-04-20T23:55:40.636753Z","times_seen":2,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/fonts/sallaicons.css?v=2.0.3","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.807Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /fonts/sallaicons.css?v=2.0.3 HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48009,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"fc3886c26ff7dbdc39244741a9f6bb5c","sha1":"31d88113647ba6c4209d823e90643d349f41810c","sha256":"36fffe45f26bb116b2239464c5a20ab1fe890abd7460a17eea375db6f4f292c4","sha512":"c7a9415031198363337632c8a195efb6cd6afbbae94762915ba2c322918273dc848ebe03952cbb5b2679ed57ed385a33c238d21578d8b55ccfc94abf99c5907b","ssdeep":"384:wT0jhoO4ARf/pzQRIVBZ1SwfunatfUebaEm:wwKO4Ax/pzXVJSJatnaEm","tlshash":"c323b4b4d86e80951726d9e1b34325527705b27afe820c1df192ea8c9bf22f58583fdc","first_seen":"2026-04-20T23:45:00.157634Z","last_seen":"2026-04-20T23:55:40.703252Z","times_seen":2,"resource_available":false,"data":null}},"time_used":42,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2743442956.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2743442956.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12768\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12768,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"2aa572b6373adffe37700ce4fde7e07f","sha1":"af3106b6a9e861e23e8abf5c7e26f951da7be231","sha256":"6f181d780adff4e5a6017030e4a2eba20eb29b01fb91e35853646d79704af1b7","sha512":"ea0ac099d34bd6dad0afdd0b25240d76d7a3fa167531527eff30a15eaab3ae94aca25fe8b311e71692a3e41cfa7af254b1d96ee0023db3e8c84da96d87970afb","ssdeep":"192:Sf9kJUUZ+RLlaeGYabitiKCP8Iszywff3MEbQD908H4xqseScVJtvoRDB5aNy+Xt:aQxM9GZbiTc8I+ysJQq8Yx9Iv6/ak+yi","tlshash":"88429d2f4fd57d64f4bb0a794acf07ba173273a64b88bb448980d61f1790f8a84d025e","first_seen":"2026-04-20T23:45:00.15954Z","last_seen":"2026-04-20T23:55:40.647023Z","times_seen":2,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1855084788.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.843Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1855084788.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 72813\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":72813,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3","md5":"cc5688817538285c05d2259963d5caa4","sha1":"079b3e864a2c476901973d9f8317311c5c870d7f","sha256":"572b05934242777aaf0989f5e60d8d886265376488860c31494416c1d80a1ed4","sha512":"8dc291c7a6a48b1b721e79f7e88eb06be65f0555a21f509a5cb4d7785d038410ab3ba370f373b6ec37b5994eb5d0412ebe499338b9ae22365587255b5bb8dde8","ssdeep":"1536:FbPIkcr+/5yXBeSj3Dae5Nk60nneRFRi6vnBsFAeWx:hqruoeyDaANk60/Wei","tlshash":"0b6302bfdb11ec07d1a8d0f90eec7956027f971ca9a28d2be184db49f2314ac3930489","first_seen":"2023-10-13T18:11:25Z","last_seen":"2026-04-20T23:55:40.647943Z","times_seen":3,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2263343986.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.852Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2263343986.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 118146\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":118146,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 2048x2048, components 3","md5":"4860420f5be68da638796bf804dc435c","sha1":"ce2895e371596661e301b0c20011370ec171024b","sha256":"a3b477359222b165f4009a6b246f0d998e89facff3eb8e5430a934543453bbbd","sha512":"a4d982fed993e252d0d4325d4e45ff834e9d20732b78a5aa14081c9b6f16d54d51031828cd6de1f0ab9a38d1833879825dbe3509ca398d380f773550f887e085","ssdeep":"3072:FWr3I9l7YbuU/PRiLiLD9kSQFXXQskkGKCDT3RE+nT:M7IUuoiLEZWF/kkhCH3tT","tlshash":"a6b31275c304b943d36d69bfa5a0cb7e242a40a454e35a85eff09f14b8f27744e08f22","first_seen":"2026-04-20T23:45:00.163539Z","last_seen":"2026-04-20T23:55:40.720799Z","times_seen":2,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2409985359.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2409985359.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 107378\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":107378,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 2048x2048, components 3","md5":"5117f07fe5c94bc60fb4bb1eecef92c7","sha1":"4a87194f0c05610ada160f47ee0afb1f325e718f","sha256":"c551583542accf5648506586fc56a13b78d34046f815964170cdf4d2e8520631","sha512":"89158bcf798a805f65f533ce823bcc18a48e23f3e885be39e7c61db14678d6c8ec341dbebecb88141aabb59b7cbe2186818352ed640f1d0ab0216e057e427b1c","ssdeep":"3072:h9iVfvSl0iSqVMscM5/RsrhiPIzVHViW4WS:h9AfW0ip5QxHUVWS","tlshash":"9aa3010586585f53f8f06fb299df4e62df038018ef06981f24c41566266db89be6fb13","first_seen":"2026-04-20T23:45:00.164933Z","last_seen":"2026-04-20T23:55:40.707121Z","times_seen":2,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":49,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1927403002.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1927403002.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 82696\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":82696,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 1000x1000, components 3","md5":"7ef60f6f64fd1cca109603d2aea86d42","sha1":"5167cee9ff4477e31cdcd9f8ed29b06fd97ed992","sha256":"e34795d020805c508e4660009734206c03f1a339a30283598578ac21396f5154","sha512":"e5a74244a53c5ff3d1acfd4e9781cf09ea5ca86562aff384a27ee0b576c057cc75fa6dbb8fcf8c9ea3764156cfc766e49f6f169424097eab4fecd198631383c6","ssdeep":"1536:yJLPtlclQtiErQuMTfefznZfIgc+rW+VwdxtXgAw5IB1d/X:uLPDcl+L8JTmfznZVc+q+0xOAw5IB1dP","tlshash":"3e83add5f92458840efe4ff629ea90a3d0459871aeb3fc3c1d026ce9e864f9e9716301","first_seen":"2026-04-20T23:45:00.166584Z","last_seen":"2026-04-20T23:55:40.710408Z","times_seen":2,"resource_available":false,"data":null}},"time_used":133,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2470520236.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2470520236.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 70626\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":70626,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"fb0a0798f7f85f2b9faab249efb106ec","sha1":"de3ff102844a3f53af074aaf8b7b009505c58fea","sha256":"25bad62fb6300ab37db731e604a020256ad2c58d36a4d2ee3b60365ed46eb89e","sha512":"08df58eafb1015395b47e1a6363b0ceb5b4dc3234475bffe3a6634fb446e63006a0657683e116ef5e1099aa5886105e3668e792ab3856cc91458144d32a41c2a","ssdeep":"1536:19TfQk7MZkK+lmu4GzIHJC5fs3wXr0a1U0eF82lo8jQb:19jQkQ8lmiUIZD70QU0exo8K","tlshash":"b463f1465fa2ad36fd1c7435894d7795ecc6c210fa03097b100ae2678e4ba9f2cba75c","first_seen":"2026-04-20T23:45:00.048902Z","last_seen":"2026-04-20T23:55:40.594052Z","times_seen":2,"resource_available":false,"data":null}},"time_used":125,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":23,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2712882439.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.983Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2712882439.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 27080\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27080,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3276aa60b86bef0148d981f8cb440c61","sha1":"8b25e7b08bc68c4260b04301defc778c1efe57ae","sha256":"42ebb8e218947293739593485ca9a6cb58519775b560c0ae0da9be28dacc2b9e","sha512":"ded46395a09be1e1b2d69eb55015f3c9ee99c3955a1b576ee54553cb3bab44a3b72bec8fca0e457bd1f396575f1bcee297647246bf532e955501d5934f13f557","ssdeep":"768:5muU76LAnNxO78seWU2B0+bva6m1gKHR2tN79uRbyY:bU7cSfO78Sb0+Ghfxq7MRbt","tlshash":"f3c2df8a5240efc2e17574f94b0d17b06dc21dd7166bfc86c3bd667207a2ac498a7ea0","first_seen":"2026-04-20T23:45:00.169968Z","last_seen":"2026-04-20T23:55:40.602674Z","times_seen":2,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2066597628.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2066597628.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 100083\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":100083,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3","md5":"1a6d97a63fd57df295cb9ae7ad240e6f","sha1":"e44ab06f3d8d2d96f4602b8bde2df8e0b2ced27b","sha256":"295e103fa80a2abc79114ec7749046421d1f69fd944f304503c7c9eac938bf91","sha512":"1e6fc64d74103fed67990df0adfeb481ac7600f51359d914f99f8ea01528cf406262a7d8fc53df1be27923bc25c3f0133ecf7a1cc126f97cd7d3f6f10905ceeb","ssdeep":"1536:AligzUR8IuDd35NejBjjRKbeeEhggISLfd/etsoS0Sw9j67SdOTRJiHk:cYR8ICve1XwbeNRFLlmewJ0XiHk","tlshash":"65a3120b6816ed64ddf547b2fc90ad1eaaf8f2c31244ea2f56580703ab6b9e50d33c11","first_seen":"2026-04-20T23:45:00.172505Z","last_seen":"2026-04-20T23:55:40.633057Z","times_seen":2,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2554376122.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.206Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2554376122.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102176\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102176,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3","md5":"f3b7807fba672127529405d860a528af","sha1":"201ae198abb86575eadc1dee122058161c4cae05","sha256":"3bd6cb75d208fe3129ee0bda5754bace3a97f6ec07662d7915d86b32bcbb4af4","sha512":"0db6861839f4d227cd5549ced158617b8c1bc010a6fade228ef54470fe4ccad572af86e2d9149e7611bd0546be92953347926c292ee65215146f7aab68ea24c9","ssdeep":"3072:cCZukhv3ZnOebgBn1JecY5t4lKUq0AgL+T:tVhtOeO1Jq5t4Bq9T","tlshash":"82a302cb433c5258c9dd91faa17ec22fbc25a1849bf0f16af1b8d860b5f1646d08925f","first_seen":"2026-04-20T23:45:00.178404Z","last_seen":"2026-04-20T23:55:40.711943Z","times_seen":2,"resource_available":false,"data":null}},"time_used":217,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1981022292.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1981022292.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 110013\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":110013,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3","md5":"c9531567bbf2601cc0121ac8e48e4c7f","sha1":"257037b0a03732f3419d9d01196dad3b361f2e06","sha256":"b6184fa6a4788fe0e3a12704e439520656556f9fe218ac9d0ee091cc095d5e51","sha512":"f9c6be1ef0cf8d9239917e88f46b8bb1a787b820879c22a509c41350b71dab86944d246e710cebeedb9222d6760c0bd0d529b183e61a5d093beaf7003513b3c8","ssdeep":"3072:Vc+sn+qu8uk///vGD272Zh9XeWrBQxfVDgrUv:Vc+6u8uk///v12Zhxe2wurc","tlshash":"b0b3026cd3717c48e72146b7c6fa22420181db0ab7baefccc6e0e95166e6e10c9f645d","first_seen":"2026-04-20T23:45:00.18039Z","last_seen":"2026-04-20T23:55:40.599527Z","times_seen":2,"resource_available":false,"data":null}},"time_used":229,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":190,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2384463543.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.232Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2384463543.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 47987\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47987,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"4656505c56ddaa67416793feb70ede95","sha1":"1147e105467d98d46998d1627af6234e90bdc924","sha256":"e898a08de9577345f89e6cdc6a78fa1816059ef1172c51b742c13d40346fc233","sha512":"e9e0e747797e4b0b335ae74c5a2908c1eca185258a79983df1bcba9a84a106f90709f523679462a6d6ce1b03957405d7c1b20318d8d2c1fb596e89d99f2dd02b","ssdeep":"768:QK2cJ5krmFF/Bs97Nqmq4eGmTzPm1fIdesVt+gWL5l0lndxJ2QNhWbjTI/RNxwR:QKFJSgBsVNqD+mTSfIksLtLrxLzWrI/m","tlshash":"c323f1667a2c74ebc37284353120b26f7235acaf5d25eee862b513d595ccce82929850","first_seen":"2026-04-20T23:45:00.182153Z","last_seen":"2026-04-20T23:55:40.638775Z","times_seen":2,"resource_available":false,"data":null}},"time_used":197,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":196,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2284681327.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.241Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2284681327.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 46707\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46707,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"0d9a1f9bdb0b6882960160d0e4b54485","sha1":"57e73601b836f8535ede9b078c21e0bda284e6db","sha256":"7e74aecd0a5d1ca89eda44b8bf11d3635f6e212275525887622e2e1b4d322c17","sha512":"76f8048fd37d0fed0e6313f1f45b928de843b621e35655e0dd739c710b3dec6f7af0bc0ba063a5d3ac133d98ae79a6d301024becdcf9e9ae88265bc45085f132","ssdeep":"768:3qjU3Uvj/sgMYINiYziGNY/+DJVh3ivoILsClN1BQzyqjzUKId:3qjwUvwOINiYVRVpsoBWQuuzUKo","tlshash":"8623f113f94e2601d42acfb4516be257e07c17086eff44ee98935829a44e88754aa8e7","first_seen":"2026-04-20T23:45:00.184043Z","last_seen":"2026-04-20T23:55:40.749511Z","times_seen":2,"resource_available":false,"data":null}},"time_used":204,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/twilight.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.797Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/twilight.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":119608,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (63270), with LF, NEL line terminators","md5":"2045c64f166ee2780d966cabaa5d31af","sha1":"bba7444381f0ddf4fae04a097e5f39c7f23669c3","sha256":"d24f2128611bc32e62e8d56f35815e499957f7cf6a75360d871ce6dd35427e51","sha512":"2c6fb48703c6828a0c2a4a603a1b158dac555946cacf4d4f3caecd480d3812f0b65c9f97cbbb579e0a7d2f07e0c7371f69153110cebfe2be48727284153c6b84","ssdeep":"1536:K2Rn+UWh7iqRd8TW52apduqcn/e8iaKU98:pAU67dks2ap/","tlshash":"f0c3a3ccfa91b06646e33174012f140bb2bb5a59f44b8590f26ad5d07cbe94f60abf2d","first_seen":"2026-04-20T23:45:00.185545Z","last_seen":"2026-04-20T23:55:40.640869Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2095873486.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.929Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2095873486.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 28048\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28048,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1478b9eed53665e9bbea84429296e7b8","sha1":"ac36aa82afee32283757b566f278c6d846be8b1d","sha256":"dd197e0948fa1939b8402406517690274a41272f7a8c25f38767da8b98ea2381","sha512":"0bb4cae4753e49fcc66ad47c71c919448cbf8606ba0488b4c77d00e0a44855aac262227fdb20c60a8206008266abf59372c3d0f395b52efc9048a24d0ff9ce36","ssdeep":"768:/rxnx5rmJ4+HH4yP3KR4/rq6h2sobzMow:TxnryJvnnX/r0fw","tlshash":"68c2e08022776d5ff8bef2bc2684073490d4e90e13f540b2b2499679fb074ad1c99aec","first_seen":"2026-04-20T23:45:00.186907Z","last_seen":"2026-04-20T23:55:40.723626Z","times_seen":2,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2633726025.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.110Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2633726025.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 86552\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":86552,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"7a0e6f2219f41342d329b42abc3376a8","sha1":"83a12db3fe93b40896a83243f43d379d923205dc","sha256":"d6cdc19a3cfdae1f3ccc514d7c05faad4c58fd81a5d41ee6597a1414cc3a8dc2","sha512":"ced282dd1e956c2df0f96882dd5447dfb6ba7d94c815bf6e8fea7bb8a57f0fa20adf76b33253a97e8e8cf48626f45b91862d9b912c37ca7a3fe499bf24cc4379","ssdeep":"1536:MbVVWC+y/PdE6/LZXPsrr0hvy9vq2CSGAocpJzxbtPRncTsaMpOY83Se2O:MHR+y/PXLWf0o9vXvGAo6/55cTQOXia","tlshash":"a483ce831e42e9377a4bc175aa51326c30a760055793163abc28beffe36c91e4ddf912","first_seen":"2026-04-20T23:45:00.188343Z","last_seen":"2026-04-20T23:55:40.725757Z","times_seen":2,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1877076047.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.147Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1877076047.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 372228\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":372228,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"dafd076902415cdbaad5e943933fc11c","sha1":"9841d7504de152d9ad5b684dc075d9f8fbcd23ba","sha256":"31e5e8eef69b2adb162b455b170ea562b5a2914ceb8ad3a00e985d52f8250889","sha512":"9abe96ba5bb20ceda5457fac88f6c22bf93ede4e54dc3ede0aca7ab3b26224228f36bd642bf6e23635997a026b8251d2612879cf58beda9f76d45733eb6fbd9a","ssdeep":"6144:TF0CyEJ9+73XEtWza+G+x1fDT88X72w9pnX7KtMCiAmRX6veHYwlt5Rs3:yEW7XUWDljrTX9F7KtsAmsveH7pRk","tlshash":"4b8423e8a461f915ad6f906ecff64c41613ed726ca310f7c0a9689d06d273370a03b97","first_seen":"2026-04-20T23:45:00.190355Z","last_seen":"2026-04-20T23:55:40.729384Z","times_seen":2,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":117,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1761930593.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1761930593.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 58109\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":58109,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 500 x 500, 8-bit/color RGB, non-interlaced","md5":"91298e1035ec544cf7895c444d6068e7","sha1":"1a9c00db087345148afa5dae667c28c9923ecdb1","sha256":"571d0273907d5c0c73b16bf435532ca0235698bb76eb57690044de5ea4387842","sha512":"d963f539e30f1ff2163956fdcc411a8b678a597178fdf65a40944a5020a32db0ed6b813ca95b55643c5546667153210cc7e3bb6c4ff1ed1d898c6b7b6bc357ae","ssdeep":"1536:dW0urn5NoPAXSxU/kBQb7tzQvofPxQ7P7wJhDPn:ELrn5IA0oke7t24QgF","tlshash":"56430205d23ed59950de71b051c39b887faaa80e8bf7ade04ac5b1ff8dad2bc1180354","first_seen":"2026-04-20T23:45:00.192052Z","last_seen":"2026-04-20T23:55:40.679802Z","times_seen":2,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2671252091.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.237Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2671252091.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 47058\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":47058,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"312478eaa46ab45df0aa0c1ef3a02be1","sha1":"755d3b03e359448666cb08e986c59416a6bb268d","sha256":"f0303f06f6784f64b4d475cf7eb0c1a7aa24c4ab631291e9aa97452e8bd97a88","sha512":"146c9293d9de9df065c356258933edc598a71dbaf362e070896a14c1168ae4c1126beeb4458df1409c5fd8bc8bea690f3a648eec3fbdb48dc3260326f2d9bd46","ssdeep":"768:bxXj42QNfZ1+SGvyO/ue8KxAi+qeS5lvHknxNK8QKm0IQ20iLT0dNsrT53tvr94/:G28ijj8KJHPHonIQ2Kdi3JK/","tlshash":"9623e1d67a9c16bbf6088d314bcf62a8392b556d7c531b4d6254c4733b2a2fa104c13a","first_seen":"2026-04-20T23:45:00.193425Z","last_seen":"2026-04-20T23:55:40.693064Z","times_seen":2,"resource_available":false,"data":null}},"time_used":202,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":201,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2337224605.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.239Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2337224605.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 48013\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48013,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"6301f8e498f2abf7463075c2f547c9cd","sha1":"095ce29b9fb9bdc947adb3a0c1446b810569b0e1","sha256":"9e20f71c9a21e7cf75f346e114afaf73c5ffdbbd20731d85ed24a90eb0071a54","sha512":"b5e4ca09c2ef655df7ad89a7c4fb8c8b2089bb473e166c2d99555d9f0432cfd54d8e6d2d6285b4499178b8b6db2a34dca4547cf20be36b64f84ce7cc0aec422b","ssdeep":"768:sI0UfIluGagak4upLmHu5xOMneAKsQZT8iOHxBDet7kNVKMoy9RwH0hMRI0kR3ZV:H5I87gN1LV5xOSeh+xBDGwNJR1hQI57V","tlshash":"422301e7f634fa36d993e9bf1062ab0a6d1c6d4920c4f1eb01215c53cee4e8176855c3","first_seen":"2026-04-20T23:45:00.194626Z","last_seen":"2026-04-20T23:55:40.719249Z","times_seen":2,"resource_available":false,"data":null}},"time_used":200,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":199,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2659379047.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.248Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2659379047.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8624\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8624,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"4d721766c8f6a35bb2ca6eee5e3fb832","sha1":"78cce964dd82a2686b443e488370308d2f63a1a8","sha256":"667d5da8062ca3c6f0e72e4b0fde9a58db7898dff19c64a697c4e59d0f22f7e6","sha512":"f0cf65158aabeeb7cf722c1ed893c7806311cd1d55c4e84e5bd731d0df3eed44ff95290353794cf531a554a23408f8a70728485e008c9670f68d7d4ca39e225c","ssdeep":"192:RK6o0BL3EglG8ODDDz9ufMWDEn1yUe2sdFvkaocmdh4w9jKWwk:RLIglPODDDz9ufMWDEnMUQdtkbBdh48","tlshash":"e002bf88332a4d93dfbdcb7024f14459f1daa81ab734d14ec953ada568fc1c18a861e4","first_seen":"2026-04-20T23:45:00.196295Z","last_seen":"2026-04-20T23:55:40.714734Z","times_seen":2,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1757779013_6169.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.822Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1757779013_6169.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 36877\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":36877,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality\", baseline, precision 8, 800x800, components 3","md5":"d032ea85008a10a4a454bbd3df359f59","sha1":"b3445a2ff19b73a19a71d800c0488564d515a5a3","sha256":"8d253ef605992d0121e96c6e9cd83bd237628271d61c9ad7e5120a0034f22c1b","sha512":"54c946bc02fe527a4fe947870d2092156823aea45e290b8a3fdb77e619d1565f48a98fa545b10506f698d13fd5a707a8d01bacfe17e11104e02cf232f03d121b","ssdeep":"768:LE95svHMGF4+BTtXq32DXjiVLKzYvKhuMrtGD3b29kQqJP3+oJhZ:g95sPRFbBTtXqGDnMdktSskQMP+oJv","tlshash":"b2f2ae238805878b961586e8fe431d5d6f9b672de4ea7afe40d15ecf3d60a364c8d00e","first_seen":"2026-04-09T15:47:19.353296Z","last_seen":"2026-04-25T09:03:47.150757Z","times_seen":5,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2448356962.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.831Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2448356962.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 30330\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":30330,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"79bcf500a3e7f311e17f4c9d5a87dd4e","sha1":"50db5b0268b9de176af16532190b55e2ffc7a84c","sha256":"6ac156dc8ed61d6670213abb7c4cf1e13af330fd7ee77966c3cce72d6d15a2fd","sha512":"b94272b0de6138576a688d7ab2bf924a961d46ad917449a1d2e05ce57a47ff30e9f0adbbd83a895ba3346d7c1b1231916796cbe5bab847d8e1b854fa8c844131","ssdeep":"768:ct3MQxl9mOoBvlg4yxUG3+b9YZjKyDAr5VezHjFE8mfS:ct3MqOdB+xU39cjrk1VcHjPm6","tlshash":"52d2e0478c44b6b7d2dfa7fca8625634f293565dc30efd87da1844021a693f33a29858","first_seen":"2026-04-20T23:45:00.198412Z","last_seen":"2026-04-20T23:55:40.594763Z","times_seen":2,"resource_available":false,"data":null}},"time_used":81,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2481867453.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2481867453.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 26358\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26358,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"a83dfd79f8b6b1f387fda1ba71bc25cf","sha1":"918c8197a304161bc18c914d0030ecd6d161f837","sha256":"12d79ccd15638a35e26deb1336fdc9080406ad164f18310ba09e208966b78279","sha512":"3b509ee384dfc336b13cb4509392b95cf3103a449def545b16fd0562d6b2aee9990f79b8205221541979ab4e1edabd82d75a2dd10bd7541b843f4afd03821983","ssdeep":"768:GFFHKozbX2LbTyyhNMzvQ1GqGRgJSZCrDERXW/fdQce3:yFqozbGO3RgJSZGDCW/VQce3","tlshash":"61c2c08a0300ec28d07df4fe9025ba65b519f80506ee1abdf85c5dc9475d8e4eb6d38d","first_seen":"2026-04-20T23:45:00.200039Z","last_seen":"2026-04-20T23:55:40.622643Z","times_seen":2,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1963812966.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.092Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1963812966.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8128\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8128,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b9f2e7267fa3136c7d4fe395013f2916","sha1":"b3f0ed44e0fc139aee286e2fe896eb26b378db9d","sha256":"4b739b091caeb7f5a14b0ee4e5bd80b06011b3fe3281c5962ead5806fe4a0126","sha512":"e923774b6bb9cc0638d924f4ec4813a93543f56aa136d1b66941ff69d647e3ed851ee79ee83884168862e2b9c4be34bb8a73ef87f4e9ed6d69fe290c599b0727","ssdeep":"192:mBLMZLLgenEfrvj/MXK54pFqUEed8HhsLtc:hLge6v0dFq7tHh2tc","tlshash":"30f1ae9fbb281e21c9f543f9e6d4034b879643dc873d47e939248688eb0c7d08999c9c","first_seen":"2026-04-20T23:45:00.201164Z","last_seen":"2026-04-20T23:55:40.650913Z","times_seen":2,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2276817300.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2276817300.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 51308\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51308,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"aeb3cd7d7a109be2ffd1d2953f55edd4","sha1":"5e69d199f46a3caaf20a48235f2a14e0c4636f00","sha256":"baef1cb78a3c9ce3d164edf14e5a4afebf4d81efb439b8e87eee01ffd7da10a4","sha512":"424d4ca31fa954d2bbc42ef7bb83a57af2a815592c25c483ced109fd6344580f653554f602c1639e749653d466ed561ef02ba5997df485226c5601838d9057b0","ssdeep":"1536:Q+/TtSuMQuPp6/uBULYyNF8M4hkzEhQbBvK:QGkuMbPpCuyL3FEhQbBS","tlshash":"8d33f16dd3ec28e7d7262b703daf89706b674474016172752404ac44defdef021aa9de","first_seen":"2026-04-20T23:45:00.202178Z","last_seen":"2026-04-20T23:55:40.695811Z","times_seen":2,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":76,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2360049972.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.125Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2360049972.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 508834\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":508834,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced","md5":"d59e44428a0f70d5ec7743373fc1c57d","sha1":"6755c5c5d8df86ef3645284ca1ab5c214aac1359","sha256":"319ab35d886054a02858445af5905c99becf0355749507dc592214dea71c5c66","sha512":"b05671da57b6e11567784817712e528e25c4bf913b8410da4f63a2251a3dd0afc21c066c8cbb81c5f3d71b4ffd80914d8f76791e582748daa01dc110164e967c","ssdeep":"12288:Q4db9sp2SLIPbfQaitomPMTSCHWq0h4g/eRC3nSWA:Q869ubItxPOSCqZeESB","tlshash":"31b423f41fa64df2bace733154773585177711c29d8e2c6172be881a8f0fe182c6a662","first_seen":"2026-04-20T23:45:00.203268Z","last_seen":"2026-04-20T23:55:40.638158Z","times_seen":2,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1881119643.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.246Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1881119643.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8632\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8632,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"6c865ba362e98ad57bc5af74c326a63e","sha1":"415a1f98990a1f2f2c1799734ac438b9e7a970fc","sha256":"9aac19f191df1752c24a02e70dd5616681c9eda6cecb8513e6786922841e8293","sha512":"6492f889416355436f1ea27f2c2ff2d0c4fa6a6e8a880b0b7f19b48fd6d9369f0cb9621b354520c932685e8a634d2a525af2c67d1d396f5c8bdc7e3d41472e5a","ssdeep":"192:kHV2j92hDDDzJFVl2cS7UuZLk4DzntgNkLcU7sI/PutwZl2y:kHV2hADDDzPVl2cSPrON7Ws8nOy","tlshash":"7702af0b32648f15ee7ee279f8788928de25649fe047e1df01b50854737ca50ebcc941","first_seen":"2026-04-20T23:45:00.204323Z","last_seen":"2026-04-20T23:55:40.73014Z","times_seen":2,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2213684385.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.254Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2213684385.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 34135\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":34135,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"647e46ebc85784674a902cef3e161b03","sha1":"4a401d35b8264d0c9b7972bff8e255409febe952","sha256":"9c14c673c33e328a283356ece1956eb68973d66882ee0467b7e1cf496662e89a","sha512":"7c93744a1d09e72359bbfca48b88c9ced1536add8517aa8aee5148deab39fd7db0198b3f5012e8ed62d506b0eb63d8e6df4a59ecc55588cac4ddce54889e0261","ssdeep":"384:+RZHFWwaBV1y5d0BtB9YwxGDE+JJDTdddd3cM3/IfKHvp1PURJP/1mKAovJ/BqL7:+RHQ1qeYToyddddNVMoKhzA+kUbmp24","tlshash":"f9e2d0ae345221baf352d0327465cf18b9085be3c18f681d1f704ae7de7b7529a3d219","first_seen":"2026-04-20T23:45:00.205622Z","last_seen":"2026-04-20T23:55:40.669959Z","times_seen":2,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2101007781.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.836Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2101007781.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9842\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":9842,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 640x640, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"e4ed384b3e5fc98eb22c023023ff7c97","sha1":"c2916dcd640de13f9b315b2a104d79b54f981006","sha256":"06f90b53c2ef544354d3a40829246688f77d765d0d83bfbf75be86ad7ec6788b","sha512":"ee0f788110ee82b1383a087035574d80588c21cc89e297476dfd64e7fe1e1f8313233dc836cc92685a2756cfe6a6094b0d309422266986aa92d5483f10c671a4","ssdeep":"192:c9cCASKMvjGTjUOd4/NFSxJAYApDF7ZZkmk3mo+o+pbToulBzQ:c9cBSrvjEjnmVF7YApx7zkWo+zPn5Q","tlshash":"7012c00f9e81dd1771f58d564d90742f3b1c62f6e4c4c796906f2e838bb5ce2469602e","first_seen":"2026-04-20T23:45:00.206742Z","last_seen":"2026-04-20T23:55:40.694159Z","times_seen":2,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1890897592.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.017Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1890897592.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 18910\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18910,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"3b828239c3abf1da270a79b961710f61","sha1":"78db110009ad3f83547e27793569fb35451a408d","sha256":"9b84c5d9562a4b5dc9c6546c00ca7ee9d13e6b41fc7d133f90215028f8e65629","sha512":"3f9a5d04b6758704f861b9127be30f91c9976815bb21abc4ba567ade93a3f2d04f45b280bb68f600c162a5fd1dfc5db85cb200ba746f5a11240dacf38e897044","ssdeep":"384:auWdXRO9+RyrTvKurJ7xGUrBTK/Ffvem9F+GWDfajLs+:U69ZvxtTrBTKNnF+BoLz","tlshash":"1a82cf8c5c60b821e4bda275e5cf038ccc7775335eb95eac19fdd5f50a2a680c81e668","first_seen":"2026-04-20T23:45:00.207907Z","last_seen":"2026-04-20T23:55:40.596608Z","times_seen":2,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2075250204.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2075250204.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 20450\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20450,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"216a6bf6384f62e25dcad05d90eb8f4c","sha1":"89fabed893d1178928c7a68288178e91a4736ea0","sha256":"b4c47a92dfadbf69c933749bc5d993ac6bf9735f673b3e6887baf22d9a642ac5","sha512":"1f28ef7400b238ba8c21cf7d454e49e04ffe11e4c9345a6fb4fbcf9259bf89d4e85c908a6d806fb0f2f8bc8c06b2a1e148ce11721cabb3d39f4a13be92733970","ssdeep":"384:tTXVvujN/iBc9rpg/1uhe57ZbkFEiuCHU6YDh1unYc:Xokc9rOPBZgiXChYlC","tlshash":"e792c07049002b91c401253e8bcd1fa2d67dbcb946d5ca8b6ac4566eaf9c1c38ad6937","first_seen":"2026-04-20T23:45:00.209175Z","last_seen":"2026-04-20T23:55:40.72477Z","times_seen":2,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1752807670.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.054Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1752807670.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9894\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9894,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"28a1f8c01c47166635661d384c198e16","sha1":"cac0ecbfed50eafbd2796f8697aca20a4b94352f","sha256":"fb9dc1aea1e407d5fc364deedeb170e0c5aa45deaac33d820948833c445725d7","sha512":"0092e9b22f583622f842c4ccf01046649c2cd271900626c1a3526efa33205ede661b8e556aae42157864d1004d0f109772069663969ce82e5ec5a0aeeec252d0","ssdeep":"192:P7GgUuUZ0d8pScHOSOI0o7wFG1T9AWU1XxD4Vws0QiolHo9hW4qGBUKwc:zGg3UZZvq4wFG1M1BD4iQbtko4VFwc","tlshash":"5c12cfcf52328b30e030a7323e408fd403577c2da6929becd5595a9167b4ad22c7e9a2","first_seen":"2026-04-20T23:45:00.210688Z","last_seen":"2026-04-20T23:55:40.673202Z","times_seen":2,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2049207362.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.198Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2049207362.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 111155\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111155,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality\", baseline, precision 8, 800x800, components 3","md5":"f50640f22645651aacef78d01a83f946","sha1":"6df4a9769513e534a201d7d62377cae8cd0a5b20","sha256":"8988a6c00f7ecd5ffaefc5a5685b1683023890195562609fb7b68e3c58a90d77","sha512":"7352917b5875651249ca0aabe95e1a0e27b20c264bfad378131e9a29411f403a5c2b098d9977784c90339c8b01d4839d3d774470191cf3fa4d3a7616c6c750a7","ssdeep":"1536:giBJOvo/svRnMya4Hhjzfz3wDkpXltCjKI2jV2O8LCQ3nDzKlrMiBhk4OY4RotbP:TQR+ya4HZokplio2lT2pCYAQYSxn","tlshash":"13b3f123acde5a45932c9ad0be438f0d76116e0cdc11b4ff63544eea7fa04228f69897","first_seen":"2026-04-20T23:45:00.211793Z","last_seen":"2026-04-20T23:55:40.726331Z","times_seen":2,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":186,"receive":20,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2271469701.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.257Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2271469701.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 33940\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":33940,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"0b9ed3e151af3ef55f3448dfa244a24b","sha1":"34f686aca15374d7639436754e21c331e4f06945","sha256":"13a4020dc08a31723d5ceeb9b57935ab4443d90260a5938b65258974eb4254fb","sha512":"62bebed09ab29ab3802aac21ebfbbfce9249c03c4a69a3e17a80a9c6bd6e09becd5a90a1a327b89bb71a0d13e09ed3b9749da863c684da315872084338d61af9","ssdeep":"768:+vgrJLNF1f0XE81R5HzpT19PLDgRXGRWLf6nkbmp24:+vKN81jph9PfS5f6nkb4l","tlshash":"81e2e1bf36a97401f320e537a267d949d73047afd69f893bdca8072f64786792428029","first_seen":"2026-04-20T23:45:00.213044Z","last_seen":"2026-04-20T23:55:40.671212Z","times_seen":2,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2614605665.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.267Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2614605665.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 33557\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":33557,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"3cbddf6d802335c2072b787b261224d2","sha1":"217f8d05e9859f945069db40ecc94034487e8675","sha256":"450b60774f8ad7492f2c03f974516bba4e486d6b4e61e16ed717e4fc6e74a80c","sha512":"ec74fe175ec7efa4fbe9370cb7fa63c87deb65448373ebc9a44415626a894a0acadf9b473dfc033db06407576b6e6cc8b8228bcd10001f27577c9ddb301de589","ssdeep":"768:+kMEm7dBpyAFgfk95ddPNqLD96h1UugKFkbmp24:+kNmxCAmSjqf01UCkb4l","tlshash":"2be2d0bfb8c36aaec74684717a31eb9cb4085b30c5ef356d09713c1f4e9b1d52a29126","first_seen":"2026-04-20T23:45:00.214162Z","last_seen":"2026-04-20T23:55:40.759986Z","times_seen":2,"resource_available":false,"data":null}},"time_used":210,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1784659010.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.268Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1784659010.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13214\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13214,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"b011e3c24b11437a90aa8f5fc6f42b14","sha1":"7e10bd8c1d2fe06402939137463c635d0596422b","sha256":"591ac27fc68f3b208a91242568455ca614549ced9ed9b63937aa42ddaf983ac7","sha512":"048d0c71852b9f2820e6c9e8be1684f81b63a7138acc5a17e6ba27926d9bcfab50b1830df24344399edcc5f8fed4c7d94268c9d509920b56d6d66652df07e543","ssdeep":"192:S290PvAbeyDaKDSCcdykrC6aeLgjcQMp+bEbrbUtUm6lAXgnWff2Alz64n/yAS:SBYbeyFxeI3TbEbrQqm6k7z64n5S","tlshash":"6852bf8773d8a36560dff1f0fca2cd89624d72b442652a5c742dc4eb45882be0ce6b82","first_seen":"2026-04-20T23:45:00.215265Z","last_seen":"2026-04-20T23:55:40.69756Z","times_seen":2,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":210,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/card.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /themes/1034648396/1.100.0/card.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":17652,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (17652), with no line terminators","md5":"331107684dec8d25b7059a8924d57bf6","sha1":"66c02247832864e65e69b2fa343e60dc28289b87","sha256":"ad88fa6f53ab128b0fe6a1ddd08cc744ab07b1fa56eb8b49f158e8e504e53a59","sha512":"67d9bc28d7a1c04956ecc0023d5ed7005f9f1397eb1165185e4834f3fd8fde1fc00d171ef53fa7e910f9867d4c4f93dd4b3efb9a2120ae2978d2f0ead4184500","ssdeep":"192:PHrMxWT72qSGBIbSxRsStx0qrzncxPKzp8MFT4YeI:zMQnJIOxRlx0qrrYPWdFX/","tlshash":"eb8274d8e0f1603191bb8871841727cbbb68790ed2c6492c767ed4d53b9dd499226b3c","first_seen":"2026-04-20T23:45:00.216363Z","last_seen":"2026-04-20T23:55:40.723187Z","times_seen":2,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2492087768.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2492087768.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 34097\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":34097,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x768, components 3","md5":"efa76ecd059c3a4df9f02aee622db49b","sha1":"f8247433ee35d37114a197d741001f0d2af5c345","sha256":"949fc3d5faf87390e5bcb7641d9eb716954f2087a466521fa37b0a890c3606ce","sha512":"be790acd95775327be99e0839d528c4f7137ed8d0af68fc4a9ad8cfde7dc25142b533fcb091d2c3706a60ea6f59eaf4694bb7f4a9ef1cf7febb08a3ad7814bf8","ssdeep":"768:1kkouzJLtMFmGv/RI0lPTVdHeUgzfHbb155mcOJmfFsa0NmNJlo:1kkzGsGXRdlbVpj2fHbB55gJKi+Jlo","tlshash":"38e2e112f59d4b62ea4dff70bd0e59402f2e6461df5af7a42bc002c2909d2fe21489db","first_seen":"2026-04-20T23:45:00.217886Z","last_seen":"2026-04-20T23:55:40.666238Z","times_seen":2,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":91,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2667480040.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.878Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2667480040.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 27294\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":27294,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image, VP8 encoding, 783x1000, Scaling: [none]x[none], YUV color, decoders should clamp","md5":"1c20391178b30b719fa9165d84931ab6","sha1":"93b95300fda477bf3d2834e4d87683ed30e69ce9","sha256":"f5944e328258ec5b3d1e9896a2ef82a85e3c4aaac9f343145968bcf449eca46c","sha512":"62dca4933fa0738193bbf4604f3499e965a9d43363bb75d1a0205dd9da2af76900572081a00da062217e324912b8900d58dea144408df9aebcc8980cdce417e1","ssdeep":"768:v3N9lKNBH7HF8mSnOi+8Zsa9rsMf/ANSKY6OeC:v99wXF+nOAJGw/A5TC","tlshash":"ecc2f1c4dd09ff1c4f1ea03db79ad1dd83da24c5b094d7c4a017a09c6d26ab168935b3","first_seen":"2026-04-20T23:45:00.219106Z","last_seen":"2026-04-20T23:55:40.608191Z","times_seen":2,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":30,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2479325935.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.111Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2479325935.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 141766\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":141766,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"db3ed0b93fa5fcc359feb149babe8ed4","sha1":"8d1c8a1d2e804109c66fc525908f354e56d3e564","sha256":"94b26240232d1dfef9fe011f0bb051416e76ec831bdee03c06d4ba0f292f8281","sha512":"acb957061c0f97d59c249e83e947b5aaf5fb23ee8a027cc46f0910d7ef48339574453bb188ff1626157cd0d7da6f3905cffdf1ab9b0cdf47fba2b78cac966f05","ssdeep":"3072:70VzT8iVKLKz7SCmkvu2v5g6rVaz9AngXqg2WI280p23EwSYgN1pVfCT:QKiz+C9vVJ6smih53j4x0","tlshash":"8dd3e172b46588632a278f549ad0bf6e7b06f4c5f25713b9f028aa1061ddf60d90cfb0","first_seen":"2026-04-20T23:45:00.220151Z","last_seen":"2026-04-20T23:55:40.665066Z","times_seen":2,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":77,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2042396503.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.144Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2042396503.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 223413\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":223413,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced","md5":"ab2fe4a2243b706abf54dea122a6a99a","sha1":"55d2872798ad1222b3848226c1a92f4ee7e7b72f","sha256":"b3483f9277bce843b0d7a9903c5da0934b10a7cfc676bfb3eed6420daf11cc29","sha512":"0b8db439bf318f0b356c7b61cc89168255cb16b1a7064a1c13ac30ca30f6224cac84002eb7fe3b7900bb66dced942eb1a934bcbfb42a5df069c62110662bc578","ssdeep":"3072:VaBDB3vI+S77wNqwI00WGWdDJLnDzjbvoaqaWSEVrwbCn1N1FzBY5N5hO2ArbDKv:ABk79wI0vGWbLn7DV3Wf8b8NhY5ZRT","tlshash":"1a2402d1a62be582dfae3d7bed15cd82631049b6c43059b0b83df896eb4b3347891790","first_seen":"2026-04-20T23:45:00.221159Z","last_seen":"2026-04-20T23:55:40.728939Z","times_seen":2,"resource_available":false,"data":null}},"time_used":90,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2234165172.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.176Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2234165172.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 211697\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":211697,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 800 x 800, 8-bit/color RGB, non-interlaced","md5":"5f668bb2f43998467be1de5cbdb88dbb","sha1":"fcf2617d3720f8f209712984c902b276e4ed4b8e","sha256":"cd4c5cfc4ced1f2126633f83064553ff2bdcc8ec8bd84ba12d98ed064c81e723","sha512":"5485ccfca022340a0701d9156f96f1e4fab4adee20d36ff5f0b9b9950e5f549bf9b4dfa3d39482897688fcf50a0f364be41201f7a897431d4766daf39788901d","ssdeep":"6144:r4SR8AIYZKxIMHjnTZVbHTlNNTK4ApRePoViokz/LoV:MSRBIYZKxIMHvZVrRrTKfRaos/UV","tlshash":"d524124464962e378a79c3f34f1f3f4b692b7e08634bb10462a369d53d8245468ffad2","first_seen":"2026-04-20T23:45:00.222326Z","last_seen":"2026-04-20T23:55:40.711452Z","times_seen":2,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":155,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2165233098.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.255Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2165233098.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 34135\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":34135,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"73916d6f8bd85d6386f485db87ea5cd8","sha1":"252b832e28a9675a0a1d7ed026bd43d903c7f0a4","sha256":"7b446e659a5914c080dd26ef2bef0618cc147209c88bf6ce5df4ec51fdce5eda","sha512":"8f88b618278f6611d11ba1915817b63a6aa6b5a09b19c9c88ccd8b4b75aad01b5d835b07687b3a5a72da654edb40cb35edcd21fc621969ad664c9743bec39a7c","ssdeep":"768:+z/L2kGF992hHOF0iWhleoZrar6+2e+C+Qp5m6nJWUugKFGbmp24:+zP5OiiMlpk63eSCm6nEUCGb4l","tlshash":"02e2e0113441368af308d973bea7961c73257825d2fb617c887cb41f7eb82b220ea55e","first_seen":"2026-04-20T23:45:00.223412Z","last_seen":"2026-04-20T23:55:40.621501Z","times_seen":2,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2141413132.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2141413132.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13483\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":13483,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"1606269097322ceb28b53753ccc318fa","sha1":"f48016ccb65138a5563775214bb143a5386e2c53","sha256":"4a866ff3b5dce8bdc1d598e4cdf6b40e7797f4726c34494377d914af05a5f2cf","sha512":"a53f4662400993f7593ab002c583b2b8b0fbbc6ae1dc7a972b8a29350faade98b3822bbdc4bf69e599026da316e80f4a294e0d57968e18486eae312882f6413b","ssdeep":"384:4KE+ZlD8ZKNQoWuOElflLuMsfrWbyE+rOpk:4wZlD8cJ/lqDM+S6","tlshash":"0852b071720eed1ddca8e47337380315ee4a741be72997cefac0e6496a590c4a82951d","first_seen":"2026-04-20T23:45:00.224431Z","last_seen":"2026-04-20T23:55:40.746737Z","times_seen":2,"resource_available":false,"data":null}},"time_used":211,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":211,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2066009879.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2066009879.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 20110\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20110,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 480x480, components 3","md5":"dc92f43121d597c5558c11107703b1a1","sha1":"8c6084e39fcad3f3a65eca2dbd42aaa15cced1af","sha256":"773719e3002a313d0311e00a5c00f24ad228d8b4b50a2c84e1a2318ff5ddfe53","sha512":"d48dfdf13c1e6f0c6a2b9381841285af728668e41c2c10894624c69cfaf5c8f3fef5266a7843fa2e08279b0813ae3ab7cd9293d029b060487bf7fa90e7a89228","ssdeep":"384:0wsdNiV6Ji/5kiRpa596TfoR2Z2QVs2nMQw2ZqnY8O:JsjiVbXfoS2QVTMQwVnY8O","tlshash":"6a92c0bac6200d0bd29e1031db8e6eb1655cffebb426536d55c08268eb7d7ce9904283","first_seen":"2026-04-20T23:45:00.225466Z","last_seen":"2026-04-20T23:55:40.721236Z","times_seen":2,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2378522910.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.901Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2378522910.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 38030\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38030,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9bb68b1c91e37512f0652ddc0634523a","sha1":"a0fe85ea887cd694c237a0091f3c188cbb48b341","sha256":"668f49038dccf09a59766b0de1b7788267371e86b2d74938c9c6e5560de265d3","sha512":"30cf2314211193c9f0fd241c2c05a46b12f4eccc51e2d224b09cd49bd69d01869f046a95e71843a5f8c0180ef6c14611e8e50f54438997ce99ff99518fe8f9c7","ssdeep":"768:bX5Sf8OvpMJxP8YGESsFOCBs2TiHdVxgGQYJ6z3PyZ:bX40Ov4uYGGF6HCHYJU3E","tlshash":"8803f13607851251f22571f95423ab0b6e28f7a13a96ca072d19cb4b07d09fafb4fcc9","first_seen":"2026-04-20T23:45:00.226427Z","last_seen":"2026-04-20T23:55:40.610651Z","times_seen":2,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1911838122.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.945Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1911838122.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 41532\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":41532,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"6b9f8a4ee6b14888ea4aefcf3d53a739","sha1":"8aef9ac8000625c9f1701a4fe66ec9b9934b7540","sha256":"a6e86b06fb96924c4815022327c6db73110cf920e533c72e0d5f13888b1ac9ad","sha512":"99883df8f336b746b10edfaf78eae00770e2a03dfbcf4233ebd3add228c0d5363105ec81d82a80ba9c7de2e87696e479350d7286c5d06327ef85b8063ad52479","ssdeep":"768:8PMCi4PRFDAfeOAMZPfISlfT2WG2xHUSRpAyw1EFhRfQhqprp4Ak:gjR+r/PgSZ2Wdvwitu3","tlshash":"4213f1066574d68dc91d77352dca3eebc330a730fa89efc2092d4ea813678d6169248f","first_seen":"2026-04-20T23:45:00.22743Z","last_seen":"2026-04-20T23:55:40.747437Z","times_seen":2,"resource_available":false,"data":null}},"time_used":119,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1895607995.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.149Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1895607995.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 371285\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":371285,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 999, 8-bit/color RGBA, non-interlaced","md5":"1344f0f86c1ae354aa14e3432f6caa69","sha1":"0869c230eb54f6f4fd44af577dc643124e766992","sha256":"795d3631d3015dd683339dd324ddb5c82aa7a30a5110d6a72e3ed1fcd2f2e34b","sha512":"7b3bcb38ed8ff6af7c519b846f7894f7c8c228990a1818f0531fe7c13b385037dcc8c71044d917f1a6e24469ed847c341737478b1038861bd98730c1e61c0c39","ssdeep":"6144:m9eR0ylKknmXZrscvPfdDPomka7S9aUz31uV1BPl+E7d0Kq9vz8yEnygGX0NVPWb:LRfKbXfvPRPp7SEUz3m1B9+KWKqR8bnw","tlshash":"3e8423fb14e42598db1303f2c1df5e540ae3a67a8b2874f0b521f3299a8e82f45d1b09","first_seen":"2026-04-20T23:45:00.228431Z","last_seen":"2026-04-20T23:55:40.722179Z","times_seen":2,"resource_available":false,"data":null}},"time_used":144,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":118,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2119954060.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2119954060.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 104364\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":104364,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality\", baseline, precision 8, 800x800, components 3","md5":"8902fb196d665805808df06b761f531c","sha1":"f97dc22085ac490b9cf7e7d2281cf0595aae1c5b","sha256":"444a1499871802937eadf2655047a56a1d6b485bec4e0aab955a69f501d1974c","sha512":"be7b004bef9fad8a0e6464ad8ebd86ae08dfdee08567940304c6596f956d2682a2c1b44ce289c853b60d3ab556f91216dfef811e99643e5f7b62732a5074659d","ssdeep":"3072:MLu5KVOAiOcKTQnKf4TGQE1HCxQRPYf5AdKIqO:MLmAQKf4TGQ+RPy5AdKIz","tlshash":"49a30103c888aac2672d93d7fd570ddd2e59ab0ded613afb45618dea364a5314c8c07c","first_seen":"2026-04-20T23:45:00.229437Z","last_seen":"2026-04-20T23:55:40.745467Z","times_seen":2,"resource_available":false,"data":null}},"time_used":215,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2361468628.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.253Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2361468628.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 9012\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9012,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"45d34805a1f904d50cc2f2494c7dd5ae","sha1":"83064fbd29e35b07a251955b40412df50e6a47a3","sha256":"01e5a89238408e8c3a793180bcdc22075e28c437606120c47cc71891edf98592","sha512":"11b5970f4f3f943a730b45a67d00c2e05127bcee688e89b4e33c2daa4938678ec0c141e0826a4247c9df6fd0314b3915ce3970940b337df01f267e0a71a35d93","ssdeep":"192:LXgeIQnJv0HVo7AFF+LAwoLzRzubjs+I1BDTLvc6S1j1/zNmOt:zcQJv0H4AFF+szhz+jsrc3/f","tlshash":"2902ae8e375d545dfc34c93f89ca5581b68884440998c2deb1b8c47b443e7f048c397d","first_seen":"2026-04-20T23:45:00.230567Z","last_seen":"2026-04-20T23:55:40.634159Z","times_seen":2,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":208,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/home.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /themes/1034648396/1.100.0/home.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":109895,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65474)","md5":"1d0c775a40601e53a72be8e9c41ddfdc","sha1":"d5e88b793730599d2a2be681fde7620b24fd8113","sha256":"3a1aed50761f5e9a62b33bf15cb2f1a3ff238b2ce9ba41672f07e754c6d10bfb","sha512":"480338fd9c7fc013f6593b99dfa9929ea8c1406909f9bcf63064a65e0f1ba28d8076b581295af6b760791b565f59776b8bc82c75e19723c14b34d28ac158a846","ssdeep":"1536:UfVO9O5RF5HN6rEm6LB5r1UbcS8JgbpXjtzeKKmCe6s6wpVPwCEwCamzfadHjG3K:savDGg960V4YFpPopc","tlshash":"3db3088bb62524340be73bdbcafb4a587379334554658060bc6ec5861bb4c258373bfa","first_seen":"2026-04-20T23:45:00.232048Z","last_seen":"2026-04-20T23:55:40.675542Z","times_seen":2,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-8f7b9e36.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.204Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-8f7b9e36.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19266,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (19181)","md5":"3f62a5290a3cdd0d581ea8a37e19981a","sha1":"7f33d760fa9ba8eda85a308f1bb461e23b7416ff","sha256":"01ccfaccdf169edd590181725b13e6c436b806c9abb16f3b0074e8c209d8456b","sha512":"ca3629309f669b34f68d72108be2fc9d982cf60b3f89ea51a11f5ec35db5f0eb1401c6310a407fc18ee80b92ef664acd32b2668735057361e34e42dc696525fb","ssdeep":"384:jL9AXp9eL7ydWqiNJzH09uU9q4UFthlnO7gBwrI:39AXp947qCcevhld","tlshash":"498275cc37c6b1a697d32a35846f2407b33dae81540dd491e62ae0807c74d6e8a37eed","first_seen":"2024-08-04T21:57:29Z","last_seen":"2026-04-20T23:55:40.609277Z","times_seen":19,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2431924679.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.873Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2431924679.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 147442\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":147442,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 2048x2048, components 3","md5":"f0cc7352f664cf7f5c2f9fa405780ea6","sha1":"ac2d3f17bfdabd651687452354436ba139cf6fd9","sha256":"262d61fb0530c6d64c323aef78acd6289df0a81958c5376a3ab4ab322aef9bd5","sha512":"99de2ca7e594aa35a72f466da116f309538ac92de24bdec7acbb515a4dc794d54fe8056730efb2ea53e8f9c895b391839fb2bae67194a3f575279c37fa892dfb","ssdeep":"3072:6+XQDvUMJPSu3ifV+cmbQCXYllKXWyUi2T7Gkz5Y5FbF568tbUHV:6DvUoSu3ifV+cmXYTKmDi2TqeY5rgJ1","tlshash":"26e3121ca7256eafc9a85734899323f42f52090045677213bfe52b013935fc6faae5f1","first_seen":"2026-04-20T23:45:00.233728Z","last_seen":"2026-04-20T23:55:40.750622Z","times_seen":2,"resource_available":false,"data":null}},"time_used":184,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":98,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2101301897.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.999Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2101301897.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 54378\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54378,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"1f75779d7ea48e9cdacc3f17c99d1c2b","sha1":"c76b7f4e0018916d6904a7940a8f59b34f402f20","sha256":"ff0d24964b2569dfb1990f9375fa0e95d84a0c4e389140ead6cfdd6c819c3cb7","sha512":"717820323991cf91c2d5e24eb9b9414c57dd582d1c833247cdc013fd43d735b64458a4fc730c64752be829daf21fa24f1acf91d6fc06a59e053557c5793232c5","ssdeep":"768:vd40yXU+zPTtBLc0CFtRoUFb1GPx2VQmHKrUW8vyi9s8SOjkJ4PECdP0ttkEzF:SZBP5GEU11agQFgWYDdSOIJ0ECRmtX","tlshash":"5133f142b35b2628ed35c237ca5e9f74467239e81a0e139fd95282cf923a877fc34548","first_seen":"2026-04-20T23:45:00.235127Z","last_seen":"2026-04-20T23:55:40.681515Z","times_seen":2,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2616266636.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2616266636.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9422\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9422,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f0450b6ab61cd47f6925e563c69f50b7","sha1":"a672a8c020357c3d2fbd496ffdd8841d67c9b134","sha256":"9c91cdef2e71282b199b2bcba44dfff7c9d6e8b1a88348d627f00434f908cfff","sha512":"075887ff258e64e004d48b71b59d3b8a445bef12de518b1ba579a3dbbe2264bef4c223f7c0a8909e4749418c33fff0bd8372a355d178aab88a5dc8c9bd077147","ssdeep":"192:Fl9ax2fVCMquS18fbwpaY/muwqMuuV3OE9DxJpc:Ix2Wulb0/LwDuuV3BHpc","tlshash":"a3129e7a56166916c20113b84ba6cffc25207be19f55558f0134717fbc03869d73d0ea","first_seen":"2026-04-20T23:45:00.236322Z","last_seen":"2026-04-20T23:55:40.751787Z","times_seen":2,"resource_available":false,"data":null}},"time_used":126,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2185646671.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2185646671.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8630\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8630,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0ce41e07f6f1bc7780401a32a9f06239","sha1":"c86e391b67318b74ef93bc91604463561d2d5968","sha256":"a6e3bb0703f772bcf4179e9ab7bec2f3d93107728243046fd28dd6175f15cf42","sha512":"cd4242b4c08ab8ba71fe477b27fbf6813df5aff2ef0fad796217b09c0a6fccf8f824a33fc14fd67e06ca91a1c466433e7e92fdd780fe7a111b83a625fd05b35e","ssdeep":"192:KsxvQD/gz7uXGQ+xqk6f1+dbndS/oBrx/37mqzCGIcSFxc:pxv6GQqB/bnJrx/34AMc","tlshash":"53029deb019cd724dca01d7d0aea9380a992a9f5741c5638128ef9caf8cffe11942d5d","first_seen":"2026-04-20T23:45:00.237704Z","last_seen":"2026-04-20T23:55:40.708084Z","times_seen":2,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":122,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2114342601.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.081Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2114342601.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7358\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":7358,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"42ff24467899fc2f4b54a7bb760e3f70","sha1":"efb4a739fc1b35c6ddb4bd187c2f94c9cd3e9db3","sha256":"62509d442110e0f90c9717a42f8de3762c04907614824dc439b825523aca7bb1","sha512":"1e306580d38bad3cacec3cd940045e92dbaaec7efc35ca824ec16a89e5775f39a8ac9be6e54bfe597f8d7745ee93250499b672558b16edfe73a8faecd54a74a3","ssdeep":"192:9xKx5uDmOaf+TZXArGkcNx+dmCcIz3XJLNvc:OxgLaf+FABcsrjvc","tlshash":"16e17d31ba529f59c007c2bfe97ba335ef5b7440050ec4a736a9677ad5c3c112ca9a88","first_seen":"2026-04-20T23:45:00.23912Z","last_seen":"2026-04-20T23:55:40.620807Z","times_seen":2,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2013999507.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.203Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2013999507.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 94817\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":94817,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3","md5":"34b70f447e349b204668dc1e966791db","sha1":"6ac53bf4756192cbc36b2cf76ec217dc8f522c86","sha256":"0ac6a06f71ad044a497e2e717633739712345c15022dd7a86b11bed9ca43c304","sha512":"a6c8f0a99e77c9e02bc093b11f6a74bd99b83be7a22c85e97b1691cdfd82f0d2b983d2a02cdf3c3bf3b3f17a30f4283aac8445735ed475f0801de1d6c792d110","ssdeep":"1536:aayewfE0Thvkj4woq6XVk53Q+YHuyuRG09FmSL2rsgh1qmaVsVM:is0Thv0loq6X+PbyuRGuw1MVsm","tlshash":"219302a17993c3baca3155fb78540cce77b3141339d0e9e6098076bb1bab2692d4cdc9","first_seen":"2026-04-20T23:45:00.240726Z","last_seen":"2026-04-20T23:55:40.744911Z","times_seen":2,"resource_available":false,"data":null}},"time_used":228,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":41,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/prod/stores/themes/default/assets/images/avatar_female.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /prod/stores/themes/default/assets/images/avatar_female.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 8424\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8424,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"cc67640b5ca218816ae586bc78c3606c","sha1":"44f1770c41cf122be5aa676ac82c20cd4a391b68","sha256":"a6befba1843e4b2602327936d9fe340c55c11747b7ad0a077593cb629e5bbf44","sha512":"17c63939871afcdb55f430a1c8805e1e6ec77840e85c32cc228d3c0a57f4d0338467ed36f67b15c36593acced1cf7f7fcf43eeabcfa6efc12cc0f7baebec315f","ssdeep":"192:gpwJU8GqJWHX/noNJtjM6YoClgSmOmQHHTZR9cvRl/bzwP236:gegqJuPoNDLYoCl6O5HHTKvTCk6","tlshash":"d102af6b175913bf631d4a63494b63ab5921b3393b2c274667f830ab350455ecc9b309","first_seen":"2023-08-17T16:41:57Z","last_seen":"2026-04-20T23:55:40.624168Z","times_seen":46,"resource_available":false,"data":null}},"time_used":161,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":161,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/images/s-empty.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /themes/1034648396/1.100.0/images/s-empty.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 118\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":118,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 390 x 220, 1-bit colormap, non-interlaced","md5":"c48aff23177844ced15c05ec5754b521","sha1":"6de51183b64280fc6e577f9d4d97266b99334230","sha256":"abc95f76d3063f2890fd859f8f1bd3b347adb51a9010f442b800076fb8d529bc","sha512":"ca231f736e044d82550428ec01d8a6ab73d09f41f66cbfee36400810de69510df2d4e16b49e313a24da80ba2c1f48b2b4c193696ad958dc2947112824d7eb1b8","ssdeep":"","tlshash":"e1b092d3e2d51c70d6254932861c85a2cb60026e61196186408a546728a1309c0e9a4f","first_seen":"2024-04-17T12:25:33Z","last_seen":"2026-04-20T23:55:40.674969Z","times_seen":11,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2391817080.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.902Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2391817080.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 20470\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20470,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b53eaffb744769d390be67157505e10c","sha1":"138b38b108321c51e16627acbfae8efc8de918d7","sha256":"6961bb18e27778bfb35bcf6a0eccd1ffb8b16192c52ef6f3b2b1dd057932a127","sha512":"a7fd78df0304de1ee9e85e56a75cb6f2ddac21597a5717c5b70e4a127c4d5f5fd1ec9003f0b44878676f4a830a278743ef521f5471d53df36dc27888b229e51b","ssdeep":"384:owbhV8Yi7e2qxAJ89s0RhryTajOTilskizDWKPUDKC:37/i7tUAusmymOU72Wll","tlshash":"2292cfc0d28761b4dde769fa65f05b2d87165080b3fcda22c216472f7be4f946a6e088","first_seen":"2026-04-20T23:45:00.247065Z","last_seen":"2026-04-20T23:55:40.713407Z","times_seen":2,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":33,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2449857443.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2449857443.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 33932\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":33932,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"e569d1642074917e910af2604dcb6d8b","sha1":"bacfa5afb4534f8a453e9eea50dddb499bb8ee7d","sha256":"2fbcfdb11a5a8c3f989f0415b24af4e2294747b77be86e63d32457092f537b78","sha512":"a37e4e7a4830adada68e06bfc733e5a70220a530cc107a9f99f31253ed9342cfd73541a137131edabe33f010612baf38f039775be18b5334f14bc42946c00443","ssdeep":"768:5HfBXOcrDLU8zDxhhi7cghJJg5R4corlJgHqLC3PIjgTRvP9wQ87dfXP:V5XO2DLUiDFwZJg5R4nlfIywjwdff","tlshash":"dfe2e119ae70970dc2bf5872246333cdb3f4c34225856a9e34e5cc286af9d2267d899d","first_seen":"2026-04-20T23:45:00.2491Z","last_seen":"2026-04-20T23:55:40.735564Z","times_seen":2,"resource_available":false,"data":null}},"time_used":123,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":34,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2104719177.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2104719177.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 81801\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":81801,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"6b4fe973caff03d9c4990cff095dfd7a","sha1":"5677d1549006cb6b6dfacc1dd20bec82cfd9b1ff","sha256":"5b87be4e2bb1aafd89e103b8b10a53d44e9cce4a5609fc1d157fbb8ea3a0d4f5","sha512":"5ed98eecdf7ac4610ecfeb8d42fcd628ef90f8ac9f71e6f512deda722d43b274a382e66f22ad53be4ebb60cd0bc8cb9df4dfd3544c0a2923216a720505d97498","ssdeep":"1536:MHXv3MAQ3kjdufg4Dhn8n1eWDuPQsHkJVtf3WhJbUtlXas++:kv8Az4Dp+8PEVtf3Wrot2+","tlshash":"3683e14bae2874ecd88d9019067d3ab2f3c4c063bf58841f963c7454e9e9253d69aedc","first_seen":"2026-04-20T23:45:00.250801Z","last_seen":"2026-04-20T23:55:40.755315Z","times_seen":2,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2553113109.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2553113109.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13056\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":13056,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"c9b0455d616aa1118a69318327a7ffb8","sha1":"6612d78d41e6a93976b6e24b1e9e5d0a23e6847a","sha256":"637c390c540088002689740c2a96d9eee7c34aa7a691cd088a10b4fe3b41aadb","sha512":"203542e228fee60cdd4671c85fb086c8c526e17b2b2f8aa2676388e361c289da098da66a54f3343eb766d2940183540cd8689349d447dd440c08008a515f5cd8","ssdeep":"192:xgXmBRrXbUmoYP/R1AoRK2xnV7zhPB609hO1ItBhvovUO9Fh2ymnttfkKKdFkFPm:qcrrUmVEoPrzNU0vvBasO9FojfsIs8ls","tlshash":"5142d1b8319a6214ec9dd2714c02ce31f596b64ae453ec9ef4f1383fb8bbb265516701","first_seen":"2026-04-20T23:45:00.252469Z","last_seen":"2026-04-20T23:55:40.623453Z","times_seen":2,"resource_available":false,"data":null}},"time_used":216,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":216,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/prod/stores/themes/default/assets/images/avatar_male.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /prod/stores/themes/default/assets/images/avatar_male.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 5990\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":5990,"size_decoded":0,"mime_type":"image/png","magic":"RIFF (little-endian) data, Web/P image","md5":"b8a354caa1552e4455acf266efab3e4e","sha1":"fe05d4029668afcac4a2351f87d5fb14b9147516","sha256":"f95bffc1a7b9799d980adc7a0aadbb12eff3c577835ebf79dba268fa534d99e0","sha512":"a181abb4504bcb79081209aa87abf9b6050bb81cb5ed5971624bf8e80cf42a8ba60aba88fd5caceb7214b942d24f49142d2f9f61e30b2bae02735ab8e30e61c2","ssdeep":"96:tZ076eDjmMDQ6QCkwxSQlzCCoedx8EPRj/qYBoK4EnLteHZEjj+W0AUAkudiE:tspHmMU6QkNVNoe8eRLpoK4EnIOn10Du","tlshash":"9bc18e60df5e8eb5c6f4e1033f0feb0a83276a4509842cd981d894768c99e92ba0409b","first_seen":"2023-05-19T14:42:47Z","last_seen":"2026-04-20T23:55:40.606719Z","times_seen":128,"resource_available":false,"data":null}},"time_used":176,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":176,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-d2b0dbcd.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-d2b0dbcd.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":23922,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (23837)","md5":"dfd12970760ec973fa88774c2b431c08","sha1":"b7aa96b5b73e703f140183ea0928b84880b884b4","sha256":"95c1499a196e36c39a066e6d287ada8738c750854437eaafdb2b5264ceefbdb2","sha512":"e02fc074870043942e01bc92398efde78b21f653a6067e188bf736442232b88709fbe4f2549e5a82f341c4d20a26d83ef8b905a695d21ddca07b73dc7d967935","ssdeep":"384:9ML9MMXlbYGnsToJ8aQKzwl2r6RFtya6s44xLaqcG3W/e3iX0GwcMtA8zcvJRt6o:9E9M0l7nsoCtB8EG4zW/8Adxj","tlshash":"b4b2613bd3b54473059273a73b44d4c2dcaa3287b3880b6916d8f429b3aab4d57319db","first_seen":"2026-04-20T23:45:00.255773Z","last_seen":"2026-04-20T23:55:40.698224Z","times_seen":2,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/fonts/lib/sallaicons/sallaicons.ttf?j893vb","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.785Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /fonts/lib/sallaicons/sallaicons.ttf?j893vb HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/fonts/sallaicons.css?v=2.0.3\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: font/ttf\r\ncontent-length: 273708\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":273708,"size_decoded":0,"mime_type":"font/ttf","magic":"TrueType Font data, 11 tables, 1st \"OS/2\", 14 names, Macintosh, type 1 string, sallaicons ","md5":"2148a52f7863ae0f24b082ae51a93934","sha1":"3e541e4896b6d4b6f7b05ce81cc4b05ec9150bb9","sha256":"dd91d5c3b25129f4b4b11db2a6943bad5ade118ce116287024f3fec8686b70ef","sha512":"dfc55d879157be86bedd06825af520643fd0c0387205dda76c106de088ead6bb383df66232627f88ce4d21347231f172ceb3baebb93b02d6a4279a9832a4cc08","ssdeep":"6144:6Q/2smrJCvUIhrOpEWQ3Iuh0dVYPaSJvZB3eNodgsfIm88gcgP9wkooi+3vNFBiL:1ySOdVNfC7x+/QGWj5H","tlshash":"0c441a76975bde9ec8494b7b283642f00cf5c531e23e94466b8b5c43e91aeac48fc349","first_seen":"2024-06-16T18:10:11Z","last_seen":"2026-04-20T23:55:40.640192Z","times_seen":12,"resource_available":false,"data":null}},"time_used":37,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":30,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/app.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /themes/1034648396/1.100.0/app.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":125169,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"94b79e00bd579857497c744e9d213c9d","sha1":"b823726286b2f99705a7e72ed07870a0144ba72b","sha256":"89338cc0b5713c8521d303761d1f7923a2b389b19fdf6bdb03a7181991e483e5","sha512":"77abf1d13a571f902e4c1913247b9bb2af4469f200f1f6e150098ab0de5f1040d6168e0be2fb30ca18e133c97c05f584d74b948c42866f0164c7f2d7053caf68","ssdeep":"3072:elZW09nHuBsbgZyF9G6rMo1YjSdI0fsmU:KVOBsbgkQy1YjQw","tlshash":"a5c309987685f033a3a7517a50afe109b37a6845fc5a8814f429c4c46dbad4e6333fbc","first_seen":"2026-04-20T23:45:00.258762Z","last_seen":"2026-04-20T23:55:40.676231Z","times_seen":2,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1742048673.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1742048673.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 226766\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":226766,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 998 x 1000, 8-bit/color RGB, non-interlaced","md5":"137bafc5f433c53630aca63858ba536d","sha1":"adb1218a80bd4cf9af0d2e413f4fbcedd57424bc","sha256":"1da4e984dd7a8035d1eefed91574d06199213a15edec1a2ab5062f466247d091","sha512":"deeff6794f494c1db22bd9815296842ade867432df2cd248857d03f8db8e5e66aabeceba049cbc5562edf384799545aee714aa896380d5ab6949eac3d4d24481","ssdeep":"3072:9Jfrts14E0Fr2RKc6YpSal9hHgpGyt+rf3Cd6tMwDL/XDqDSmNIx0oaZugkrj6Nn:XrtsKEW6wn6SOmcW+rrtM0qD98r6rj","tlshash":"28242390fa9fa59ec5ee291b14c5b24af7b33a5d419f8c0373c4097a1ccbb326543299","first_seen":"2026-04-20T23:45:00.260022Z","last_seen":"2026-04-20T23:55:40.69688Z","times_seen":2,"resource_available":false,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":116,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2499042303.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2499042303.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 85426\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85426,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality\", baseline, precision 8, 800x800, components 3","md5":"0bc7bc6acf8a85f04d0e37b4bfaaf2bd","sha1":"b20168b75aa47cd27b04f477652befa9bb059a6e","sha256":"a94d2adf71b2de8a82bc880e9a5d3661689e1b919a6fd59e199b27a422843a3e","sha512":"beff7abfe3c4767fc6452213da590dd8a356aa055444bb2fe46270a80820f4a0ad87455433c87beacf9877e821e33e74f25bba37cc9cd37ad1efb9fb3f7cda42","ssdeep":"1536:goun3irr334794Z+oHgq7lqvTnBjGNejKwReZeJ1v0a:iiP3KK+oHH8vDBjHSez","tlshash":"f683e157c405ca87d928c2e4fc0b8ec8675d3b0dd161eae715970d9b7ba4a7328e903c","first_seen":"2026-04-20T23:45:00.26131Z","last_seen":"2026-04-20T23:55:40.683573Z","times_seen":2,"resource_available":false,"data":null}},"time_used":213,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2676880816.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.202Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2676880816.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 127278\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":127278,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality\", baseline, precision 8, 800x800, components 3","md5":"51c5233cc60ba985641a9717d1d676e8","sha1":"dba49ae10f0b741662db1ff9e71b825190c50d3c","sha256":"ca781ad39b24f48f8f3ea861fe12aa0e2bee640c3c3757f7108489e77f8afcea","sha512":"2118060ecb82e92df80860708786005d1361842107930e794f00245fc65a4ebcfbfa626e8048c70ef02981d440bb045ab2b9fb233f89bb3ff68f62e44e04a04d","ssdeep":"3072:+roiIlBtSgFU+9UsgBQbCFsTu+iaZ9OjptLjBA3r:+siIlBnUE0KCFsN/Z9hr","tlshash":"a1c3f1175c088a47e27102f9bf175e4caf172f1d5d9972bf00160d8abea06356cee19e","first_seen":"2026-04-20T23:45:00.263015Z","last_seen":"2026-04-20T23:55:40.598419Z","times_seen":2,"resource_available":false,"data":null}},"time_used":227,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":187,"receive":40,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2150263773.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.224Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2150263773.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 13701\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13701,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"92381f9cf07a7d487533975721c012af","sha1":"87f82208bccddc67fd846534cc17c86b573a1023","sha256":"cc3a5caf2013bb2ce8c33edfae6302c7e631aede9a857d61859e6d893fcf2c96","sha512":"247cbb2ad53fd33829fe9370cc40a6eb8aefb40db21d50a060091da242545616579f673ebcd4987ee0edfc27c1734727004077cdb2ed54f05f62bdd44e6c90e6","ssdeep":"384:YldTXdMG/caiRZgxzN9TflLuMsfrWbitUx:Sd5EaiyzHblqD1t6","tlshash":"0452c064b6df4ef9dd30f2350a5c062435ca3ca5a2fbcbad7ac0a12d385d5578b8428d","first_seen":"2026-04-20T23:45:00.264474Z","last_seen":"2026-04-20T23:55:40.712964Z","times_seen":2,"resource_available":false,"data":null}},"time_used":195,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.306Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:44 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12332,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (12331)","md5":"88a769d2fe35899fd45a332a0a032cc0","sha1":"514c6c1d8475d17e412849a4c90159517d0fa10a","sha256":"ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142","sha512":"756cc5cd029fc4adc9100d0da2f2b0efb3df0f2bf894fba2824019832fea594edd40a238a5ffacc205572cc0155f5632d70f54e37edc0772460f44c69cb76ab8","ssdeep":"192:3dArCS2Z+j/yQ9TCQxUhW2DPY808LE676SbHDc/7uN0VZG05w:NHSG+j/y2xa3bn7Q+0a0O","tlshash":"7442b79c7e95ba30079b91b1a17ff30f6276605a640bc0a0b05ddcd1a878d8d192bf75","first_seen":"2023-03-07T01:02:06Z","last_seen":"2026-05-02T07:31:34.373109Z","times_seen":102055,"resource_available":true,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/form-builder/2444075386.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:48.069Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /form-builder/2444075386.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:48 GMT\r\ncontent-type: image/png\r\ncontent-length: 1208983\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:48 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1208983,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1600 x 824, 8-bit/color RGBA, non-interlaced","md5":"e00ddb9fdc57906dcd437242927501c8","sha1":"51e0a2889da217c80f147716a53491c0195d3ebb","sha256":"5ff18f4db26f1d4253991cec6aa1d1e054434f693905528f20c55659211ba1d6","sha512":"38a5e3cec64f24d3921ad640f6fb6bed266d4a369115d45103e5aedcb68048c13b58e3ddbfdfae123946c243c086282552379f311189074a7f19ed43e285599b","ssdeep":"24576:qAJbiIa79p+CPXdfVQ02h4vPtgIZwys21zSSKTxKQGrvQrq+iE:RZm8CY0zrlf1zS7T4Wq+","tlshash":"81252355b30a26ef9b033954d62c81856bf0f5f2b7fa05e5b8a5d0ce903b686007cbd6","first_seen":"2026-04-20T23:45:00.266497Z","last_seen":"2026-04-20T23:55:40.702149Z","times_seen":2,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2194812435.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.903Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2194812435.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 31312\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":31312,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f57ec6da1a4514850711a36feaec595b","sha1":"3ff83284a328858a0e51b47e137b7588600fd9c5","sha256":"05e02c4810831e6ef0c954bc9e3981303edd44eb1fbcaf4f0dad98755b9e2d02","sha512":"5490d5644171ce4fa001aad7dc5cbd65b4dd9d215709eeffb630a8598db62560cfc37cde601789453fd8b159ed747405cb634802933f8e55c60e96db9463a1a2","ssdeep":"768:RKqSioyoELaQ9YnZlGAGRrd6AaC42sONKpTe4vvOTSbdq:RKqSLZ7ZDgd6q4ENKpTdvvOGbs","tlshash":"39e2e1398da1c1e4d987e2f790958f876226085eb7ff4cdae6c9c231152f8d94f2d0a0","first_seen":"2026-04-20T23:45:00.268178Z","last_seen":"2026-04-20T23:55:40.704676Z","times_seen":2,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2242073687.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.917Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2242073687.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 31292\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31292,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c2d23193494edeefb1fe00b607fd8ee1","sha1":"ceba4e9d81596b892dd70f5d52330988e09d8beb","sha256":"6ae45ec456644e697951b7baf5075769c13a75a46de816039d06a47f8192e7df","sha512":"33bfa6f14ef52d9d7eeab6a6a7a52265563301ed894e0aaa6410a8e8f97081d9eaa289cc26445a28a85345387ed49af33e93273211b8ed12a10ad7231e2b48f1","ssdeep":"768:N1peri3Mx414Af7Mlr3FYHGkT5nPkEugfa6ouRtpnmGhaLSDw:N/e+3914AfIrj8sOjhYaw","tlshash":"e6e2f1cc9ad71e04c2c5943d0edba8272b2f3f4da8968d968f0e0dbc5663bd440829dc","first_seen":"2026-04-20T23:45:00.269771Z","last_seen":"2026-04-20T23:55:40.742781Z","times_seen":2,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":100,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2099824433.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.003Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2099824433.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 83730\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":83730,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b270603acec0da52c1b875003e2cd9e7","sha1":"aa9c52edda41002dd3343147680f6315c7c89ead","sha256":"747d72702dd84c80e2c4f9e82d91bf0ecd56b8ab35c84dc8d30a36bba124c974","sha512":"5287d841b6a470a82f912146bfa42c124141fe5dc0a8b1c60f15c1237468b33e8cf3b877bd189fc352342274c587d9f99dec0652823cb9e4ca869105881f53f2","ssdeep":"1536:HEhAVzA8vy/XHaUWDUU6NMsyk7GEXHPtI7uLqTrPyBcPdeehoIQR+TsS:HEeV+/XHazD4LyCGiHPtI7u2TrbPkehh","tlshash":"2f83021a320b8ad1f5567c3df064dfdbbb6b582c61619048d98f4d60ae69f60e30af12","first_seen":"2026-04-20T23:45:00.271143Z","last_seen":"2026-04-20T23:55:40.70647Z","times_seen":2,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2540678618.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2540678618.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 56030\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":56030,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"375c52fc2c1ce6941506591ee806b9fe","sha1":"d2ddeaf7857eaa5bd121761f816450d5bb51881d","sha256":"7f648b40e4d69084659d1b75118d88ceba63df8e3ca5009c71172a201f8aeca3","sha512":"2ceb7e93b3d693b6e1fc6ca0484feefe57a112122affd672cdb2da1a48d9646b8686524ddf73251e63d241f9c990f7d4e4b0c7cac8dd519f43a06b4525d07d0d","ssdeep":"768:rQ610MUvGXZk9cLvapXmYjKB+leK//0k1a7T+56patfai1+prszJnPHS2AWz3kjp:rQRvcLg5ledMa7TPpsL7Vn/jLVEBR","tlshash":"f143f1d236fa48aade2afc77917e885a3b3dd05619dcbd2f51719c116ed00e027813b1","first_seen":"2026-04-20T23:45:00.273182Z","last_seen":"2026-04-20T23:55:40.738646Z","times_seen":2,"resource_available":false,"data":null}},"time_used":208,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":207,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/darkmode.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.815Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /themes/1034648396/1.100.0/darkmode.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1649,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1649), with no line terminators","md5":"876b11ea6011ee6406e7c5c2f2c2be58","sha1":"b45376c2716b208a65a13288e949bf5fe348c1c8","sha256":"5c7a2eecf2ee261063f1c3740818ab509ac1c72ccc08980b1b5ed9d84fef7a1d","sha512":"2d4729a579a1612f385070f5b68fed9d2c024dfb6932dd7c42e8a250e60c2cf4915afdbd8dc2d40a499b1d5ab64d2d501dc2f1f0e2404ea0f9e77c378eca3c17","ssdeep":"","tlshash":"e2316c763c0d557f409b11dfb2c6ebe93a2918dae9c85530e05cc44a1236dd74220afa","first_seen":"2025-06-03T05:34:24.833597Z","last_seen":"2026-04-20T23:55:40.652687Z","times_seen":6,"resource_available":true,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-61858adc.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-61858adc.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":636,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (553)","md5":"17650354695ac13d5061437c4d89f5b3","sha1":"edea3f21350f081337e85837c32057763352c7aa","sha256":"4a9ea07a79bd182ba7f2baaac59920589074e2a31e7da9986e6840dd6eeef6dd","sha512":"a3233fb1e12fc7d4f2f7e7ea6cfcbb98d38427f394ab99bd0434b352e1864f0aa3824ed3f3099d0cc99a0989304aebb39470a06a0933ef4f5ea9240a5437974e","ssdeep":"","tlshash":"27f0dde8d330e03c099a66dd8b0268e17196a065c2408808b5f898e68063cc8a036ccb","first_seen":"2024-08-04T21:57:29Z","last_seen":"2026-04-20T23:55:40.684674Z","times_seen":19,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-e44f4650.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.218Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-e44f4650.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":798,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (715)","md5":"1b04da523961f63a7461d632ad73f741","sha1":"d0536a6ba214394876ab1741f2f95ae5f35b9b18","sha256":"d2e1181c008922d223b81bfa4181770be048a04a6499622a94ebbe6b214df890","sha512":"a3a391bf416ed1bb64dab3570140e4ab81cd238eda912e7aba7cec555318b3f42d1c0b59f7dd3933aff8bb8d656f24a9075f5dbe4f526b7ebb401ae818882919","ssdeep":"","tlshash":"b701f1ece370e5e4188e49c82b1934cc70a9252973e00d0cf3b552ab40434cd70a0d8f","first_seen":"2024-08-31T08:34:01.665499Z","last_seen":"2026-04-20T23:55:40.61524Z","times_seen":17,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"prem-box.com/ar/languages/assets/17317736394.js","fqdn":"prem-box.com","domain":"prem-box.com","tld":"com"},"ip":{"addr":"172.67.194.18","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.857Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"prem-box.com","organization":""},"issuer":{"commonName":"WR1","organization":"Google Trust Services"},"validity":{"start":"Wed, 08 Apr 2026 03:57:52 GMT","end":"Tue, 07 Jul 2026 04:56:34 GMT"},"fingerprint":{"sha1":"55:D0:CC:77:60:95:21:AB:C0:F2:68:E0:7E:E4:20:67:EA:1F:B5:CD","sha256":"A0:27:EF:FD:72:00:01:F4:5F:CA:AB:34:F9:CF:23:F5:53:86:75:75:C0:F8:80:EB:47:08:47:9E:45:2B:78:FE"}}},"request":{"raw":"GET /ar/languages/assets/17317736394.js HTTP/1.1\r\nHost: prem-box.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nalt-svc: h3=\":443\"; ma=86400\r\ncache-control: public, max-age=31536000\r\ncontent-encoding: gzip\r\ncontent-security-policy: frame-ancestors 'self' https://s.salla.sa https://mahally.com/ salla.partners\r\ncross-origin-embedder-policy: unsafe-none\r\ncross-origin-opener-policy: unsafe-none\r\ncross-origin-resource-policy: cross-origin\r\nexpires: Tue, 20 Apr 2027 23:43:47 GMT\r\npragma: no-cache\r\nreferrer-policy: origin-when-cross-origin\r\ns-request-id: d7d64d52-6e51-4767-9bcd-ecb3d0b6df58\r\nvary: Accept-Encoding\r\nx-content-type-options: nosniff\r\nx-download-options: noopen\r\nx-envoy-upstream-service-time: 735\r\nx-frame-options: sameorigin\r\nx-permitted-cross-domain-policies: none\r\nstrict-transport-security: max-age=15552000; preload\r\nx-trace-id: 25ea44924b334c6c94c27fd805d5d69d-7293a9960fd543f8-0\r\nx-xss-protection: 1; mode=block\r\nlast-modified: Tue, 14 Apr 2026 20:50:36 GMT\r\ncf-cache-status: HIT\r\ncf-ray: 9ef803646942b518-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":220723,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (46719), with no line terminators","md5":"c1b79a4eef93b92c05775621738dfa05","sha1":"0d7546c5d03de970ea56e6993b11d0f49453dc5a","sha256":"e7d3ca1fa78d68d549e964cab1081745f0c84939b73296895ace448395cf3ee9","sha512":"38add45a904dceef48f2cdd0859a0257ce8503aa13cbeb66adbfcf50d0aa6dfbf324f77f29bd1a99f8fd2009210f948320cfe37101783254f692c087d4298495","ssdeep":"3072:OonLFusWmJ4xjDttQxbk9o+gQDvbp0reIvWeN5N:bTWm2Y+DDFDuZN5N","tlshash":"eb241bd64a38883617d68b9bf0cb3959d4f80c63939eec318cda861c43d6695e35b43d","first_seen":"2026-04-20T23:45:00.279779Z","last_seen":"2026-04-20T23:55:40.753592Z","times_seen":2,"resource_available":false,"data":null}},"time_used":186,"timings":{"blocked":48,"dns":37,"connect":1,"send":0,"wait":89,"receive":0,"ssl":8},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2563067679.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2563067679.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 21494\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21494,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"9d244b9ab0d1f244a6c0305fe3ae5f2e","sha1":"5c45b423fd4c45925e21914975b54936c83d7e59","sha256":"46ecbe2c5809a5309d9ff46fcf0746c9d58193ecbcb58dc222e64a9e104b5315","sha512":"b7e3de666d1aa9f378dd67480c4497c938738cc5ac19244513451d15d90dd49e583b1a462404be65494d13af631652ecfbec273f6b22dda6322b9c94d6aab7ab","ssdeep":"384:3An1x0Dkm62S6Rp9fWZ2d1aSgJv2yTrLsVY+hXXBorO279VkbbTVZQ62xaoC:3U12km62dpdWsSSgtpDsVY+hBri+JZQo","tlshash":"1ea2bfbb014454ead2e2acf961fd7f914303a057b91fa727ae92b49b5f422c53790433","first_seen":"2026-04-20T23:45:00.281728Z","last_seen":"2026-04-20T23:55:40.595388Z","times_seen":2,"resource_available":false,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":32,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2520098172.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2520098172.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5758\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5758,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bb4a47b14ac852e31cfca8479f117990","sha1":"96092ca42a9900d6f88b0588a49e8fd13d5e81b1","sha256":"695869c6e74faacf4b7fe7e3036ae33d9428a0d2602632a68321c5a6ef9c3c55","sha512":"902a508d97aa942817d7484f8f36c01d7d1d6cf3c3725af8e24a13be22b2e6741b789fa3b8d885de6b7685bf87407bc8a40f213eaffe36232b798354572ed72e","ssdeep":"96:AIl/X/4ijrs0gJwd2412uG6Deq8HuSBPOpywR1h4DwQpbGgcIKBkuX3zZ+WaN4W0:3/7HBqcR1RDpSBYR78bGiK5Z+B4W/c","tlshash":"eec19f7e35350d7ff4c9577870fc0f211be9afd44f799258b60409222798a23baa880c","first_seen":"2026-04-20T23:45:00.283101Z","last_seen":"2026-04-20T23:55:40.717585Z","times_seen":2,"resource_available":false,"data":null}},"time_used":93,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1881848660.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.172Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1881848660.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 509747\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":509747,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"0298ab09aeff5ea13978c53c4944161c","sha1":"c32955d6fc00bbbd73b115276a3a192e73f1e5f5","sha256":"3c902114cc7e91aaacca6901f69092f998e12d63f595d6b503a49cb7cbe6bbd6","sha512":"42a04606676acf1cbbda8fa49b501b9c08b84313f3ef958da5754545830381edc6a6bab211d4b979136208db3d5da56b16a4723f7a149b476d5c3c2549388505","ssdeep":"12288:hw6VMhT04DAa423+CgBIcQTtfCVJn5UEafwIluW+sCCOBUZ7fmyBSt5vZn7tOW:hwXlDn7gBIcEA+hwIsW+8OBs7+thX","tlshash":"dab423b971294c60d373a6f5b88bc520e4f08c5d9dac3235d2cc9e99cb2fa15894af53","first_seen":"2026-04-20T23:45:00.284613Z","last_seen":"2026-04-20T23:55:40.668701Z","times_seen":2,"resource_available":false,"data":null}},"time_used":169,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":145,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2513704256.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.174Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2513704256.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 95216\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":95216,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1000 x 562, 8-bit/color RGB, non-interlaced","md5":"b081896d42ec4176ae8da91529abef71","sha1":"4e67450cb045723968045771a33a404ef1228b13","sha256":"8e99a84e2ac039c70691b909b91aff3f75af31b74b5882be883886e4180183ca","sha512":"d09527d2d3f9f9b7e46ac82f9131999add351fb3bffd55552e3128cf0358e2978739fc2311255952f53373e923ad130873f5a7070b75d0a7db6bf6b71dd28db3","ssdeep":"1536:uWlG1cnNmFoGfMg8iStYVNbCiMvlv6inZPYhFBmFxGQ2hrpAOQZSeYdye+:uBcNmZfMgDy+YHZghFsh2d2r/2yp","tlshash":"ab9312a31a5183a59fc522fc9fe0a61a260a8453423ef7fe117885e001a9c767fdf6c5","first_seen":"2026-04-20T23:45:00.286053Z","last_seen":"2026-04-20T23:55:40.669418Z","times_seen":2,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":147,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/form-builder/1821768220.gif","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /form-builder/1821768220.gif HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: image/gif\r\ncontent-length: 6572552\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6572552,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1640 x 624","md5":"2553f024b61b5db0968c1a9b20d2bacb","sha1":"d4859c2b003bb73489e259d6beea836f701be4d7","sha256":"66abd7598a806aabd1777b3e3cf8752fe7aafe89a52e188e82072b544a6bce7f","sha512":"07b0ac183011c1391d55a8035ad2f66a7dc5623f003a20521bd3c0d2ae5c4ed0fb255a46efeec37aa84f55189f2a5f3bd21e7d8994e4c6313f3665daf44a5648","ssdeep":"24576:OTAPPLKf6+0qtStd+tRLWE4Jp3s+WA7PHiKqlFn6RO4aK:OcLADSn+jAp3qATBqlJy1z","tlshash":"2a25331a0e4e2bf397dd63704928ccc9e0b427e2a69d792da8efc351c516db25c0de46","first_seen":"2026-04-20T23:45:00.287495Z","last_seen":"2026-04-20T23:55:40.614525Z","times_seen":2,"resource_available":false,"data":null}},"time_used":328,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":51,"receive":277,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-9776f50d.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-9776f50d.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":9033,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (8591)","md5":"3aeaaa33d24d8f26692ac09b9f9a5565","sha1":"e263554d3704dedb53463215a2c5b6c29f5bb627","sha256":"f2a5ba53fbdbd5648927708f6da6002525148d4f6c10e1a0a7c52211e1542abf","sha512":"8d799889e34763c2cc4d6ed43e7ffe2ccf8316d4f382e3e9e2f7d78961ff82a5abbd22f19a675f2dbc98df4ad0c83c20677b379d3a9b48116e7b5bf4f7eae69c","ssdeep":"192:Mdwp8tlV1dKG6fJYepWM150s7KFXR6rce3V5Au:VaPC5mFdel5Au","tlshash":"8a12a6ddf9bd6071038778b4d87f160eb23a39985058c110e892d9b6786a88ac737f3c","first_seen":"2026-04-20T23:45:00.28889Z","last_seen":"2026-04-20T23:55:40.740449Z","times_seen":2,"resource_available":true,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":33,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/1034648396/1.100.0/app.css","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.805Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /themes/1034648396/1.100.0/app.css HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":960244,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (21833)","md5":"2b02a22bea4a43c193094c6e97e68f39","sha1":"b1a3c14023711dd1d79814f6d54df8b60424278e","sha256":"26e0059a0b748932ef9f37b0ebb80da0c122e242ba3f0eaa705163da77786cef","sha512":"eb744227775d9dda65bd29f4b3846977d48cdfd6afa6535cd121dbfcf4626b0bd90565d88e7f8d3d2f4213555cd9a270a0eeeb45241923dd6e286d5b7162fa64","ssdeep":"3072:LLnGZDSZa5SbAleEFmvMQSfZIf6+QGWZQPbVa4NGPTBsz8JuhYc6v4BV+aGFIDPP:LLnGoZFAw2qB4WghC","tlshash":"2b15c808ea62147eac37c17d71daae4ef766b4d2dd67c55af8a7a00dc2c3394076224c","first_seen":"2026-04-20T23:45:00.290283Z","last_seen":"2026-04-20T23:55:40.70907Z","times_seen":2,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1968808887.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.848Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1968808887.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 192551\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":192551,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 2048x2048, components 3","md5":"4a34cad0e55e8c9a4e71f41b6217aa9e","sha1":"3fee814257fe79208272d4e9c36727b0cbbb8d3a","sha256":"351b72a7aea39487f3d1e5512a0515b1264c2bf3da3e56ce1933e7bb38a12e82","sha512":"4118c3b6cfd6e7a8742aab516cae49ae2cf7343bdbfdb13f6ec47f4f099da143bb071e83fcf80be73be8aa0dd065d1b83475f89e3a1b2d5a26eadf67a021b7f3","ssdeep":"3072:4I8TpD4iJzRlt5dfdyQD+LjiDiw1o/b3Nq/l8qytCpyRBF7Sif6Evk4+gsKylQpa:l8TpD4+ltPfdyQqLHMoj3NqRysG1SifY","tlshash":"471412e4874fd607e51df036a2877f01bab301ea81136b1af3914658dfc5641edb9e42","first_seen":"2026-04-20T23:45:00.292293Z","last_seen":"2026-04-20T23:55:40.648953Z","times_seen":2,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":79,"receive":117,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2604477582.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.015Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2604477582.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 46578\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":46578,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"db2d7ea17904292804e11c205de7d860","sha1":"e28cb509ee1df6bd95766cae1dc3daa54c5daca8","sha256":"0fd9188d61f0b32e2768cbde9db26b610e5c19e3e96418cdbda4b006c5d71a3c","sha512":"ba33c7181ed9e4146d1cb7e34cb28dfb981886dfdfbf9c1ab97e7ac8128d91593a34562969080affa7ca9ee773f6c2f084318c5895d32261ed12dc1f716634fc","ssdeep":"768:1/XxqQ6bC9Cyx62/bkDRVzpEWG3DFvrJgMynM2HQPM83A1s5flE6yFpfBcaApTEP:1/XxqwCk6Kb0VzpEWGbApQU83AWdlE1V","tlshash":"3f23f188688a575ccda3cd3ec362bee5e352fa3853b5667a6d70793112d8c4a494f043","first_seen":"2026-04-20T23:45:00.293732Z","last_seen":"2026-04-20T23:55:40.741114Z","times_seen":2,"resource_available":false,"data":null}},"time_used":131,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":44,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2346515620.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.055Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2346515620.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11318\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11318,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"77a615d3d236c18b743d2ac5b0737486","sha1":"f287f14e12366e8f098f9bcf65977c9cd2587b63","sha256":"6a25c4190180a95af42eb5b3989e6cd03a9a985dd3901a85c23d6f0ad5824bc8","sha512":"08a14d72356f3d6bf09463f96be998a83c6c3f0099ff858e840c63c0467a63781a14c19c8a6b892b2f2eed7a937beb330326a270a989f86f241dbd17acd31e44","ssdeep":"192:Vy7qK7oTeYUBni1IGzXU07dZhKuKY+oDVZMPSvcnIxO+DTmLpnuH62C6CTD5BRLe:yBnEIGbU8dOuE4jM02cappLRc","tlshash":"8632be7ab978aa51ddd395fd7488138521ceb4da425eb00325882337a6b00dfb0ccd6e","first_seen":"2026-04-20T23:45:00.295096Z","last_seen":"2026-04-20T23:55:40.641518Z","times_seen":2,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":124,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2189528788.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2189528788.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 7264\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":7264,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"52ce3114dd2f959018b37ad2d906ae45","sha1":"909e9e7701b508358cfb16098b430b106d4396cd","sha256":"46a8fb1d6e90c44fe74b5b0a98585d12294b1315b5e89803de4223851a0e045d","sha512":"4a678899e85b6d1ffba434f15efb37f02ae02e10688fe18a62ed91780fbde3d737115278c2fc39199fa1d8fabaf8f3d41aa4df949e8eab464becdc10227d17e8","ssdeep":"192:3c9YFyn5vLt+bMdzXFlDJTw1fXi0MpaAJvv/0s5kc:830QdzVBJWa0MpPX0sGc","tlshash":"ace19ea79fc0fb6dc187caf4543f63306a3a6d7252c78c43a602139e24919d4ac461c0","first_seen":"2026-04-20T23:45:00.29659Z","last_seen":"2026-04-20T23:55:40.758553Z","times_seen":2,"resource_available":false,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2106253536.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.115Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2106253536.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 85948\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":85948,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"dcb9d8277a7b1e14602232fb29dea0f0","sha1":"54ecb02ad89de2e43d61804b73617132563ea644","sha256":"4cdd4ca15d1b6e1d9f152556ee859acb77afaa72f43a2d88eb1b740d62dc5d6b","sha512":"fe4a173a52e4ecae009d51c4810508be1b3aea5537a8e1da66e082d7d3284bd80c97dc0519be6b43149d4327bb4ef5cdf693cea33ef2855f6a9545210a04e708","ssdeep":"1536:lzJCJbx2uYRre5fpdyn7VHbzWNjjW048P/7eD3qRRldyFoBIDpRRSQf61/5ZH6Lq:lzi3Cr4WdzYjS8P/7e+L7BID7Rbfa5Zb","tlshash":"2683ac85fa022ac14fbe9ff01996d55be8114220eee7f9795d13a8f0b546f9dc227301","first_seen":"2026-04-20T23:45:00.298342Z","last_seen":"2026-04-20T23:55:40.603413Z","times_seen":2,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":75,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2372298587.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.243Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2372298587.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 16440\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16440,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"dba74a82f8aef7acfc56a738cb752c9e","sha1":"ce51d4161a83607dab32e9c356d1ab1481af7a18","sha256":"27fa0a18c9c1f9904a6ee3a06e8204752d941b04554a7abc776d5b83aaa089de","sha512":"13b2147c085daf3c43db93ddb3ee02d853de7d4fe2de8a57d64f616200903014bbd272575de24a70be1d8a7964666179be0e59d95a3f80afffedd17484b7841d","ssdeep":"384:Qk/w4QbdPQnPbsbKWcirlkeSzNfznXzmyzwWlRCw15yTPmV:9wD4sbKWciKesJ7Cmllx15yTPmV","tlshash":"8972c06975927160ea82cafd2045fa0dfe183e582d365f7d175c4e692207e69ea001f8","first_seen":"2026-04-20T23:45:00.299914Z","last_seen":"2026-04-20T23:55:40.639583Z","times_seen":2,"resource_available":false,"data":null}},"time_used":205,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":205,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.309Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-length: 19948\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:46 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":19948,"size_decoded":0,"mime_type":"text/plain","magic":"JavaScript source, ASCII text, with very long lines (19948), with no line terminators","md5":"ec18af6d41f6f278b6aed3bdabffa7bc","sha1":"62c9e2cab76b888829f3c5335e91c320b22329ae","sha256":"8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f","sha512":"669b0e9a545057acbdd3b4c8d1d2811eaf4c776f679da1083e591ff38ae7684467abacef5af3d4aabd9fb7c335692dbca0def63ddac2cd28d8e14e95680c3511","ssdeep":"384:XriNpnjyMkg8XMtExRN1w29JIOzahXtO2nJ65:GijgSWuanfJ65","tlshash":"8d92d7def645723613f76076913f220b733b35a528068459812adbc22c3d98f6267f6e","first_seen":"2024-06-07T09:21:23Z","last_seen":"2026-05-02T07:27:30.160018Z","times_seen":334470,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2363171447.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2363171447.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 47670\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":47670,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bbf14774a0f230f69ab82199c6e56c4c","sha1":"195fd958872dd8b44ebd22244889050edb9dc44a","sha256":"949627612dc62fe008854d08e2d911da69c2d137ad90c863f1b8c507d0713634","sha512":"63384974462fe7750a45f8c47553b447a7a27883251a9ec6ff839a53b025ed68079b8cf7202d440052bd3e33eea03ee68f2ac60c8e47694b2a581d3cf28a280d","ssdeep":"768:WY5xMPOguPlMn2poOTmJcZHP1XTL508k2Y9vBs2ezfCl2iRXHTW0MW:rJLPenyTmJcZ9XTFNzCl2m3qNW","tlshash":"0f23e138eb324442ea4740b7e28cc9f931d6f05117a58d69f0ba95c34cdbcd396e692b","first_seen":"2026-04-20T23:45:00.302169Z","last_seen":"2026-04-20T23:55:40.654326Z","times_seen":2,"resource_available":false,"data":null}},"time_used":117,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2613840398.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.228Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2613840398.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 66430\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":66430,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 700x700, components 3","md5":"e94ee99f347c113cd8b8b5b0d8c1048b","sha1":"a7d2f803755759b753e449f03b63d4a60d520b94","sha256":"589b6edc7b87ee5fc0eec83af48311460f20bc3a7549a83c5cb46885806e67f0","sha512":"e7ab18c3e52614b30f129982dd58a46db932b38c442ad551e1b2d5641b5c3199ca5785e6ec6c2b2c8d6cac8f4bc1ff1f0d7eeb516de7ffefba4f4a4383eb0306","ssdeep":"1536:VTn9z4qMbMLsc0a2TgNGYuU1LKG2MN9wWuGCQAN4L+gqqO0qwJP:tblskN96cxPg0qwJP","tlshash":"9b5312d3ab4a3e62ccffbcb0610a42681475575d7c9401d6219a1adce9c0be2bc1dbce","first_seen":"2026-04-20T23:45:00.303733Z","last_seen":"2026-04-20T23:55:40.74605Z","times_seen":2,"resource_available":false,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":194,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/UZliYNlcK72ioc5EoYubenFjSivYcFOhU088qI9L.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.783Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/UZliYNlcK72ioc5EoYubenFjSivYcFOhU088qI9L.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 1930\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1930,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1203 x 386, 8-bit/color RGBA, non-interlaced","md5":"725ba504c1f918cf07b688a7b875dfc9","sha1":"0f96d91c182c0cb4e2540bd831cfb7f0b465edf3","sha256":"0d207d29b1f7b4f7a47536f83d8e61de99bbf678b56a0882f66f5a668cbd3c9f","sha512":"08517cdde26f1f3feaf60ec6b8970b13e0c1d2562615191baa68787a156a62f7d8ea8e9b1c5d080b9dcc67d0afe546566d161edf214878e6451d7e7a1f5bbd29","ssdeep":"","tlshash":"bc412bcf57824c76c50c0e32005f5a4040bf465c100120441a440008f0187c84bd3763","first_seen":"2026-04-20T23:45:00.306105Z","last_seen":"2026-04-20T23:55:40.753027Z","times_seen":2,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2605176511.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.846Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2605176511.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 31319\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31319,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 768x768, components 3","md5":"35815923d1b5ee14527a0a2d582c6732","sha1":"4aafc360b8b611be97c8087b637142dbd637e7f4","sha256":"6d8222ef6bc3f61c2f5e1a5ca81eb18ac8a129fa35d72da75d4833d7ead7e535","sha512":"ec0147498e0c27bfe37847d0777e455c54679c2ef882c38c3be71604f88594a9936145eef4bd9003c883bb0047237aa8c07059aadedde52ae36d5229fd1ea064","ssdeep":"768:2GuGEycUWus+A1qURoSv2xJXp5nKIcPFKRmrUTxpRHDFx:mutAFRoDxJXpsZGmro1b","tlshash":"52e2d1b0ab589c79c9706e7d429b360fe3bea1d131c06b962c66378c07e14d7478e297","first_seen":"2026-04-14T14:36:39.494825Z","last_seen":"2026-04-20T23:55:40.717097Z","times_seen":3,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":98,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2612848495.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.014Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2612848495.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 26946\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":26946,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"14a86f4c94c2510d546fd3e9247f7772","sha1":"39ede944a1001e3050d5d2bca81de595471f6c39","sha256":"39550878b7e362c80a885674806a9e9c6bd8a7270e1ac187222d7eb31914feb8","sha512":"8e9d22797e21303c8c492728c1acdffd578a34aa4c89cb6d6a12e2fc03490c53f36219fe32c2f316fc46663c6ce8f454cb164642828e17d2a3584d564222f7a6","ssdeep":"768:THvFkLBbnXvkmnD8q3CdaNQW12PZubJYz2fjv:bdkLBLroLdaNQMeIBv","tlshash":"cfc2e1912635d7dfc1c51cfe86a623547f9691a3a3648b2b201b5233dba02cccec691f","first_seen":"2026-04-20T23:45:00.31309Z","last_seen":"2026-04-20T23:55:40.713894Z","times_seen":2,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":89,"receive":43,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2680699711.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.090Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2680699711.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8630\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8630,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0ce41e07f6f1bc7780401a32a9f06239","sha1":"c86e391b67318b74ef93bc91604463561d2d5968","sha256":"a6e3bb0703f772bcf4179e9ab7bec2f3d93107728243046fd28dd6175f15cf42","sha512":"cd4242b4c08ab8ba71fe477b27fbf6813df5aff2ef0fad796217b09c0a6fccf8f824a33fc14fd67e06ca91a1c466433e7e92fdd780fe7a111b83a625fd05b35e","ssdeep":"192:KsxvQD/gz7uXGQ+xqk6f1+dbndS/oBrx/37mqzCGIcSFxc:pxv6GQqB/bnJrx/34AMc","tlshash":"53029deb019cd724dca01d7d0aea9380a992a9f5741c5638128ef9caf8cffe11942d5d","first_seen":"2026-04-20T23:45:00.237704Z","last_seen":"2026-04-20T23:55:40.708084Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/themes/customization/2134699887/1130931637.css?v=17330874501","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /themes/customization/2134699887/1130931637.css?v=17330874501 HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3449,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"1d785e82c75234745532588cfb4dbe23","sha1":"3238f5664e0ad191614beb528eb5469353897229","sha256":"f7f58b048920cf7cff885ca2896af0fce1f8fd3321a6f2ccaac05d6965af65cc","sha512":"ea8b3b5eea448375ef4d38faca78e5c4af49647c2a5ae54736406dacf6e0af8cb22f5dbde6f5362e9e3e6585a78e60715a9da30ae1c216abce234ba926d7c11f","ssdeep":"","tlshash":"0361a550d9f72cae7017c16937b75794663c4403d84e5e3c76beb1987f822d141e3a94","first_seen":"2026-04-20T23:45:00.31788Z","last_seen":"2026-04-20T23:55:40.612754Z","times_seen":2,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":94,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/form-builder/1906495345.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.071Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /form-builder/1906495345.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 490645\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":490645,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 2500x1192, components 3","md5":"a31e6c798304918f54288cc28555a180","sha1":"394d59cd605a3306b149deb9a6f0fd088ef62c04","sha256":"e8dd67ee058ef52a9569f8a057e777424a80cf572f908081b8b2b9191602cfa9","sha512":"044e3d9026b73fcd66a9bd60e885fa91bdccf83816cad7b84881c0b801c4d533482c16275b52160ee2950aadfc9bb2239e5f9d8ce763882619f1c03adca73870","ssdeep":"12288:ch3MC/s7pCx0DUD49HNBaW2wTZqfooS6Py+46LA:Ev/s9Cx04kaW2wUQUyZZ","tlshash":"f5a4ef9313ae8eb4c6ec293678e7c66c211251a7166f903ddd0fc9def99ced02096b05","first_seen":"2026-04-20T23:45:00.321599Z","last_seen":"2026-04-20T23:55:40.613942Z","times_seen":2,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2056522968.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.103Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2056522968.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 12760\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":12760,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b8afc97742f306141e49bcacade50359","sha1":"914c90376eb441f9937b30636cbca4e9c1da2d71","sha256":"98cf8708bab564797f2e35a37cf4d37d5fe31d82bd2de41185611ecb0e7a4f1b","sha512":"d8a09efce9e7c20c82e77435ade3e6e1d4eda531484e9a189faed8fb8ee3f082c3d71f6a4ee279754d8e66693c7a618fdc937255b512b0e0a702d3752cef50d3","ssdeep":"192:ccvHpwyaTFqVlV19YySFR00KF5mpqVSMnZcx2YHtbxWh9WlCq27PyVEr6/c:rKoVlVYC9F5mpqVSMnfYNbxWh9kQpec","tlshash":"8a42c0266f866a7ce6d65f7312f2d70c72110c860e84f9ebd515cb226813fe28c621de","first_seen":"2026-04-20T23:45:00.322827Z","last_seen":"2026-04-20T23:55:40.720312Z","times_seen":2,"resource_available":false,"data":null}},"time_used":84,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2291622463.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.921Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2291622463.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34154\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":34154,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b5dbe4a695b82d29a68d3488df40d20b","sha1":"7ef907caa12c4cd9536f5e501ae469399487d80a","sha256":"3063c0ef0f4cbdaac8c527541cbdcbf64c68b3dbd3cae06eb3ce411649344e59","sha512":"323840f3ea31226dcd9baf5b358acc0116a1e4ebc8b3143747d866afc3871bc44e7de6d2707e4101e129571e5c5c8796864b80134ae75a5e24fe05b96d62b762","ssdeep":"768:2eRjYUJiZCMT81xI2n8et+fEFdsrq1Sh5CUileW6Tq2spx6HdHhQ:LRj99MQRn8ecEDWauCp8qrodHhQ","tlshash":"81e2f1267a552929f05bf0f04d886b03c51eb17c9e8bb1fc27b83ca129532539899ee4","first_seen":"2026-04-20T23:45:00.326102Z","last_seen":"2026-04-20T23:55:40.618064Z","times_seen":2,"resource_available":false,"data":null}},"time_used":124,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2299572673.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.960Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2299572673.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 24322\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":24322,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b3831558c5cfba8a3cba6ef205adec59","sha1":"a271e1cdcbd9bbef761b5f1f58eca3198716ebc4","sha256":"7bd88988f8bc66f657633785ddacffd17f351f4aa2adf300c50f8d53fa216342","sha512":"636625190be216602c7e3830bb26659a74870eef16a651b5ab0e81b307ac2c58ec3286df3661febb8cad9b8d55b291d8d6a4b8dec2abe5045722e90e99a16ca5","ssdeep":"384:NsdO57aqPJyadnzACc6fKcQxwfbFhJjgI/AC4sJg+f5uIhNGAkrLhSFvY+2d5l8+:KdWaQMenzlffd6ygI/z443f5BGAGLqvA","tlshash":"d6b2cfe101115647ffb163b13b5f37c1273d78e84679caa2a6bb420ea347684474e38d","first_seen":"2026-04-20T23:45:00.329255Z","last_seen":"2026-04-20T23:55:40.596008Z","times_seen":2,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":81,"receive":37,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2531294974.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2531294974.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 9180\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":9180,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"57d375212971807f0fac7002c3bd5b61","sha1":"ea4de133dc8e65932caa996718a09e301684c79c","sha256":"0a34270cc9afa7f87ba65923f7f219e0fc19c11ee419d060d198959154a484ea","sha512":"2bf45c51ccbf7ec28d5c0c3e10b13d5389cfb8b98705cc7c504c122e7b86b69034e341eb100289e08d13c7299a1a83a5d2adb278f18275a694c065b776f68391","ssdeep":"192:+ox1FE8Zx+NVAPGL5tY7CmoViajNx7qhUp8QDgGrc:pvwyE5tY2RxacFjrc","tlshash":"1012af3673008b50ca9318fd2d9b0b88e65ba19a79de8f0a6084a1dfaf655ce35e5043","first_seen":"2026-04-20T23:45:00.334721Z","last_seen":"2026-04-20T23:55:40.672625Z","times_seen":2,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2358792715.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.005Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2358792715.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 48070\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":48070,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"85c51290ef512ae3f15b765f6b2e4177","sha1":"f83ab082e9b6e167d67648e0f05ce8c2e72b8bfb","sha256":"3d1804c2cfeb7eda02261512868d73e16774d2534864088d45694fb46333ba34","sha512":"0ccb8260f6ab4ce725f0acb66c1d76fea7a9fe194efbf1896e058001de32367b46514339020ac3790f5606de173d54f239de149f5d28df07a74d361a741e1b99","ssdeep":"768:zmSMJCweHirsykwFtjEBfq1au3StSXOFacjeB57Qab2U2A4QlsDGrYvs6/2Bdvs:zmvwHiOwFF0tSXeaQS9Qi4QlsDGbPdE","tlshash":"2623f1175bcbd7d1ec1d28be0b974bd553ba811ab88ec2130b90858fd65c1d9053aae3","first_seen":"2026-04-20T23:45:00.337634Z","last_seen":"2026-04-20T23:55:40.690424Z","times_seen":2,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":93,"receive":39,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2485265910.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.030Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2485265910.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 37316\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37316,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4a3ecbaa2e0048e0c0cb1a5da97944a5","sha1":"187cef19281a29eaa10080266dbcc3628abd65c3","sha256":"63dfdb8f50671276125c52fc0adea6f2ccdf49a44c4e6228a3744d310772be5a","sha512":"3b0339ece5ef709f4faa0d437e8b5469086016bd03852cb6abb82d4eb844761ff2ab53f7995f468d941c0f75f1181daf15b308b31edcd0f758db268075d63cc3","ssdeep":"768:eg5wj2IXjlrlPBe8eaR3OQl+Vs10SvTuO05+52SRBG:B9wrrJR3O+BsO05iDR8","tlshash":"03f2d027c427059cf35394bb1ef8b60e58e90671194386bac3b093213f6d1fb6e28699","first_seen":"2026-04-20T23:45:00.340431Z","last_seen":"2026-04-20T23:55:40.744166Z","times_seen":2,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":133,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2068573088.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2068573088.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 111120\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":111120,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"e1698baa81abb5111b576e8c403c64ac","sha1":"12b9951becd47ed0e3784b63fb856c7fe7193f47","sha256":"074c0315ac7f3480bcc0c7eeb9440ad73eb98ff987a4de25e4cc836219901881","sha512":"e0d08977e46f83a4ae5e87cd4af8a91454147bbf712381d33eac57d4b24b4bd2c6f89fb343ffc6d8cff02456623f39339d9ac5bf105cbfed002c753ae1882d50","ssdeep":"3072:nU+7/9Cvr7EPA/B16epgDuacvaBMr8h63+/icEVk4L:nPYjN/P6+gK8Iqiqs","tlshash":"25b3e027283290431527df08ecd69fae2750f6cab51a5bb4e05ece547288f95dc1cbb2","first_seen":"2026-04-20T23:45:00.118593Z","last_seen":"2026-04-20T23:55:40.637335Z","times_seen":2,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":12,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2578338583.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.161Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2578338583.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 132423\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":132423,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"aefadd3580a91804e4790c38745beaf3","sha1":"9fd6147be66e043f63634bccd92adeb0c8e04603","sha256":"96103a03351345392645dc995942bf4d98a8a2969f66ddd06c7b47261c0512d1","sha512":"9cad0bfffa7b9ed8c6581c5e3a26f7b4f942c6884fcd5a3ac23c2a3ed92ed9400d51a25bd4da1bf94a113eecf6df2217e480c377473279bdf8d80553364f10ca","ssdeep":"3072:9SaR0JYbIKP/rmOj6MBTLxlHp70Tgc09DN5FpQ:9Z0JYUKPDmI5CgcoNlQ","tlshash":"15d3020cc54f6c7fd9d9c97428d366e33986574c7edd96c01a9c0d89abae8a682cd308","first_seen":"2026-04-20T23:45:00.341859Z","last_seen":"2026-04-20T23:55:40.682079Z","times_seen":2,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":134,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-f0bfbb14.system.entry.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.994Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-f0bfbb14.system.entry.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":760582,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32104)","md5":"f38a0349207c3ccc84174e499caab419","sha1":"87cbcbb13bd64b89e1c21fba64e955d5f3f989bf","sha256":"82a0033209ce03d500695e849b4c1434c855149a77e77899d9c8e0941dc332a2","sha512":"0f8812094b3c7782288637edfdf852f2808c8d6bfb4a61bae0ce04e9137cdc0a53824534624fea604cc3a7b852b634f477f59c939534c82aa16d6b43a2af6a24","ssdeep":"6144:GydJsjmGj0qwdEPSnxY/vjAXcXDbo9dPEOF+o9yqhuRXO7VUMFB:PdjGj0qwdcvEaOFFuRAUMFB","tlshash":"17f45c88f3b53131c293a0b8d07f2506323a7d56a542811cf63dede95a68d4a62b7f7c","first_seen":"2026-04-20T23:45:00.343293Z","last_seen":"2026-04-20T23:55:40.735078Z","times_seen":2,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-1a7e80e0.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-1a7e80e0.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1596,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1513)","md5":"22c261c48f5a41a4316ea0003aaab22e","sha1":"9623072f6e657208f37b156c1e9d9e24e07bae12","sha256":"c6e3c77af06678546eee8da8743f62e56308a374310f2ec87b735e0e1a6de8f2","sha512":"c76013d79a867e5bce59464753a6ee81fd519db182c9961b63b0df504c6b6af74cea46a42fc58c5369a755352402c8475a78258d3b5d2de32b3f90bb2a11b701","ssdeep":"","tlshash":"9e31d4ffa360d1e02fcb1afbfe271082365508bf169c548561a86984e8939ce5231f99","first_seen":"2024-08-31T08:34:01.670998Z","last_seen":"2026-04-20T23:55:40.625613Z","times_seen":17,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1757779746_9383.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.817Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1757779746_9383.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 44570\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":44570,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality\", baseline, precision 8, 800x800, components 3","md5":"82b305033ae355e44196deae76b1931d","sha1":"bb671cdaaba4f5b372fc361fe3ced526354afa34","sha256":"39415a930ea19d7c76c6302fccc38e639e3f3a35722b627345638b732948ddf5","sha512":"b28f97b1632c2ac4105ee6bb11c7c47a82b50774ad5446d0f57f5d3f00a4129d32e079c2cc8034649664ec405320895ec2dfc16d67653eb150dd2d7282970639","ssdeep":"768:LEzomfhRzKn3sDUz29ZiAX3SkGDyv/CJVhEUuQNnPWmzMo+znWJbuUtG8U7DsI5E:gDjzKB2+038Dy3CThBuinE7nWE+G8U7y","tlshash":"3e13be4bac854a57692447b47e034f2c1b056b5cf5d13aff61134eeb7e60ab24c8d42e","first_seen":"2026-04-20T23:45:00.345517Z","last_seen":"2026-04-20T23:55:40.727554Z","times_seen":2,"resource_available":false,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2081250320.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.845Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2081250320.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 45814\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":45814,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3","md5":"0a6e5d70e21eaced4296121cd8a75ca0","sha1":"03a5db172de87d3aaf7b3d6380cfa315c573e6bc","sha256":"dede2ca9677f36bd43f5676f063db6a4d73de60deb989f49bf63c6fcd5b9196f","sha512":"69167ebc9a2a86f53e047a426fa8d8cef896788ee4dbf90034789befe6d37a5a5d0638b878dd616468e981cbe00bb5cdc1dbd382be561d3e6f868675325ae380","ssdeep":"768:AyqN9Eow8JpS3NowaAOumla6yYIHBpJFCeka1sZPkPnns3ezdEGnhh5qnULxpsW2:mNTXTS3NBNOumlaJYAf/ZDnsOzuGn1vA","tlshash":"9b23f1b923a67bc4e86d5f759425923c1035bee5764b43822cc12260fb4ed7bdd8f80a","first_seen":"2026-04-14T14:36:39.490315Z","last_seen":"2026-04-20T23:55:40.716653Z","times_seen":3,"resource_available":false,"data":null}},"time_used":139,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":126,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2524562606.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2524562606.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 154760\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":154760,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 2048x2048, components 3","md5":"40a5d1fc7e42cb6d57154c1bd0bce476","sha1":"804571ba1b7e0918eb9fcb69a60d83abb3896cc1","sha256":"59ea71fadf40aa30bf51c5f9d3d9c2dfae98d2813da94a24e892dd2f8cca081a","sha512":"b3bd22f8246d71b6cab868e71cbc5be07c8bfadc583b319bcd235f83670f6d6194e33f0df8f88c6d44fddca286a566ad65d4caf70e47a2cb9286bae4a19f56a9","ssdeep":"3072:SaF6IOepOm/plrDoWmKW2baopQEQ1U1QKsIWDl6AwKdjCv8bbQ3283cWMY4v53:SGjOqzrDoAiop+1UOKsjwZvAbu283bMN","tlshash":"f4e31201f604cc97d0254bb004df77b9b60a507a59f6f3c35f39426a68277baaf38299","first_seen":"2026-04-20T23:45:00.348031Z","last_seen":"2026-04-20T23:55:40.677404Z","times_seen":2,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":90,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2655448890.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2655448890.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 38260\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":38260,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 800x800, components 3","md5":"bb19bde669e902ccf9434e9bdbe47841","sha1":"59d2cce49addbe916f2e990f7464a17975d3789a","sha256":"9fdc00bd4387691dc154297c5ac40b4bcf973e5003ddcea6a857bf14aa7721b7","sha512":"6149d535ace4562182ced111ec364e8d6521c1f4c046d443abbfff68405096d04dbde6e2db83486bad1839b057571db9f4f60e8024742d5002bdf96b440abcdd","ssdeep":"768:DM5n5dmgAD8A+OgKEJE1bswdkDNw8K1Cc1SqXArrfDpqqEPncJW:Qd5dpcdwJYf2KTQrpLEPcI","tlshash":"d703e1058395db18c3aa6cb417c79fda121aa5c321d0ce3d69a805f12cbe1b49bbdf42","first_seen":"2026-04-20T23:45:00.349498Z","last_seen":"2026-04-20T23:55:40.689202Z","times_seen":2,"resource_available":false,"data":null}},"time_used":113,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":86,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1855125868.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.897Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1855125868.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 55358\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":55358,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2, hostcomputer=imagery4], progressive, precision 8, 800x800, components 3","md5":"9c027d91456338c679818f984e0efbaa","sha1":"c44e1ab71a99e9390f1b4d332b71bbaec2112314","sha256":"7a24459d9335355690a2fc9c13f3b64263785bd3a5f58780b6c2175fb7241757","sha512":"95817f03525bb7407a6eda8b220cce58d81aa448c9dbaf204621b73ea63780e79ca770a8b1445db2ad541305c76be1572bd7fdef56c14d0f04c8ff2e84dd570e","ssdeep":"1536:83QDMhF2rEpWmjHTnWawd/qgvHzQ0iGx41AH:83lpnTnWaWzHzQ0dx4yH","tlshash":"a64302963a60ab99eac08db812792b1cc155bd755d81cc993b01dce8ab37837d3346c3","first_seen":"2026-04-20T23:45:00.350816Z","last_seen":"2026-04-20T23:55:40.757745Z","times_seen":2,"resource_available":false,"data":null}},"time_used":115,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2045277912.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2045277912.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 102827\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":102827,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 1000x1000, components 3","md5":"7cb338a248f61ac9e1d5a6da509dd32c","sha1":"59e1b969ec268a62108d074cf30216a7ebdd918f","sha256":"bef3134a8f9555c4a2bce0cf6c69ddae03ed380defe1d8c49cb42d2c2dc7ed7a","sha512":"2eb3506eb29e9c3fb48ff74f186fb66412bded09f80a325188d664bab073f960ba4203ea2f7102fdb2d30948d7cf7aa4d585dc742441171efc0dcc305e35aff0","ssdeep":"3072:SQPff8iD+DIFlXZLV6wFwG4h2sMu+ome5suK3atncg:SQHXpF1FF94h2In5dKm","tlshash":"07a3ce30fbd3e3822f57659c647c3e7b6b8861d126c90a0712938d24b158f72e22b5bd","first_seen":"2026-04-20T23:45:00.352059Z","last_seen":"2026-04-20T23:55:40.72168Z","times_seen":2,"resource_available":false,"data":null}},"time_used":132,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2393362569.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.070Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2393362569.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8630\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8630,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"0ce41e07f6f1bc7780401a32a9f06239","sha1":"c86e391b67318b74ef93bc91604463561d2d5968","sha256":"a6e3bb0703f772bcf4179e9ab7bec2f3d93107728243046fd28dd6175f15cf42","sha512":"cd4242b4c08ab8ba71fe477b27fbf6813df5aff2ef0fad796217b09c0a6fccf8f824a33fc14fd67e06ca91a1c466433e7e92fdd780fe7a111b83a625fd05b35e","ssdeep":"192:KsxvQD/gz7uXGQ+xqk6f1+dbndS/oBrx/37mqzCGIcSFxc:pxv6GQqB/bnJrx/34AMc","tlshash":"53029deb019cd724dca01d7d0aea9380a992a9f5741c5638128ef9caf8cffe11942d5d","first_seen":"2026-04-20T23:45:00.237704Z","last_seen":"2026-04-20T23:55:40.708084Z","times_seen":2,"resource_available":false,"data":null}},"time_used":97,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":97,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1974121240.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.096Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1974121240.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 5758\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":5758,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"bb4a47b14ac852e31cfca8479f117990","sha1":"96092ca42a9900d6f88b0588a49e8fd13d5e81b1","sha256":"695869c6e74faacf4b7fe7e3036ae33d9428a0d2602632a68321c5a6ef9c3c55","sha512":"902a508d97aa942817d7484f8f36c01d7d1d6cf3c3725af8e24a13be22b2e6741b789fa3b8d885de6b7685bf87407bc8a40f213eaffe36232b798354572ed72e","ssdeep":"96:AIl/X/4ijrs0gJwd2412uG6Deq8HuSBPOpywR1h4DwQpbGgcIKBkuX3zZ+WaN4W0:3/7HBqcR1RDpSBYR78bGiK5Z+B4W/c","tlshash":"eec19f7e35350d7ff4c9577870fc0f211be9afd44f799258b60409222798a23baa880c","first_seen":"2026-04-20T23:45:00.283101Z","last_seen":"2026-04-20T23:55:40.717585Z","times_seen":2,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2632184407.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.826Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2632184407.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 8460\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8460,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"aac4ea4c9f87cbd0cab1781a4b302cab","sha1":"4dec51018ef213d66fbf8c9d6fc568334c91bd87","sha256":"d869d4d2e64d7208006d3e6e9bde901613791341f0fbff507d27bf92cf1dd70a","sha512":"2e3aa4a5877664672e4aa9f3f185ef7fa5da071ec346ed28abf25f7b335673b1cc6cb792df95dc9b89db02df7fad71547069274f3819c7be931ab81dd07dab55","ssdeep":"96:pIl/XbYmRwekq1Ojo5m2J+3WnRq7JHJKCbSzNJwD1eL+5bZVQeChNqvbZVZCYosc:e7R8jTsnRq7JHNO+z5bZalAlVLzhY2i","tlshash":"92028eb0ff20fb0ec9cf797e59e19fee83125610821a6a315918c13cd9c59d5c5e429a","first_seen":"2026-04-20T23:45:00.353616Z","last_seen":"2026-04-20T23:55:40.687878Z","times_seen":2,"resource_available":false,"data":null}},"time_used":82,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2053412840.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.023Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2053412840.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 106513\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":106513,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100\", baseline, precision 8, 2048x2048, components 3","md5":"dbcc22ce9099e79bdc573efca405c6d8","sha1":"d16d9c7bae7bc363514c14115533a21f4bf9192e","sha256":"cf9be25db3d79e9acefecbf133694929304a22b488170f94764140463682871b","sha512":"cdf9e9b9669cc9a4eb43fc44063c28c144fbb358cc730de9fc8d60c62fc1a3cebeee75bc8d19fd5665cdbfd2b453aa09631479184eedc24a436ea53a88a4e7ee","ssdeep":"3072:1ChLl7hk9bGeAIBeh6a/6crzt59ZNfsufj:Ehb0bDEhh/NPtDH","tlshash":"7fa302dd931ccd77ed564f76a42b2421abe8a2c44433ee179364840aa477ff4a82db1c","first_seen":"2026-04-20T23:45:00.354903Z","last_seen":"2026-04-20T23:55:40.751267Z","times_seen":2,"resource_available":false,"data":null}},"time_used":134,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":54,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2203591248.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.075Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2203591248.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 13368\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13368,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b8dd3ae2c25e0962f02b9f0be61d12c1","sha1":"6879ddc6e721b9b0ec1341f61c27b51798e647b1","sha256":"cd39434153b74e6a674f1aa22242df2bc069334a78df4982d182b26a2ac6c7a8","sha512":"267ab196bb6b58709b1cbd514de3ecaa14078342a5defd426dd49e81359a35c7e3e81b4e613768537bb23ae3ef545f8fd2a856662c3d68e21e604aabee54f2be","ssdeep":"384:vv1v8S/nECtsVXkLEv0hD2dRW69VSFMyk6BDqTnhac:vv1ESP898hD6p6MIAh3","tlshash":"2452aff949194ff2cca025b9a7f10fd1637a74fc9b84db971188049091a28e1d37e8b9","first_seen":"2026-04-20T23:45:00.155904Z","last_seen":"2026-04-20T23:55:40.61992Z","times_seen":2,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.300Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:44 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1239,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (1238)","md5":"9e8f56e8e1806253ba01a95cfc3d392c","sha1":"a8af90d7482e1e99d03de6bf88fed2315c5dd728","sha256":"2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8","sha512":"63f0f6f94fbabadc3f774ccaa6a401696e8a7651a074bc077d214f91da080b36714fd799eb40fed64154972008e34fc733d6ee314ac675727b37b58ffbebebee","ssdeep":"","tlshash":"6021d5743a18107e226a0133e56f66cee1f23715fd17e440408ad89566e4fe5063fed9","first_seen":"2023-03-07T01:02:00Z","last_seen":"2026-05-02T07:31:00.93093Z","times_seen":321167,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":107,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-f422bbf9.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-f422bbf9.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":24861,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (21482)","md5":"b9866a93a5d5bbf39d645c8011a79043","sha1":"f2451a698b88f1b132b5c35a8735e41e013e9508","sha256":"4ca32351b05aa213812a9b410b258692566dad6f09638417ebc46bd70834945d","sha512":"ac392e3f6da7e5ae5e31ab7bb53341ee3f150e69ef2e2ce8dfe8c431a6c8c3b9c607e1d593f04fb1e1b89b0be9d75039af9dab6d07653ae5c038fd614cc50d11","ssdeep":"768:it67gavUepkZghFoJ0ENd8jdoaS/xuke1Oty0d9:867tp+gB5S/xD3n","tlshash":"42b2d7bd76dc72316be234f5806fa007b3fb7662588cc924d616e8903d3a50a9067f6d","first_seen":"2024-08-04T21:57:28Z","last_seen":"2026-04-20T23:55:40.73978Z","times_seen":18,"resource_available":true,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-70434381.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:47.223Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-70434381.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:47 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:47 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1215,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (1132)","md5":"6536b11ec9e474a613fe1dcb2f844b30","sha1":"5bdd14a1dc9b5ab8933d64e8f93c898c3fb2a987","sha256":"7046cc41ce71ad1a3ce1a59613f385407dc549041228fc166e82b06adaee5b7e","sha512":"d3eb119ba373b56b91c8bc99ed9c497606c033cd122e099cfe517ac3e95a629423d77c2d784a9af992f0974db2cbd62391f0a84b1913254123260e7744a80be2","ssdeep":"","tlshash":"7121eb98d332e1f5295b8ac28b1d788e1489696e2fc10d3c633e83e749418ec7310c8a","first_seen":"2024-08-04T21:57:29Z","last_seen":"2026-04-20T23:55:40.701554Z","times_seen":19,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/JPRGC9ywAeu27icx4318t2iO2WMQG1Mi4rC5lDzU.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.812Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/JPRGC9ywAeu27icx4318t2iO2WMQG1Mi4rC5lDzU.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 15567\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15567,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 400 x 115, 8-bit/color RGBA, non-interlaced","md5":"74b7cb6e3ac681b3802ade222715a8b9","sha1":"1c2316bb504181bff789d85b98b2d80591193138","sha256":"ba6e9fe0249af00c70dc1dce7da30be0d1b9acafdf5919ee059c041f69c51e1d","sha512":"8095a3bb7877e6b7e33dfbf99167c96c263b0ad40d6de2319300e800149d26eeeb9d2beb7591bd116e90a575500e5591212369a94f8fec30d3bdd1086fb8c1ec","ssdeep":"384:AutstG09/JjQbx9mY6nvi28GXYO5iub2n75+6/IYOpC:vWGI/JjsHmhzn59s75JOpC","tlshash":"e462c0d4f724386aba292b49b527f28ab56581fddc7854e4f0981357b8e53e2c0b421c","first_seen":"2026-04-20T23:45:00.067124Z","last_seen":"2026-04-20T23:55:40.676869Z","times_seen":2,"resource_available":false,"data":null}},"time_used":60,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1757780150_7261.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.814Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1757780150_7261.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 51371\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51371,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), default quality\", baseline, precision 8, 800x800, components 3","md5":"53cb113b12eb95ee4017380bf1cc492f","sha1":"23e3cacb4b51d3b23be6fe5f0b326bb48ef0280c","sha256":"09f1b484e4b8789d2d65c1bbe21e321a9efe60e166246884fe2aa2ac9962f684","sha512":"9aa15f56c3c6058c28e38c947f21271c28bb8dc5209fc71a742d87951e817f225b777b9a5633f5d8b6bb548e4ef619ef7238b164a8b13f9242294e7a42cd0116","ssdeep":"1536:g+vXdWiOwwGBD0KlLAud9E8LM+TYIBvry:1XsFvKvYItry","tlshash":"6733d0239c1f0a53d1ae96d0ff1346ea6741aa0db4e234fb41624fde7ad06610cac275","first_seen":"2026-04-20T23:45:00.361351Z","last_seen":"2026-04-20T23:55:40.607436Z","times_seen":2,"resource_available":false,"data":null}},"time_used":77,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":60,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2120391344.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.855Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2120391344.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 96222\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":96222,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90\", baseline, precision 8, 1000x1000, components 3","md5":"c79af4294870519e7c5e24f7e64a8d2f","sha1":"22bdc4dbc2f7b22569a4e3ec00981b5011f6a3db","sha256":"ccc42abca101ee870c1248c8e2f09adb6b0ef6d803077f5aa82b1e9f01c042a2","sha512":"75f1be5ccd12b08da00e93d6e3a779595f09c4ff384ed67f0a184205625bf5f18cf4d632029067dabdbb9bb6ad82c6662fea60e42cfb3875e2e3562c1f032845","ssdeep":"1536:XRlVW9S42GL4svu4IJx6BETnGqoKbkRWHYPUEwKeArWZ+n1Ezg+BXKcbUujvmnRI:tWc5cvW4IJxdVP1YPJGMGxwJ8qe","tlshash":"8893d030f3c3d7815b6b198cb1bdbd7b1b8815d112d914130a631d2aa0a8fb9d64fa3e","first_seen":"2026-04-20T23:45:00.363248Z","last_seen":"2026-04-20T23:55:40.600391Z","times_seen":2,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2370738442.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.864Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2370738442.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 148693\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":148693,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 2048x2048, components 3","md5":"c02f06bd5c9f3a6ac892fe85d63bf6e9","sha1":"90d691faa9e5af2cb4bb3592c4a62a5fd397f8eb","sha256":"b7253322e82456321d046e08c3041b955087b38729b012400a84b98b01f94157","sha512":"5f27a023d764c0f84f817438b1bbc13e2019c5b9e59ba603d90f3e9ea6bca4460e9d749ad48d9b6f7e14abaf5765217648e38197a9bb1dca50dc82f4b0afd15d","ssdeep":"3072:6CRDmeiRZKoe64enptNTafvs3fhG+52xlUo1KXkCa5Yww:k7RSR+t1a3s3ZiFQXJa5Yww","tlshash":"4fe3027bcad00c6ac3e9f332529711717ed1a0b67152fe2707a185a150b1bb4bd18fad","first_seen":"2026-04-20T23:45:00.365176Z","last_seen":"2026-04-20T23:55:40.616247Z","times_seen":2,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":87,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2289488067.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.918Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2289488067.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 34082\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":34082,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f80ddc5b3669dadcbfd8cd5de9d35250","sha1":"ae1af55fa9b56698355097cbdbe8325f3f2a3c24","sha256":"5c9ae4727c8d59b875b0fe7460d07ceda3b2c9151b7e1832bf1e3670e0c54a43","sha512":"3311f4ae263be44d3dbdaee8320da257ef8b29e15490bb95e1ea46700b4940839536ed8e6c8dc84db71153b6699117d480716e620240a5d1fd7d8a77bfa9d7e4","ssdeep":"768:C1Z69YbDXsfrMs4WkOJy9gaaRec3q+drA:M6KbDXsTMsqOJ1qca+drA","tlshash":"f0e2e1b46d3fd28ed90f90f5c1c992da291ee696658404e381ad7cad4708f166c82e8f","first_seen":"2026-04-20T23:45:00.366911Z","last_seen":"2026-04-20T23:55:40.743289Z","times_seen":2,"resource_available":false,"data":null}},"time_used":128,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":99,"receive":29,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/form-builder/RIi64ZRaipSEbFiYi4QjUPf477kMPXG9QNMRnczj.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.784Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /form-builder/RIi64ZRaipSEbFiYi4QjUPf477kMPXG9QNMRnczj.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nvary: Accept-Encoding\r\ncache-control: public\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":422,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"2bd3dedf27d6559b45d7eed2b83cd7ac","sha1":"68249d93685aee8383a8feed275918215e8b824e","sha256":"f89c2877c9c35b2450b7808e00953a4bbcdbfa3449e4466b8b925685b3caba83","sha512":"e92ce6d3bcdc572d1d8de9db4a863d38b869b8c694fc0ba9a8b203737aba93e9a5fc1e0850f9257368db449a5b5d4118d46ff67dca261c4bddf441451b6c764f","ssdeep":"","tlshash":"a9e0ab4f005a73934911e2907dc01291b24523ff387192b936c4d46b604897dc9a96cd","first_seen":"2026-04-20T23:45:00.045639Z","last_seen":"2026-04-20T23:55:40.624913Z","times_seen":2,"resource_available":false,"data":null}},"time_used":31,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/form-builder/1834958911.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:53.624Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /form-builder/1834958911.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:53 GMT\r\ncontent-type: image/png\r\ncontent-length: 1070073\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:53 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":1070073,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2048 x 945, 8-bit/color RGBA, non-interlaced","md5":"171bbb7b01e4a3088ad9ea23f10e9fcb","sha1":"410c9dde2e5b0e686e51b172a915d4a81874cc9d","sha256":"a1adeb2382e4dd2760fc4287de82d3052fc9129a1a21b787ba892c1dfb0789be","sha512":"4094a5f6fefb29a210d9900dbedd7a462606881707a1b2b6163128b6e7492086a1ffc4c724bebe7d4d6a0720242c4b812232c0731005a5ab17d64a735015f803","ssdeep":"24576:Q6EzFx45vQIAdJwwrTRn6IfpIryG+5jhsZ:QzFxcXWNpIrlZ","tlshash":"682523f43ca2d5a906c77288f15dd6f46d9042e0c2b832ff0b23e752265bb6604d9b67","first_seen":"2026-04-20T23:45:00.368827Z","last_seen":"2026-04-20T23:55:40.760611Z","times_seen":2,"resource_available":false,"data":null}},"time_used":94,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":63,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/fonts/apple.css?v=2.0.3","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.793Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /fonts/apple.css?v=2.0.3 HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1424,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"24296d6d74490d61699305a341e386a9","sha1":"14b37be45d0166cfc526e9bf19d241394d63fe76","sha256":"10b02180a47dd76fe7bce54dd9c274fb10cb8bbec3113f13bde3d7562763204f","sha512":"b313aa0da7d8969e0ccdee9fc91a7c6d58ccdf83efd877b886d2e818c39ecfc8c1fce4560bc778e236a67d380f691d02d66f0d13103e6594523c2850f523bc1a","ssdeep":"","tlshash":"3621ac00641624047a321edfbbc69c12ef6b2467a249c8d6b9e12ba53ff55648394f0f","first_seen":"2026-04-20T23:45:00.371165Z","last_seen":"2026-04-20T23:55:40.6872Z","times_seen":2,"resource_available":false,"data":null}},"time_used":32,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1997559266.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1997559266.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 122424\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":122424,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 2048x2048, components 3","md5":"13b217bedbf80e8e0c91caadc71159c3","sha1":"ebfc06f6f899a530036cd5c1fb8cf062b8afea97","sha256":"61f43a1e8ca567d1581c058b47959d8ca39a503766b20a70c9dcba3d830a6402","sha512":"d2884f041b9c8c2007c7b61e99f847b022c1962826bc2490d7a39ddeaf3887f941e948b112bc252737d16f87c6f8d0930abb029c449ed2e1bf24dadf2ce609ec","ssdeep":"3072:J2JiR7zYH4qBMqEYb4NsHgtHfjWBtfpjSnTb:MHRBMq6NkgpOgn","tlshash":"59c3120a9ee97034d28e41fa0adfca17bb338f1192aa0ff572954e638631b9dcd54d01","first_seen":"2026-04-20T23:45:00.372984Z","last_seen":"2026-04-20T23:55:40.629731Z","times_seen":2,"resource_available":false,"data":null}},"time_used":136,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":46,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2246099101.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.152Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2246099101.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 220457\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":220457,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"890d1e716ce7b4f42285d71df65bad4c","sha1":"7a3d0d3e2e86bb36ef177e82bd78cd4a46214082","sha256":"1f3930714c02a7fe37f9b0971fc50e561fee971876fd7771eac733552508a66e","sha512":"d5dba52f205bf4b7fe41c2f3be61c06e9b58b65d22713247c70aa6e6a9b74bbe9371bea7420b0209bb7700df33f3c1f3000c9aa43dc7c74af61b02613bff1848","ssdeep":"6144:ESBOzHTQ3Wo+Dl77gKLckmyZ4+NAqsQAzb0nhJcxxxxxxxxxxxxxxxxxxxxS:aUWvt5LnmyZLjsnMnDcy","tlshash":"cb24132dda02b464edcf791991d2747a939a3c1d0727f8fab77659e006cf021283e789","first_seen":"2026-04-20T23:45:00.375259Z","last_seen":"2026-04-20T23:55:40.668124Z","times_seen":2,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":128,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2520468566.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2520468566.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 141364\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":141364,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3","md5":"694b53199de02872ab88331c40d69040","sha1":"cde06702c233aca47ea6d310f42db3263c2abe4a","sha256":"6702118c80c106ab2f5c29815c4f396e577de9fe5f9ac04cab4ffd2f3cb85e30","sha512":"78edfed45ee0eb122fec4201f54706797506a88a1dc167573198ec8c7695145449d4d834c683df25f99604135820466b62979248bc11b431761956afb36d8358","ssdeep":"3072:Syl470f7QD8jkJFX6Cf8IwcyPkDRvQxO2mD7M17En77miqcnc:jl4QTk2wnf8e2mD7Me7iiqcnc","tlshash":"01d312f15bdc8c64d29e823197d9590a2a954dbe33469baf56bec932407f30cbc86d0c","first_seen":"2026-04-20T23:45:00.37738Z","last_seen":"2026-04-20T23:55:40.726852Z","times_seen":2,"resource_available":false,"data":null}},"time_used":231,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":189,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/NkkIfawhncCv7pDgYBvp3ptELuB8LodpozjKfjOv.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.907Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/NkkIfawhncCv7pDgYBvp3ptELuB8LodpozjKfjOv.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/png\r\ncontent-length: 28506\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":28506,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 833 x 355, 8-bit/color RGBA, non-interlaced","md5":"ae65b92e2a0665719668b68e776e94ec","sha1":"9648cd9ef283a52e938b8f703d48cd48d68b5ed9","sha256":"41cd5c082b4e884087c9729a8817b56e3bade6ac4cd698558201f9fbbea20e48","sha512":"65a14f5c126f87ef4ccdf165c3e2685ca0a7b2c0067a075a87aca0beacdebf6a27438dc03c025eb59c7cde8ad6649a4bfa76605dc2555812e2b0139c307c2015","ssdeep":"384:rppkM+myGmvRXRIDhOqYFZd1qbsBaQLlBMzyT/kLTG6cqbcS3l0t6pmnZcxLu0ja:VmGzhOmb+ZB9gLHcRZcxLu0j81xd1z","tlshash":"5fd2e0d640cbb5c5e2495969831c38b89d63a609b3e0dce73cea4d2532262f510f97af","first_seen":"2026-04-20T23:45:00.382037Z","last_seen":"2026-04-20T23:55:40.715674Z","times_seen":2,"resource_available":false,"data":null}},"time_used":33,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":32,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/form-builder/2046246566.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:59.664Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /form-builder/2046246566.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:59 GMT\r\ncontent-type: image/png\r\ncontent-length: 1072984\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:59 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1072984,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2600 x 1200, 8-bit/color RGB, non-interlaced","md5":"f86f9a2ad55dbc8aedfad46975219b61","sha1":"0b6422c628e5de0dedbe31ccee5379e1cf81f158","sha256":"40b474ac844b7e05b63ee1ca7331c9adda0202450e2978ae105fdbd38aebfb3a","sha512":"641504de56144f44a5caec97a467623a9f50df53c919b2ad4ea67f29d7e108df55664e31a03a89b84f36bf3c302d898726fc53b41a51947a647e12c10edf56e5","ssdeep":"24576:I8mS1rZRQYQ7Nli/6Lkxa+jwTl9Mi7WSsyHu1rkcJVbpROQ0GT7:I8mS1rwYeNIccr69Zwj1rdd0GT7","tlshash":"072523fea48f9f15f99620324b1ddf2cdf1499d1c386a0a3b318e8749fd05c1a8252e6","first_seen":"2026-04-20T23:45:00.383859Z","last_seen":"2026-04-20T23:55:40.750083Z","times_seen":2,"resource_available":false,"data":null}},"time_used":67,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":36,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-20T23:43:45.134Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-length: 0\r\nlocation: ar/\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":946446,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-02T07:30:44.134397Z","times_seen":14514081,"resource_available":true,"data":null}},"time_used":628,"timings":{"blocked":288,"dns":219,"connect":29,"send":0,"wait":52,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2692027144.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.098Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2692027144.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 10900\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":10900,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"797d71b5ccfa35a93d944aebf3286c02","sha1":"18e01d039eeb1e10f5ae8e1526d63817374af246","sha256":"df840d550338b092edcc850cd0c9418f5d38919060fbbdfdc7c0121055a8da72","sha512":"00ef16f58565580cc1142b2c3f2c0782b5b60316025b238de9debfce7a153867bdf953ec9a246bdaaf93ccfa5873fd25bf0078ec2ad943a3600a9d0d0fb5e739","ssdeep":"192:NjYMWINysaIcT4iaXyMWcYizb7xveatuiVgR9jS5oS3walCe5HGk2c:1xWc3XyMWEdeaYiV0925oajx/2c","tlshash":"a222bf0209e0039bc29f87fb3eb91be290531466df0e5d5978ce43fa1a546508d69fe3","first_seen":"2026-04-20T23:45:00.386585Z","last_seen":"2026-04-20T23:55:40.691708Z","times_seen":2,"resource_available":false,"data":null}},"time_used":83,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":83,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2614157685.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.102Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2614157685.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 11868\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11868,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"d40f0659c60849c72845c2ef14cf776f","sha1":"0601bd38a0f1475bfa1f7d94827f434f02a22530","sha256":"483da276c07a568597bd758f21b014f72d8142adbbac195e2cd043d16efeaa5b","sha512":"702dae32e1962cc93a3b6e8481595762282884a92dea06ca9568f0248d2cd880896766f5b9a3cf08d343f0641ae11fca0d09da994e4432e541fc71ea1cc62995","ssdeep":"192:BUAmByoa4UxxyXGiSmiRyguXgo+rzu5NzfF0SAwT8VmPUzncfdfQ/0wAA5EGBDRC:TmZa4UPyXGiSmiRyg9RrERj/kIlfpdA2","tlshash":"4a32bf2f736897ccd6f4d3b01808a6be4d12a4addf4b265d892ddd763c82ab36404197","first_seen":"2026-04-20T23:45:00.388398Z","last_seen":"2026-04-20T23:55:40.667512Z","times_seen":2,"resource_available":false,"data":null}},"time_used":87,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":87,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1747010359.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.127Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1747010359.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 491648\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":491648,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1080 x 1080, 8-bit/color RGBA, non-interlaced","md5":"a9f76917cc29c012ae1c7cd77fdbe26e","sha1":"48f75e2100b985a5075e7d4e3896a7856bad3cc1","sha256":"3cf5dab1f4a541b3b753b7907faa220151238b129bfaf0bfbeb2f8a6eabc625e","sha512":"3a4e84dfea4461574e499000a71b45cc42d66f3dabcf00cc60630d043c087622593eaeae292f4430225e1304341e14f48876071d08fb050c6325c1620919c751","ssdeep":"12288:/ALSboRQQqRK0wdGyREg8IdIIiVMuFSdIp3uQDPHhB:/ALSbdKGtg8GZuFGQPPBB","tlshash":"57a42396c9309e418c7d20b0fefa0b2f7e6a24c76d89b4a53b5e16d5ab3035810c57de","first_seen":"2026-04-20T23:45:00.390134Z","last_seen":"2026-04-20T23:55:40.752416Z","times_seen":2,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":24,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/1830491783.png","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/1830491783.png HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/png\r\ncontent-length: 306198\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":306198,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1000 x 1000, 8-bit/color RGBA, non-interlaced","md5":"e8e739f1143a647f761897cbbfccfbd4","sha1":"04ba223d8c57094cff4f6be399a735dfc6a9202c","sha256":"6f5101772401ef79c9f1453da3a0690591ba713ecf37fb2191a62768b58a5640","sha512":"b43f569fde5f56b4d50ad31ff352e064545e7b37cc61dc33d219af6d67a2aec2f1aa0cb47762b06ac58eb12fa2315c9ee624a41a61a4b2368eb2649254e0f1f8","ssdeep":"6144:BSKNw5BObP3/65GWgMHAOREtmayiW0pJZ76OTAeGsnxp2L8:BW5oP3/CGMHAORElNJZemA7qxsL8","tlshash":"1054235974e340f4ee6232f05feeba7198b726328a4f04305a065a9d44e7ca62f62f54","first_seen":"2026-04-20T23:45:00.391802Z","last_seen":"2026-04-20T23:55:40.63242Z","times_seen":2,"resource_available":false,"data":null}},"time_used":153,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":135,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2716721479.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.181Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2716721479.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 236371\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":236371,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"951369f1afa780eca30385d95123564d","sha1":"b5fce53fbb9a9c64848d2e79c6639a3a2e458970","sha256":"3304a1e514c53d5c6e70cd5c41b76c0374711675ecff4b6e8d1a92c27b302327","sha512":"b9de19582f56b4040b32a25fde5e4ab3a53e5611ca8af7a8529e7b57464ef6690dae994f3113711572072a5333c200be6f0efdc3cfde19ad6e6b05be5354c4b1","ssdeep":"6144:59Nd1141xXdMz1m7IV5pFTPiLoBc81s7uGPqzuLXcgaPGW703wI3i:PLbWxXdS1m7apFKic8KuOqzuzcgOGBli","tlshash":"2334122ab7bbd61e63f5019613a3ccab7bb315301fa10d967fe4ba8c3a20e51365d405","first_seen":"2026-04-20T23:45:00.39343Z","last_seen":"2026-04-20T23:55:40.718247Z","times_seen":2,"resource_available":false,"data":null}},"time_used":181,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":156,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2633503189.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2633503189.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 170185\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":170185,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"19a91ebd1f03a88d630f3f20b0a5998c","sha1":"fa6054693cbaf1b670ec4b70c39c4b5d23165cd0","sha256":"d47ca4a8d7deb4032e909fe00d5594d739ae4cd6e7bfdda9e1ffd140484dfd84","sha512":"89e03458d9e05d0ae6b6e8207ce1bee40811bbafe0ac536623aee9b94a6c96658397ec415cb1d530d220ba864258f70c7acad9cb47297c7ae02a255c4c2929cc","ssdeep":"3072:1lYa4WixkY6gqbYkRoqBMIiKzuj9Sr4gqHv7b54qzcCwDa6uiLEvDR4VckBDFAb5:nYa4WixD6VckRoqn0j9SvqPHzLOHE7M4","tlshash":"f5f31295bd63be8afe5d45e00041bd047ff59c2273dd4b7ed223648a628d84c0a1f7a6","first_seen":"2026-04-20T23:45:00.39778Z","last_seen":"2026-04-20T23:55:40.718746Z","times_seen":2,"resource_available":false,"data":null}},"time_used":188,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":157,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/fonts/lib/apple/AppleGulf-Medium.woff2","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.786Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /fonts/lib/apple/AppleGulf-Medium.woff2 HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/fonts/apple.css?v=2.0.3\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: font/woff2\r\ncontent-length: 42700\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\naccept-ranges: bytes\r\nexpires: Mon, 20 Apr 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=0, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42700,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 42700, version 1.0","md5":"c8ab0e7478ba20a7aae1277e5ae0c4ab","sha1":"911da333c1a1ff7aa841af1b057e5f9dc2f86766","sha256":"60a6ba55798ea745847c6de9ab7c017f935f7e29e4f820a8a8ba1c511669b7b0","sha512":"b053166d34272b5a427656e72fc91bfebf5ff8acc0e360168a384e43c483c03ad16450a7666d2fc12bcd625c8d6a71233f205e8d34b23ada6aaed6676677fa67","ssdeep":"768:Ixy3GjVlW7DgT+osAlXQ8h2//3XNXPFNnBiABtXQTvniN4UxZnzg:/3Gj/WvGQA2n3d/FVBtXMPx","tlshash":"0913f13954cb1bf1db63c0d136c70428a73d2b56bc8ee9819949e8ed41cbad709ed2c8","first_seen":"2023-06-10T17:39:16Z","last_seen":"2026-04-20T23:55:40.715232Z","times_seen":105,"resource_available":false,"data":null}},"time_used":38,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":37,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2035808508.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.908Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2035808508.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 49512\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":49512,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"369ad8eb2d1ee6d399e0933e3731cd08","sha1":"72f3b90fb1b65d4dde9f18123a178d55ba6b0897","sha256":"a571a9e6bd75e2585af951bf47049ef3ae983678ea8c69e16b099810dad184ee","sha512":"c16158f376d1484a618038408cc137e044f51b72f89f0466a3bd8115de975e20b5a1d4020125c0815d20808ffde880a8f1bfc5eaef7eeeb8371cb25db8a7eb6b","ssdeep":"768:OIvfKLO1tRq9quIEbYGuusVz5BfFaXXbHGF7LZ4/lWVEtcyrvgOMdGF:ODW0nYtuAsXrmFVEtcyroOM4","tlshash":"2123f1d8520ed691fdf714fc8435ab47c236f969529dbf0c1aa23463ae76bb02418cd8","first_seen":"2026-04-20T23:45:00.402764Z","last_seen":"2026-04-20T23:55:40.616999Z","times_seen":2,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":106,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2620880714.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2620880714.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 76865\r\nlast-modified: Thu, 19 Mar 2026 12:51:51 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":76865,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"88b0267594c92298c500145abfbbbee0","sha1":"1659abe05cc5b479cc6c1de821c2007c5b04989e","sha256":"3e33bffaf8a07783961b9133dccb22852d61e5c832f94b919c054ef3f530d48b","sha512":"d227a10d86c683b5377329477682eead873e8f469232b4468b75f053ac3e41804fd516372e387172831f6471c81c35dce876c9bc47dc6875370b0b68254f129c","ssdeep":"1536:ro+w7gCcVvwsCnItOm+LwT5A2NzE2RW7RuZ3pRcsiOONVGt3Li+d6:ron7Ut7+8FAtyW7RI5itLGt7d0","tlshash":"cb73f1c5805f8c39eb51ba71d3c039b5487f5e19b97ac5f68ce28a931032db21e6b624","first_seen":"2026-04-20T23:45:00.406039Z","last_seen":"2026-04-20T23:55:40.67799Z","times_seen":2,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":82,"receive":47,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2453604485.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.113Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2453604485.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 51656\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":51656,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 1450x1450, segment length 16, baseline, precision 8, 1000x1000, components 3","md5":"e9990c951199bd8dbc031fec44a8b2a9","sha1":"214f2709ddaa2746733f35d42b326af20f9ab984","sha256":"f0703a9e10385a941761dc048089222415b2730b3d003890247a8b39b7e0c79f","sha512":"124718914c70594586d7725380036c4a5fcf8f2c61a6fe62fd34f5332c5104971ce0b6a62568cb3bb7b306b5c50d88c8cfbdcf987cdce50e9b816f5f395c823d","ssdeep":"1536:rH7K6DZAjUXTvojWi9jgjcNnLBd54CDWnT:rbBFhDv+B9jgIBHbinT","tlshash":"f133f1934e641383f38d657990d7eba12fba8b493461e76a74c340af03f5e32465b05d","first_seen":"2026-04-20T23:45:00.408029Z","last_seen":"2026-04-20T23:55:40.741663Z","times_seen":2,"resource_available":false,"data":null}},"time_used":75,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":74,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2735473341.jpeg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.183Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2735473341.jpeg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 215142\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":215142,"size_decoded":0,"mime_type":"image/jpeg","magic":"PNG image data, 1000 x 1000, 8-bit/color RGB, non-interlaced","md5":"19461d18598d15999ade1a048c105125","sha1":"f0f52a0726b4e85968fcf71e1ccdb94b7020493a","sha256":"57185a9dffbe236f001035ab096cf364ebc1e90abf5f9f176a5fda4cc3aca4da","sha512":"1d1a9ce3357a56ea171ecafa95cd495c848b8d6831d59490820ace64c1269bd8879c7a19b74f9fd58ee4fed9c019d364f3bba581046bad97a81628532fd9438c","ssdeep":"6144:ytHVxjF5KbL67qN05ugYDev41/lZP5c22qK:yt1tFaO7w0nnK/LP5WqK","tlshash":"e324134cb74d9c8add1214415ac7adba8e820fd35ab9cf6025a3e345791d33f732a258","first_seen":"2026-04-20T23:45:00.410924Z","last_seen":"2026-04-20T23:55:40.759456Z","times_seen":2,"resource_available":false,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":158,"receive":14,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/js/twilight/2.14.24/p-3e698672.system.js","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.829Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /js/twilight/2.14.24/p-3e698672.system.js HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: text/javascript\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:48 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":194095,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62996)","md5":"b9502109edc5331a9097fe50752c11a3","sha1":"98c13333496d548e25f4d70bc9ddb15eed04e28c","sha256":"d88f7aacf1802530a6200d95f69c04e4bc32354cf33d94ee6ed8ea2f18adf873","sha512":"ae14b61c41768bd1c830a67fefcac139148eac6a3d1eb537ab066abcbcf22a5cf04432b851f4dd0321c556e6b403bcc2d8d506f7250025f5e7ad62197d05e7d5","ssdeep":"1536:AKBtVLZ5nW5EcKRhwZHycMuMkQPmnLnUeeMfMlNYlY6q+BlDLfLsW2jKYHd9ouf0:bBtQEcKRhwZHekQPmnLuGi0sd9Sxp2E","tlshash":"cf14b6ddb2e6b07343d6627ca02f2106b236b969749d8214f154ece93d3d90a9233f79","first_seen":"2026-04-20T23:45:00.414777Z","last_seen":"2026-04-20T23:55:40.734554Z","times_seen":2,"resource_available":true,"data":null}},"time_used":34,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":34,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/zuck.js/dist/skins/snapgram.min.css","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.802Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /zuck.js/dist/skins/snapgram.min.css HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: text/css\r\nvary: Accept-Encoding\r\nlast-modified: Thu, 19 Mar 2026 12:51:44 GMT\r\ncache-control: max-age=2592000, public, proxy-revalidate\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":486,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (485)","md5":"faaf9145983e4c0a5d6e73f8165ce236","sha1":"d52460613ba35bd12c253ee74ca5f4afb661dfbe","sha256":"416d086278361be071a74e712cf0c193c39cfcae1f559e277ebb0ce34ceda6da","sha512":"f8ef9cd2f168d2bd40290527b572a56991ed04673b7dd89da4ab91e0348fe400aad22f3df9862edb23b09617fbe428561d5dc25767ea508205075be6ee85f3f5","ssdeep":"","tlshash":"17f0e03e58cd433f2dcaf3fa96609cd9bc8458c0e410038e56feb65f9c31d151a21210","first_seen":"2023-11-01T17:46:05Z","last_seen":"2026-04-23T07:36:19.019258Z","times_seen":27,"resource_available":false,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2376522357.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.834Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2376522357.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 42712\r\nlast-modified: Thu, 19 Mar 2026 12:51:50 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42712,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"c096d54b299388af8291aa9685d0d27d","sha1":"5727b62a27b8edcfcb7731872ec5cc4e9eced249","sha256":"5032647e36483c3a4a1caa314d8245ae129a16a7101d98e09621f4b3323c5e4f","sha512":"a8b491542b31374e5b8ba9033bbac98a465c685ab037055fc4d63f82245e47245b6d9125fc02d414110ead370ecf0d7a9cdab2147233a3f6fe47ed9e3b39c118","ssdeep":"768:ZnmoGjFBvUa/mQhZqTfRqYq39TqWEmsRLaPL0vUD+wdm8k1o0UYxDHLfd:xmowca/mEqTf0Zq/FaIC5ey0UYhrl","tlshash":"f213f12ed0404f17c42f0975bbfdb504b7c26952b03b788fefa625988ee9a1e6444e90","first_seen":"2026-04-20T23:45:00.420447Z","last_seen":"2026-04-20T23:55:40.703898Z","times_seen":2,"resource_available":false,"data":null}},"time_used":130,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":25,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2335737114.webp","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.962Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2335737114.webp HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/webp\r\ncontent-length: 48496\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\ncache-control: max-age=0\r\nexpires: Mon, 20 Apr 2026 23:43:45 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]}],"data":{"size":48496,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f21613f48da9f85dc084c08489aaf7fa","sha1":"ef7ec40dc9e0e648ad4c21ab34741f276139704d","sha256":"6501e824703c4a2cef7696d32b9e9d912f2809e2a1a3989644526e59c67a8c36","sha512":"8cd62fbb3d1c402f787b4974a6ced9e3f9cb5b83ab175a83366335abcf2884d8b6db8f363a871a7db76f20d9182077a9eec81390997a373d4d0833dcdb79fdee","ssdeep":"768:GvQ7EB/ospJwhoyQ5u2y7CDIYEODmn78XVcgpgvGuJzHpbRVOOCY1WKY3Etmt6+I:GSEBBc9QoCDkgm7wVcgevLVVONv33EIc","tlshash":"b623f1ff31c25695dc0f80b609315a9b8671179b6d44acf99907c3842f75ba20fbac8e","first_seen":"2026-04-20T23:45:00.422911Z","last_seen":"2026-04-20T23:55:40.630437Z","times_seen":2,"resource_available":false,"data":null}},"time_used":118,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":80,"receive":38,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2042905048.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.207Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2042905048.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 78949\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78949,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 800x800, components 3","md5":"b5b8d79e3c3d06eeb6269f677e1e5b18","sha1":"d0f8bdbca192669f4896988ad19f0c41ebab2d00","sha256":"593b8b4334789f3c84f518ed55ddf6dd9f90e5a76d594d8b0b9aa06569378fba","sha512":"c68cb0a12be1bb8eccbbe6db955d9d7df35a1684f8d2b1224dadb5484daf7fe28fa8aa7445acc971193a83689f4a184b057cecd0cd36f6d7d04bf36e1d56806a","ssdeep":"1536:tBZ01Psw5g7Z7vhoUA6J67C+FLm/tuKWcRGWcQEHSVmg0iXt0wRk5dSilm:tP7sIJoCiUuKWcwdHSV90i9Zk5dSKm","tlshash":"74731209ada2614de705927ca7a3ab9b560bc0852deec859de33837510fcc653d03caf","first_seen":"2026-04-20T23:45:00.425238Z","last_seen":"2026-04-20T23:55:40.604552Z","times_seen":2,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":188,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2444826329.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:46.252Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2444826329.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:46 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 8535\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:46 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8535,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 240x300, components 3","md5":"b65756945e23488e6b6adc75bdee5d9a","sha1":"66d9014e717e3bc066df6f6280c65a691d493816","sha256":"5f1a404b60e2fb419dca7406dd3e427f063a3797c2b05f0c4398f4afd358e508","sha512":"0c5833f9792bde222f1bc8ce5f3a5ea36cb24cb4470c75e47b2e8685b4950c1fa003e8e31556419a6d05c2df5eaa92b6df20549693ec77dee19f0b7fe6ea2580","ssdeep":"192:aAamSqr8xDPyiRoprkANQnbNIfHvxxM0E0z:wmSzVaJrlNQbavxx1EK","tlshash":"08028e88fd58940ce810c47218f91672d0f10e5fb8581cef2b166ebe865c9925d7afec","first_seen":"2026-04-20T23:45:00.42881Z","last_seen":"2026-04-20T23:55:40.644897Z","times_seen":2,"resource_available":false,"data":null}},"time_used":209,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":209,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wa-fi-store.site/oNQR/2535115972.jpg","fqdn":"wa-fi-store.site","domain":"wa-fi-store.site","tld":"site"},"ip":{"addr":"31.22.7.243","port":443,"asn":34119,"as":"Wildcard UK Limited","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wa-fi-store.site/ar/","date":"2026-04-20T23:43:45.895Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.wa-fi-store.site","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Thu, 19 Mar 2026 11:49:45 GMT","end":"Wed, 17 Jun 2026 11:49:44 GMT"},"fingerprint":{"sha1":"B9:79:3E:DA:DC:8C:BA:61:B3:42:64:71:8E:D2:DD:F6:7B:B4:AF:4D","sha256":"39:8E:0A:E9:D9:7C:EF:7A:7C:CB:3B:94:8C:56:09:FF:34:83:DA:DC:11:A3:2A:AF:A5:DF:F0:44:0B:D6:2F:78"}}},"request":{"raw":"GET /oNQR/2535115972.jpg HTTP/1.1\r\nHost: wa-fi-store.site\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wa-fi-store.site/ar/\r\nCookie: PHPSESSID=kp87ua2amtoel9vmtkkob0sbb7\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: openresty\r\ndate: Mon, 20 Apr 2026 23:43:45 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 36776\r\nlast-modified: Thu, 19 Mar 2026 12:51:49 GMT\r\naccept-ranges: bytes\r\nexpires: Wed, 20 May 2026 23:43:45 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public, proxy-revalidate, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenResty","description":"OpenResty is a web platform based on nginx which can run Lua scripts using its LuaJIT engine.","website":"https://openresty.org","common_platform_enumeration":"","icon":"OpenResty.svg","categories":["Web servers"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":36776,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], progressive, precision 8, 800x800, components 3","md5":"02e77d9d15bb776bb4500504fb28ce0a","sha1":"c9a2d8cae4e614c5f5f52a9112634b6eb0f5b379","sha256":"58e265903686d536026b8aaa81cb2e87995cc09332464bfcf9ad68b59f3d195e","sha512":"0d5d291124c7e81f5e8b333bb8c9be53140f3c525918f25c36d2df83ebcbec8b434c8ae9d25665d3575e0e0123751ab2a134278d845cc8ae8b3629418bcb1510","ssdeep":"768:agDzXN1qjCNzOmm01RXn+Y9lp5POgraiCqO4BVcGHRV:tVUqzOmBXn+Ilp5PfOexV","tlshash":"64f2e03cbbd19d88ede769309880162baf201eeae5cebe771105059c88f74ea0c854cd","first_seen":"2026-04-20T23:45:00.430408Z","last_seen":"2026-04-20T23:55:40.709951Z","times_seen":2,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":21,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-20","alert":"Sinkholed","trigger":"wa-fi-store.site","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}